<p>I have been attempting to add the entries suggested in <a href="https://bugzilla.redhat.com/show_bug.cgi?id=431103">https://bugzilla.redhat.com/show_bug.cgi?id=431103</a>. When i go to users and groups in the Directory Console, it is blank. When i choose create, it gives me an option to connect to another DS. when i select that, the default values for User Directory Host and User Directory subtree are (null). Bind userID is blank. If I update these to Host to localhost and Bind User ID to cn=Directory Manager, I get this error: "Specified Base DN is not valid: netscape.ldap.LDAPException: error result(32); No such object" Does User Directory Subtree affect this error? What should it be? I tried dc=domain,dc=org.</p>
<p>I also get a "No such object" error when I try to connect to the directory now with the LDAP Admin client.</p>
<p>So at this point, I am unable to add to the Directory, so I cannot try the workaround suggested in Bug 431103.</p>
<p>Additional information: from the host itself, i am able to query</p>
<p>/usr/bin/ldapsearch -x -h <a href="http://domain.org">domain.org</a> -p portNumber -s base -b "" "objectclass=*" <br>and it returns<br>result: 32 No such object</p>
<p>This seems to show to me that the host can access itself via the domain, and that something else is still wrong, because it is now returning error 32.<br><br>nick</p>
<div class="gmail_quote">On Fri, Feb 29, 2008 at 10:30 AM, Rich Megginson <<a href="mailto:rmeggins@redhat.com">rmeggins@redhat.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div>
<div></div>
<div class="Wj3C7c">Nick P wrote:<br>> I am trying to install and configure my first FDS, and first LDAP<br>> server. I have spent many hours with little fruit so far. Currently,<br>> I am receiving an error at the end of the setup-ds-admin script:<br>
> [08/02/29:02:37:41] - [Setup] Fatal Could not register the directory<br>> server with the configuration directory server.<br>><br>> The error is similar to what is described in this bug:<br>> <a href="https://bugzilla.redhat.com/show_bug.cgi?id=431103" target="_blank">https://bugzilla.redhat.com/show_bug.cgi?id=431103</a>. However, my<br>
> configuration directory is _not_ on another host. I answered 'no' to<br>> the question of whether I would be registering with a current<br>> configuration server. I don't know if the solution presented there<br>
> would work - I am forwarding a port to the server, and do not have a<br>> <a href="http://hostname.domain.org/" target="_blank">hostname.domain.org</a> to use there. I have had trouble adding entries,<br>> so if I added them and it didn't fix the problem, I would not know if<br>
> the solution failed or if I failed to add the entries properly. The<br>> server is NAT'ed and receiving a forwarded port. so I have been using<br>> <a href="http://mydomain.org/" target="_blank">mydomain.org</a> for the servername and identifying the port that gets<br>
> forwarded.<br>><br>> If you can help me make some sense of this, I would very much<br>> appreciate it. If the workaround in the bug above is the answer,<br>> could you address my specific situation of not having a FQDN with a<br>
> host and everything - how will this effect the entries? After failing<br>> to add entries with success many times I have started to use a windows<br>> client, Ldapadmin - could I use this, if the work around is the<br>
> solution? Should the entries go in o=netscaperoot or dc=domain,dc=org<br>> ?<br>><br></div></div>You should use dc=domain,dc=org for your user and group entries.<br>
<div class="Ih2E3d">> I am also including a portion of the log file that was created during<br>> the installation. Is there anything here that shows what the root of<br>> the problem is?<br>><br></div>I think the problem is that the setup script assumes that if you want<br>
the server to use hostname <a href="http://ldap.domain.org/" target="_blank">ldap.domain.org</a> then the hostname<br><a href="http://ldap.domain.org/" target="_blank">ldap.domain.org</a> must be available to resolve to the setup program. I<br>
suppose an enhancement to setup would be to allow you to specify the<br>hostname you want the client requests to use, and the hostname you want<br>the setup program to use internally to connect to and set up the server.<br>
<div>
<div></div>
