<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
On 11/10/2011 12:02 PM, Tom Tucker wrote:
<blockquote
cite="mid:CAGymF1BDbqQoAOpnOD4_LtGzR=KFHTRCwtY2KR5oBd3N0+DMpA@mail.gmail.com"
type="cite">Responding to the group..this time.
<div><br>
</div>
<div><br>
</div>
<div><span class="Apple-style-span" style="border-collapse:
collapse; color: rgb(34, 34, 34); font-family:
arial,sans-serif; font-size: 13px;">Thanks for the quick
response, unfortunately no change.
<div>
<br>
</div>
<div>OS: FC 15</div>
<div><a moz-do-not-send="true"
href="https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=751495"
target="_blank" style="color: rgb(17, 85, 204);">https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=751495</a></div>
<div><br>
</div>
<div>Server1</div>
<div>##########</div>
<div>
<div>[root@serverA phpldapadmin]# <a moz-do-not-send="true"
href="http://setup-ds-admin.pl/" target="_blank"
style="color: rgb(17, 85, 204);">setup-ds-admin.pl</a> -u</div>
<div><br>
</div>
<div>==============================================================================</div>
<div>The update option will allow you to re-register your
servers with the</div>
<div>configuration directory server and update the
information about your</div>
<div>servers that the console and admin server uses. You
will need your</div>
<div>configuration directory server admin ID and password to
continue.</div>
<div><br>
</div>
<div>Continue? [yes]: </div>
<div><br>
</div>
<div>==============================================================================</div>
<div class="im" style="color: rgb(80, 0, 80);">
<div>Please specify the information about your
configuration directory</div>
<div>server. The following information is required:</div>
<div>- host (fully qualified), port (non-secure or
secure), suffix,</div>
<div> protocol (ldap or ldaps) - this information should
be provided in the</div>
<div> form of an LDAP url e.g. for non-secure</div>
<div><a class="moz-txt-link-freetext" href="ldap://">ldap://</a><a moz-do-not-send="true"
href="http://host.example.com:389/o=NetscapeRoot"
target="_blank" style="color: rgb(17, 85, 204);">host.example.com:389/o=NetscapeRoot</a></div>
<div> or for secure</div>
<div><a class="moz-txt-link-freetext" href="ldaps://">ldaps://</a><a moz-do-not-send="true"
href="http://host.example.com:636/o=NetscapeRoot"
target="_blank" style="color: rgb(17, 85, 204);">host.example.com:636/o=NetscapeRoot</a></div>
<div>- admin ID and password</div>
<div>- admin domain</div>
<div>- a CA certificate file may be required if you choose
to use ldaps and</div>
<div> security has not yet been configured - the file
must be in PEM/ASCII</div>
<div> format - specify the absolute path and filename</div>
<div><br>
</div>
<div>Configuration directory server URL [<a class="moz-txt-link-freetext" href="ldap://">ldap://</a><a
moz-do-not-send="true"
href="http://serverA.mydomain.com:389/o=NetscapeRoot"
target="_blank" style="color: rgb(17, 85, 204);">serverA.mydomain.com:389/o=NetscapeRoot</a>]: </div>
<div>Configuration directory server admin ID
[uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot]: </div>
<div>Configuration directory server admin password: </div>
<div>Configuration directory server admin domain [<a
moz-do-not-send="true" href="http://mydomain.com/"
target="_blank" style="color: rgb(17, 85, 204);">mydomain.com</a>]: </div>
<div><br>
</div>
</div>
<div>==============================================================================</div>
<div>The interactive phase is complete. The script will now
set up your</div>
<div>servers. Enter No or go Back if you want to change
something.</div>
<div><br>
</div>
<div>Are you ready to set up your servers? [yes]: </div>
<div>Could not open TLS connection to <a
moz-do-not-send="true"
href="http://serverA.mydomain.com:389/" target="_blank"
style="color: rgb(17, 85, 204);">serverA.mydomain.com:389</a> -
trying regular connection</div>
<div>rm: cannot remove
`/var/lib/dirsrv/slapd-serverA/changelogdb/__db.*': No
such file or directory</div>
<div>rm: cannot remove
`/var/lib/dirsrv/slapd-serverA/changelogdb/guardian': No
such file or directory</div>
<div>Undefined subroutine &DSUpdate::updateSystemD
called at /usr/lib/dirsrv/perl/DSUpdate.pm line 419.</div>
</div>
</span></div>
</blockquote>
rpm -qi 389-ds-base<br>
