[389-users] Announcing 389 Directory Server 1.2.6

Aaron Hagopian airhead1 at gmail.com
Tue Sep 14 13:59:45 UTC 2010 

After upgrading, although it's possible it broke on one of the RCs since I
do not usually run the admin server on my development environment, when I
try to connect using the 389-console I get an error 32, cannot connect to
the directory server....

When I look through the admin-serv logs i see:

[Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1]
admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1
[Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1]
admserv_host_ip_check: host [localhost.localdomain] did not match pattern
[*.barf.hra.local] -will scan aliases
[Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1]
admserv_host_ip_check: host alias [localhost] did not match pattern
[*.barf.hra.local]
[Tue Sep 14 08:53:43 2010] [crit] buildUGInfo(): unable to initialize TLS
connection to LDAP host barfolomew.hra.local port 389: 4
[Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1]
admserv_check_authz(): passing [/admin-serv/authenticate] to the userauth
handler
[Tue Sep 14 08:53:43 2010] [crit] buildUGInfo(): unable to initialize TLS
connection to LDAP host barfolomew.hra.local port 389: 4

Now I see what the problem is about the cert name but I never told the admin
server to use TLS to connect to the LDAP server and when I was running 1.2.5
I never had this problem.  I do run my server on SSL as well on port 636.
 Is it trying start TLS because it can?  Anyway to disable that since I do
not feel like generating a new cert to match my administrative domain I put
in when I setup the DS.



[root at barfolomew admin-serv]# rpm -qi 389-ds-base
Name        : 389-ds-base                  Relocations: (not relocatable)
Version     : 1.2.6                             Vendor: Fedora Project
Release     : 1.fc13                        Build Date: Thu 26 Aug 2010
04:34:30 PM CDT
Install Date: Mon 13 Sep 2010 09:19:02 AM CDT      Build Host:
x86-20.phx2.fedoraproject.org
Group       : System Environment/Daemons    Source RPM:
389-ds-base-1.2.6-1.fc13.src.rpm
Size        : 6043179                          License: GPLv2 with
exceptions
Signature   : RSA/SHA256, Thu 26 Aug 2010 08:43:14 PM CDT, Key ID
7edc6ad6e8e40fde
Packager    : Fedora Project
URL         : http://port389.org/
Summary     : 389 Directory Server (base)
Description :
389 Directory Server is an LDAPv3 compliant server.  The base package
includes
the LDAP server and command line utilities for server administration.

[root at barfolomew admin-serv]# rpm -qi 389-admin
Name        : 389-admin                    Relocations: (not relocatable)
Version     : 1.1.11                            Vendor: Fedora Project
Release     : 1.fc13                        Build Date: Thu 26 Aug 2010
04:53:40 PM CDT
Install Date: Mon 13 Sep 2010 09:19:35 AM CDT      Build Host:
x86-20.phx2.fedoraproject.org
Group       : System Environment/Daemons    Source RPM:
389-admin-1.1.11-1.fc13.src.rpm
Size        : 1510119                          License: GPLv2 and ASL 2.0
Signature   : RSA/SHA256, Thu 26 Aug 2010 08:49:10 PM CDT, Key ID
7edc6ad6e8e40fde
Packager    : Fedora Project
URL         : http://port389.org/
Summary     : 389 Administration Server (admin)
Description :
389 Administration Server is an HTTP agent that provides management features
for 389 Directory Server.  It provides some management web apps that can
be used through a web browser.  It provides the authentication, access
control,
and CGI utilities used by the console.




On Mon, Sep 13, 2010 at 2:03 PM, Rich Megginson <rmeggins at redhat.com> wrote:

> The 389 team is pleased to announce the availability of version 1.2.6.
> This release is essentially the same as 1.2.6 RC7.
>
> * Release Notes - http://port389.org/wiki/Release_Notes
> * Install_Guide - http://port389.org/wiki/Install_Guide
> * Download - http://port389.org/wiki/Download
>
> === New features ===
> * Upgrade_to_New_DN_Format
> http://directory.fedoraproject.org/wiki/Upgrade_to_New_DN_Format
> ** in order to make sure DN valued attributes can be searched correctly,
> an upgrade will automatically fix these values in the database
>
> * Replication_Session_Hooks
> http://directory.fedoraproject.org/wiki/Replication_Session_Hooks
> ** API for plugins to intercept replication session at various points
>
> * Managed Entries -
> http://directory.fedoraproject.org/wiki/Managed_Entry_Design
> ** Used, for example, to automatically create the user's group entry
> when adding a user entry
>
> * Subtree Rename and Entry Move (modifyDN with newSuperior)
> ** https://bugzilla.redhat.com/show_bug.cgi?id=429005
> ** ability to rename a node that has children
> ** ability to move a node, with or without children, to another parent node
>
> * Security Enhancements
> ** SELinux Policy http://directory.fedoraproject.org/wiki/SELinux_Policy
> *** https://bugzilla.redhat.com/show_bug.cgi?id=442228
>
> * Matching rules
> ** support for all RFC 4517 matching rules (except the FirstComponent ones)
>
> === Bugs Fixed ===
> This release contains many, many bug fixes.  The complete list of bugs
> fixed is found at the link below.  Note that bugs marked as MODIFIED
> have been fixed but are still in testing.
> * Tracking bug for 1.2.6 release -
>
> https://bugzilla.redhat.com/showdependencytree.cgi?id=543590&hide_resolved=0
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20100914/10cbf354/attachment.html>

More information about the 389-users mailing list