<div class="Wj3C7c">> Thanks,<br>><br>> Nick<br>><br>> --------------------<br>><br>> +Entry cn=topologyplugin, ou=1.1, ou=Admin, ou=Global Preferences,<br>> ou=admin, o=NetscapeRoot is added<br>> +++check_and_add_entry: Entry not found cn=defaultplugin,<br>
> cn=topologyplugin, ou=1.1, ou=Admin, ou=Global Preferences, ou=admin,<br>> o=NetscapeRoot error No such object<br>> +Entry cn=defaultplugin, cn=topologyplugin, ou=1.1, ou=Admin,<br>> ou=Global Preferences, ou=admin, o=NetscapeRoot is added<br>
> +++check_and_add_entry: Entry not found cn=UI,ou=1.1, ou=Admin,<br>> ou=Global Preferences, ou=admin, o=NetscapeRoot error No such object<br>> +Entry cn=UI,ou=1.1, ou=Admin, ou=Global Preferences, ou=admin,<br>
> o=NetscapeRoot is added<br>> +Processing /usr/share/dirsrv/data/12dsconfig.mod.tmpl ...<br>> +++check_and_add_entry: Found entry cn=config<br>> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl<br>
> "Configuration Administrators Group"; allow (all)<br>> groupdn="ldap:///cn=Configuration Administrators, ou=Groups,<br>> ou=TopologyManagement, o=NetscapeRoot";) to entry cn=config<br>> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl<br>
> "Configuration Administrator"; allow (all) userdn="ldap:///uid=admin,<br>> ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";) to entry<br>> cn=config<br>> +++Adding attr=aci value=(targetattr = "*")(version 3.0; acl "SIE<br>
> Group"; allow (all) groupdn = "ldap:///cn=slapd-server, cn=Fedora<br>> Directory Server, cn=Server Group, cn=server, ou=admin,<br>> o=NetscapeRoot";) to entry cn=config<br>> +++check_and_add_entry: Found entry cn=SNMP,cn=config<br>
> +++Adding attr=aci<br>> value=(target="ldap:///cn=SNMP,cn=config")(targetattr !="aci")(version<br>> 3.0;acl "snmp";allow (read, search, compare)(userdn =<br>> "ldap:///anyone");) to entry cn=SNMP,cn=config<br>
> +++check_and_add_entry: Found entry<br>> oid=2.16.840.1.113730.3.4.9,cn=features,cn=config<br>> +++Adding attr=aci value=(targetattr != "aci")(version 3.0; acl "VLV<br>> Request Control"; allow( read, search, compare, proxy ) userdn =<br>
> "ldap:///all";) to entry<br>> oid=2.16.840.1.113730.3.4.9,cn=features,cn=config<br>> +Processing /usr/share/dirsrv/data/13dsschema.mod.tmpl ...<br>> +++check_and_add_entry: Found entry cn=schema<br>
> +++Adding attr=aci value=(target="ldap:///cn=schema")(targetattr<br>> !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search,<br>> compare) userdn = "ldap:///anyone";) to entry cn=schema<br>
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl<br>> "Configuration Administrators Group"; allow (all)<br>> groupdn="ldap:///cn=Configuration Administrators, ou=Groups,<br>> ou=TopologyManagement, o=NetscapeRoot";) to entry cn=schema<br>
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl<br>> "Configuration Administrator"; allow (all)<br>> userdn="ldap:///uid=admin,ou=Administrators, ou=TopologyManagement,<br>> o=NetscapeRoot";) to entry cn=schema<br>
> +++Adding attr=aci value=(targetattr = "*")(version 3.0; acl "SIE<br>> Group"; allow (all) groupdn = "ldap:///cn=slapd-server, cn=Fedora<br>> Directory Server, cn=Server Group, cn=server, ou=admin,<br>
> o=NetscapeRoot";) to entry cn=schema<br>> +Processing /usr/share/dirsrv/data/14dsmonitor.mod.tmpl ...<br>> +++check_and_add_entry: Found entry cn=monitor<br>> +++Adding attr=aci value=(target ="ldap:///cn=monitor*")(targetattr !=<br>
> "aci || connection")(version 3.0; acl "monitor"; allow( read, search,<br>> compare ) userdn = "ldap:///anyone";) to entry cn=monitor<br>> +Processing /usr/share/dirsrv/data/16dssuffixadmin.mod.tmpl ...<br>
> +++check_and_add_entry: Entry not found dc=hpconnect,dc=org error No such object<br>> Could not authenticate as user 'uid=admin, ou=Administrators,<br>> ou=TopologyManagement, o=NetscapeRoot' to server<br>
> 'ldap://server:46645/o=NetscapeRoot'. Error: Invalid credentials<br>> Could not register the directory server with the configuration directory server.<br>><br>><br>> -----------------------------------------------<br>
><br></div></div>> --<br>> Fedora-directory-users mailing list<br>> <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
><br><br><br>--<br>Fedora-directory-users mailing list<br><a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br><a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
<br></blockquote></div><br>