this issue is fixed in 1.2.10.a5 in updates-testing<br>
<blockquote
cite="mid:CAGymF1BDbqQoAOpnOD4_LtGzR=KFHTRCwtY2KR5oBd3N0+DMpA@mail.gmail.com"
type="cite">
<div><span class="Apple-style-span" style="border-collapse:
collapse; color: rgb(34, 34, 34); font-family:
arial,sans-serif; font-size: 13px;">
<div><br>
</div>
<div><br>
</div>
<div>Server2</div>
<div>#########</div>
<div>
<div>[root@usg-ldap7901 admin-serv]# <a
moz-do-not-send="true" href="http://setup-ds-admin.pl/"
target="_blank" style="color: rgb(17, 85, 204);">setup-ds-admin.pl</a> -u</div>
<div><br>
</div>
<div>==============================================================================</div>
<div>The update option will allow you to re-register your
servers with the</div>
<div>configuration directory server and update the
information about your</div>
<div>servers that the console and admin server uses. You
will need your</div>
<div>configuration directory server admin ID and password to
continue.</div>
<div><br>
</div>
<div>Continue? [yes]: yes </div>
<div><br>
</div>
<div>
==============================================================================</div>
<div class="im" style="color: rgb(80, 0, 80);">
<div>Please specify the information about your
configuration directory</div>
<div>server. The following information is required:</div>
<div>- host (fully qualified), port (non-secure or
secure), suffix,</div>
<div> protocol (ldap or ldaps) - this information should
be provided in the</div>
<div> form of an LDAP url e.g. for non-secure</div>
<div><a class="moz-txt-link-freetext" href="ldap://">ldap://</a><a moz-do-not-send="true"
href="http://host.example.com:389/o=NetscapeRoot"
target="_blank" style="color: rgb(17, 85, 204);">host.example.com:389/o=NetscapeRoot</a></div>
<div> or for secure</div>
<div><a class="moz-txt-link-freetext" href="ldaps://">ldaps://</a><a moz-do-not-send="true"
href="http://host.example.com:636/o=NetscapeRoot"
target="_blank" style="color: rgb(17, 85, 204);">host.example.com:636/o=NetscapeRoot</a></div>
<div>- admin ID and password</div>
<div>- admin domain</div>
<div>- a CA certificate file may be required if you choose
to use ldaps and</div>
<div> security has not yet been configured - the file
must be in PEM/ASCII</div>
<div> format - specify the absolute path and filename</div>
<div><br>
</div>
<div>Configuration directory server URL [<a class="moz-txt-link-freetext" href="ldap://">ldap://</a><a
moz-do-not-send="true"
href="http://serverA.mydomain.com:389/o=NetscapeRoot"
target="_blank" style="color: rgb(17, 85, 204);">serverA.mydomain.com:389/o=NetscapeRoot</a>]: </div>
<div>Configuration directory server admin ID
[uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot]: </div>
<div>Configuration directory server admin password: </div>
<div>Configuration directory server admin domain [<a
moz-do-not-send="true" href="http://mydomain.com/"
target="_blank" style="color: rgb(17, 85, 204);">mydomain.com</a>]: </div>
<div><br>
</div>
</div>
<div>==============================================================================</div>
<div>The interactive phase is complete. The script will now
set up your</div>
<div>servers. Enter No or go Back if you want to change
something.</div>
<div><br>
</div>
<div>Are you ready to set up your servers? [yes]: </div>
<div>Could not open TLS connection to <a
moz-do-not-send="true"
href="http://serverA.mydomain.com:389/" target="_blank"
style="color: rgb(17, 85, 204);">serverA.mydomain.com:389</a> -
trying regular connection</div>
<div>Undefined subroutine &DSUpdate::updateSystemD
called at /usr/lib/dirsrv/perl/DSUpdate.pm line 419.</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
</span><br>
<div class="gmail_quote">On Thu, Nov 10, 2011 at 1:48 PM, Rich
Megginson <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:rmeggins@redhat.com">rmeggins@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
<div bgcolor="#ffffff" text="#000000">
<div class="im"> On 11/10/2011 11:48 AM, Tom Tucker wrote:
<blockquote type="cite"><br>
<div>
<div>I would appreciate any troubleshooting advise
you might have regarding my registered ldap
servers. I am referring to the first page you see
when launching the console (servers listed
underneath Servers and Applications). I see my
servers listed, however I am unable to open them.
