[Fedora-directory-users] ldapdelete error 1
by Jo De Troy
Hello,
I'm running FedoraDS 1.0.4 on RHEL4.
When I try to delete an entry I get as result: Delete Result:
Operations error (1)
I've tried it from within Directory Server console and from cli via ldapdelete
Any ideas what might be the problem?
I'm using Views don't know if that has anything to do with it ot not.
Thanks for helping,
Jo
16 years, 10 months
[Fedora-directory-users] Newbie question
by Thomas King
I am trying to sort out a couple of things in my mind, so please forgive the
plebian topic.
Some of the articles I saw online concerning using FDS for authentication states
to use the 'Users and Groups' tab from the management console. However, when I
try to create a user, group, or OU, it ends up being forced into the
NetscapeRoot branch instead of the directory. I see no way offhand on how to
change this.
Re-reading the manuals several times for making entries suggests that tab is not
to be used for "normal" user/group/OU entries for authentication and/or user
information queries. Instead, I should have opened the directory server itself
from the Management Console, clicked on the Directory tab, expanded the
appropriate branch, selected the appropriate OU, and added a user there instead.
Am I correct? Is there actually a way to change the target from the 'Users and
Groups' tab within the Management Console so that I can use that tab instead to
make quick additions or changes?
Thank you,
Tom
16 years, 10 months
[Fedora-directory-users] FDS equivalent of OpenLDAP's password-crypt-salt-format?
by Alan Hagge
Does anyone know if FDS has the equivalent of OpenLDAP's
password-crypt-salt-format option? It's used to specify the format of
the salt used in crypt encryption. Specifically, I need a way to have
md5crypt passwords generated by an "ldap password modify" extended
operation. I'm trying to support Irix, Linux and Windows (using samba)
hosts, and unfortunately, Irix only supports crypt-format passwords, but
WILL use the md5 salted variant, which (as I understand it) is much more
secure than the standard DES version.
It looks like Sun's enterprise directory server supports this through an
optional parameter passed to its crypt password storage scheme plugin
(see http://docs.sun.com/app/docs/doc/820-0376/6nc4cgnh4?a=view , topic
6557410), but in looking over the FDS source for this plugin, I don't
see where this has been implemented.
Thanks for any hints, tips, etc.
16 years, 10 months
Re: [Fedora-directory-users] Problem with fds 1.0.4 on Red Hat 5 64 bits.
by Daryle A. Tilroe
Rob Crittenden wrote:
> Try the FC6 build instead. The problem is that RHEL4 uses Apache
> 2.0.52 and RHEL 5 uses Apache 2.2.3. Their API's are not completely
> compatible and modules need to be recompiled.
Just a quick followup on this. I am going to try it myself soon.
Is the FC6 build actually the correct one or will there be a
"proper" FDS 1.0.4 rpm for RHEL5 64bit at any point in the near
future?
--
Daryle A. Tilroe
16 years, 10 months
[Fedora-directory-users] [crit] host_ip_init(): PSET failure: Failed to create PSET handle (pset error = )
by Anthony M. Farrell
fedora core 6 - 2.6.20-1.2933.fc6
fedora-ds-1.0.4-1.FC6
httpd-2.2.4-2.fc6
I installed the directory server as a typical install with owner and group set
to root.
Directory server starts OK
Admin server will not start.
Output of 'admin-serv/logs/error ' shows above subject error.
Output of /tmp file3SRK6D:
Syntax error on line 35 of /opt/fedora-ds/admin-serv/config/console.conf:
Error:\tApache has not been designed to serve pages while\n\trunning as root.
There are known race conditions that\n\twill allow any local user to read any
file on the system.\n\tIf you still desire to serve pages as root
then\n\tadd -DBIG_SECURITY_HOLE to the CFLAGS env variable\n\tand then
rebuild the server.\n\tIt is strongly suggested that you instead modify the
User\n\tdirective in your httpd.conf file to list a non-root\n\tuser.\n
Changing the console.conf user and group to apache does not make any
difference.
Output of ls -l admin-serv/config:
-rw------- 1 root root 337 Jun 24 13:17 adm.conf
-rw------- 1 root root 39 Jun 24 13:17 admpw
-rw------- 1 root root 4588 Jun 24 13:17 admserv.conf
-rw------- 1 root root 1324 Jun 24 13:17 admserv.conf.rej
-rw------- 1 root root 3726 Jun 24 15:54 console.conf
-rw------- 1 root root 30468 Jun 24 15:38 httpd.conf
-rw------- 1 root root 2048 Jun 24 13:17 httpd.conf.rej
-rw-r--r-- 1 root root 19707 Jun 24 13:17 local.conf
-rw------- 1 root root 4573 Jun 24 13:17 nss.conf
I have installed on two separate servers with latest fc6 and have the same
problem on both boxes.
I would appreciate any ideas from list members as to how to resolve this
problem.
16 years, 10 months
RE: [Fedora-directory-users] Need Help - FDS 1.0.4 - Admin Console - Details Inside - Thanks
by Sphenis cidae
Thanks Richard for your help and atention.
------- The possible solution -------
My problem is solved. I tried everything but I think the solution was removing carefully everything that has to do with openldap from the system and change the LDAP Settings in AUTHENTICATION CONFIGURATION:
from:
LDAP Server: 192.168.10.1
to:
LDAP Server: 192.168.10.1|ldap://192.168.10.1
Thanks all for your inputs. I want to thank also a really cool guy from #fedora-ds, uffe, that tried to help.