Their "Server status" always reports "Stopped"
even though the remote servers are running.</div>
<div><br>
</div>
<div>Based on my tcpdump capture below the 'admin
prohibited' message is a clear indication of the
problem, but I can't seem to correct it. I have
reran the setup several times, confirmed the
password and such. </div>
<div><br>
</div>
<div>What am I missing?</div>
</div>
</blockquote>
</div>
Have you tried running <a moz-do-not-send="true"
href="http://setup-ds-admin.pl" target="_blank">setup-ds-admin.pl</a>
-u on both the local servers and the remote servers?<br>
<blockquote type="cite">
<div class="im">
<div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>==============================================================================</div>
<div><br>
</div>
<div>13:35:27.458489 IP serverA.mydomain.com.30940
> serverB.mydomain.com.ldap: Flags [S], seq
404137883, win 14600, options [mss 1460,sackOK,TS
val 348721371 ecr 0,nop,wscale 6], length 0</div>
<div>13:35:27.458591 IP <a moz-do-not-send="true"
href="http://serverB.mydomain.com"
target="_blank">serverB.mydomain.com</a> > <a
moz-do-not-send="true"
href="http://serverA.mydomain.com"
target="_blank">serverA.mydomain.com</a>: ICMP
host <a moz-do-not-send="true"
href="http://serverB.mydomain.com"
target="_blank">serverB.mydomain.com</a>
unreachable - admin prohibited, length 68</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>Please specify the information about your
configuration directory</div>
<div>server. The following information is required:</div>
<div>- host (fully qualified), port (non-secure or
secure), suffix,</div>
<div> protocol (ldap or ldaps) - this information
should be provided in the</div>
<div> form of an LDAP url e.g. for non-secure</div>
<div><a moz-do-not-send="true">ldap://</a><a
moz-do-not-send="true"
href="http://host.example.com:389/o=NetscapeRoot"
target="_blank">host.example.com:389/o=NetscapeRoot</a></div>
<div> or for secure</div>
<div><a moz-do-not-send="true">ldaps://</a><a
moz-do-not-send="true"
href="http://host.example.com:636/o=NetscapeRoot"
target="_blank">host.example.com:636/o=NetscapeRoot</a></div>
<div>- admin ID and password</div>
<div>- admin domain</div>
<div>- a CA certificate file may be required if you
choose to use ldaps and</div>
<div> security has not yet been configured - the
file must be in PEM/ASCII</div>
<div> format - specify the absolute path and
filename</div>
<div><br>
</div>
<div>Configuration directory server URL [<a
moz-do-not-send="true">ldap://</a><a
moz-do-not-send="true"
href="http://serverA.mydomain.com:389/o=NetscapeRoot"
target="_blank">serverA.mydomain.com:389/o=NetscapeRoot</a>]: </div>
<div>Configuration directory server admin ID
[uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot]: </div>
<div>Configuration directory server admin password: </div>
<div>Configuration directory server admin domain [<a
moz-do-not-send="true"
href="http://mydomain.com" target="_blank">mydomain.com</a>]: </div>
</div>
</div>
<span class="HOEnZb"><font color="#888888">
<pre><fieldset></fieldset>
--
389 users mailing list
<a moz-do-not-send="true" href="mailto:389-users@lists.fedoraproject.org" target="_blank">389-users@lists.fedoraproject.org</a>
<a moz-do-not-send="true" href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></pre>
</font></span></blockquote>
<br>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>