------- The Problem -------
> When I turn LDAP authentication and support on (tried in fedora7) the > admin console stops working.> > "cannot logon because of an incorrect User ID, Incorrect password or > Directory problem. java.io.InterruptedIOException: HTTP response timeout">> In /opt/fedora-ds/admin-serv/logs/error i have:> child pid 2768 exit signal segmentation fault (11)> child pid 2769 exit signal segmentation fault (11)> ...> child pid 3360 exit signal segmentation fault (11)
_________________________________________________________________
Clique aui!
http://get.live.com/pt-pt/messenger/overview
16 years, 10 months
[Fedora-directory-users] How Do I?
by Gene Poole
I've just completed a clean install of Fedora 7. How/What should I use to
get FDS installed on this new system?
Thanks,
Gene Poole
gene.poole(a)macys.com
16 years, 10 months
[Fedora-directory-users] Going insane (can't logon from Windows)
by Mont Rothstein
I have Fedora Directory Server (1.0.4) running on a Red Hat Linux (RHEL 4)
with Samba (3.0.10-1.4E.12.2).
I have a Windows XP box that I have successfully joined to the domain.
When I go to login with a domain user I get the following error:
"Windows cannot connect to the domain, either because the domain controller
is down or otherwise unavailable, or because your computer account was not
found."
In the Windows system event log there is the following entry:
"Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 3210
Date: 6/12/2007
Time: 10:08:02 AM
User: N/A
Computer: WINXP-CLEAN
Description:
This computer could not authenticate with \\RHEL-CLEAN2, a Windows domain
controller for domain FORAYADAMS2, and therefore this computer might deny
logon requests. This inability to authenticate might be caused by another
computer on the same network using the same name or the password for this
computer account is not recognized. If this message appears again, contact
your system administrator.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c0000022"
The only thing in smb.log is:
[2007/06/12 11:41:09, 0] lib/util_sock.c:get_peer_addr(1000)
getpeername failed. Error was Transport endpoint is not connected
The only thing in the machine's samba log is:
[2007/06/12 11:41:09, 0] lib/util_sock.c:get_peer_addr(1000)
getpeername failed. Error was Transport endpoint is not connected
[2007/06/12 11:41:09, 0] lib/util_sock.c:write_socket_data(430)
write_socket_data: write failure. Error = Connection reset by peer
[2007/06/12 11:41:09, 0] lib/util_sock.c:write_socket(455)
write_socket: Error writing 4 bytes to socket 24: ERRNO = Connection reset
by peer
[2007/06/12 11:41:09, 0] lib/util_sock.c:send_smb(647)
Error writing 4 bytes to client. -1. (Connection reset by peer)
There is nothing in the Fedora log near to when the workstation boots or the
user tries to login.
I can connect to a share on the server from the Windows computer, when
logged in as a local user, using "net view" or entering the path directly
(\\rhel-clean2\sharename\).
I can ping the server from the workstation and vis-a-versa.
I've explicitly added the workstation to the forward and reverse DNS zone
files.
The time of the server and workstation is less than 5 min apart.
I have explicitly added the linux server as a WINS server on the Windows box
(just in case).
When I lookup the Windows system error on Google at I get stuff about the
machine's password being out of sync or various things about group policies
for encryption and such. I tried turning off all of the related group
policies with no effect.
I am pulling my hair out trying to figure this out. Any and all help is
appreciated.
Thanks,
-Mont
16 years, 10 months
RE: [Fedora-directory-users] Need Help - FDS 1.0.4 - Admin Console - Details Inside - Thanks
by Sphenis cidae
I really need some help here.
Fedora directory server works. The ldap directory is working, I can even authenticate the users at login using ldap authentication. I've imported groups and users and created new users. Everything seems nice.
When I turn LDAP authentication and support on (tried in fedora7) the admin console stops working.
"cannot logon because of an incorrect User ID, Incorrect password or Directory problem. java.io.InterruptedIOException: HTTP response timeout"In /opt/fedora-ds/admin-serv/logs/error i have:child pid 2768 exit signal segmentation fault (11)child pid 2769 exit signal segmentation fault (11)...child pid 3360 exit signal segmentation fault (11)
I know everyone have their own problems, and I seem to implore for some help, but hey, prove that you deserve to receive a guru title, at least from me :) just kidding. I know you're not ghandi, so i just appeal to your comunity spirit. Thanks.
>I have fedora directory server 1.0.4 running and I can access it from a windows workstation using softerra ldap >administrator, but when i try using the fedora admi console from the server i get the following error:>"cannot logon because of an incorrect User ID, Incorrect password or Directory problem. >java.io.InterruptedIOException: HTTP response timeout">In /opt/fedora-ds/admin-serv/logs/error i have:>child pid 2768 exit signal segmentation fault (11)>child pid 2769 exit signal segmentation fault (11)>...>child pid 3360 exit signal segmentation fault (11)>I'm asking for a big help here. I'm just a newbie trying very hard to learn.>Thanks, and I hope someday I'll be able to help you too.
_________________________________________________________________
Comunicação sem fronteiras - converse agora também com os amigos que tem no Yahoo!.
http://get.live.com/pt-pt/messenger/overview
16 years, 10 months