[Fedora-directory-users] Samba + FDS Problem adding Administrator account "Username not found"
by Gary Martin
I am following the instructions in the Howto:Samba documentation on
the FDS Wiki site. When I go to edit the Administrator account using
the following command:
pdbedit -U $( net getlocalsid | sed 's/SID for domain YOURWORKGROUP
is: //' )-500 -u Administrator -r
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=DOMAIN))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
smbldap_search_domain_info: Searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=DOMAIN))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
Username not found!
I get the same "Username not found" error if I run "pdbedit -L -v -u
Administrator" so it seems that the account doesn't exist, yet if run:
ldapsearch -b dc=test,dc=com -x '(uid=Administrator)'
# extended LDIF
#
# LDAPv3
# base <dc=test,dc=com> with scope subtree
# filter: (uid=Administrator)
# requesting: ALL
#
# Administrator, People, test.com
dn: uid=Administrator,ou=People,dc=test,dc=com
uid: Administrator
cn: Samba Admin
givenName: Samba
sn: Admin
mail: Administrator(a)test.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: Samba Admin
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
Should this account have some Samba Domain info? What did I do wrong?
Here is a copy of the sambaAdmin.ldif I used:
dn: uid=Administrator,ou=People,dc=test,dc=com
uid: Administrator
cn: Samba Admin
givenName: Samba
sn: Admin
mail: Administrator(a)test.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
userPassword: {crypt}x
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: Samba Admin
And a copy of my smb.conf if it helps:
[global]
workgroup = DOMAIN
security = user
passdb backend = ldapsam:ldap://vandread.test.com
ldap admin dn = cn=Directory Manager
ldap suffix = dc=test,dc=com
ldap user suffix = ou=People
ldap machine suffix = ou=People
ldap group suffix = ou=Groups
log file = /var/log/samba/%m.log
log level = 3
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
os level = 33
domain logons = yes
domain master = yes
local master = yes
preferred master = yes
wins support = yes
logon home = \\%L\%u\profiles
logon path = \\%L\profiles\%u
logon drive = H:
template shell = /bin/false
winbind use default domain = no
winbind nested groups = no
enable privileges = yes
Thanks.
16 years, 4 months
[Fedora-directory-users] DS Failed to start
by kiran madala
Hello,
I was experimenting with fedora ds sync with active directory. In the process I installed a certificate on the DS. Then I restarted usign the remote admin console with out enabling ssl but the DS failed to restart. I have the error log below. It seems like the DS database got corrucpted how do i recover it?
[07/Jan/2008:13:44:37 -0500] - slapd shutting down - signaling operation threads
[07/Jan/2008:13:44:41 -0500] - slapd shutting down - waiting for 30 threads to terminate
[07/Jan/2008:13:44:41 -0500] - slapd shutting down - closing down internal subsystems and plugins
[07/Jan/2008:13:44:42 -0500] - Waiting for 4 database threads to stop
[07/Jan/2008:13:44:42 -0500] - All database threads now stopped
[07/Jan/2008:13:47:43 -0500] - Fedora-Directory/1.1.0 B2007.354.1236 starting up
[07/Jan/2008:13:47:43 -0500] - Detected Disorderly Shutdown last time Directory Server was running, recovering database.
[07/Jan/2008:13:47:45 -0500] - libdb: Improper file close at 1/1042383
[07/Jan/2008:13:47:54 -0500] - libdb: Recovery function for LSN 1 1042383 failed on forward pass
[07/Jan/2008:13:47:55 -0500] - libdb: PANIC: Invalid argument
[07/Jan/2008:13:47:55 -0500] - libdb: PANIC: fatal region error detected; run recovery
[07/Jan/2008:13:47:55 -0500] - Database Recovery Process FAILED. The database is not recoverable. err=-30977: DB_RUNRECOVERY: Fatal error, run database recovery
[07/Jan/2008:13:47:55 -0500] - Please make sure there is enough disk space for dbcache (10000000 bytes) and db region files
[07/Jan/2008:13:47:55 -0500] - start: Failed to init database, err=-30977 DB_RUNRECOVERY: Fatal error, run database recovery
[07/Jan/2008:13:47:55 -0500] - Failed to start database plugin ldbm database
[07/Jan/2008:13:47:55 -0500] - WARNING: ldbm instance userRoot already exists
[07/Jan/2008:13:47:55 -0500] - WARNING: ldbm instance NetscapeRoot already exists
[07/Jan/2008:13:47:55 -0500] binder-based resource limits - nsLookThroughLimit: parameter error (slapi_reslimit_register() already registered)
[07/Jan/2008:13:47:55 -0500] - start: Resource limit registration failed
[07/Jan/2008:13:47:55 -0500] - Failed to start database plugin ldbm database
[07/Jan/2008:13:47:55 -0500] - Error: Failed to resolve plugin dependencies
[07/Jan/2008:13:47:55 -0500] - Error: preoperation plugin 7-bit check is not started
[07/Jan/2008:13:47:55 -0500] - Error: accesscontrol plugin ACL Plugin is not started
[07/Jan/2008:13:47:55 -0500] - Error: preoperation plugin ACL preoperation is not started
[07/Jan/2008:13:47:55 -0500] - Error: object plugin Class of Service is not started
[07/Jan/2008:13:47:55 -0500] - Error: preoperation plugin HTTP Client is not started
[07/Jan/2008:13:47:55 -0500] - Error: database plugin ldbm database is not started
[07/Jan/2008:13:47:55 -0500] - Error: object plugin Legacy Replication Plugin is not started
[07/Jan/2008:13:47:55 -0500] - Error: object plugin Multimaster Replication Plugin is not started
[07/Jan/2008:13:47:55 -0500] - Error: object plugin Roles Plugin is not started
[07/Jan/2008:13:47:55 -0500] - Error: object plugin Views is not started
[07/Jan/2008:13:48:14 -0500] - Fedora-Directory/1.1.0 B2007.354.1236 starting up
[07/Jan/2008:13:48:14 -0500] - Detected Disorderly Shutdown last time Directory Server was running, recovering database.
[07/Jan/2008:13:48:14 -0500] - libdb: Improper file close at 1/1042383
[07/Jan/2008:13:48:16 -0500] - libdb: Recovery function for LSN 1 1042383 failed on forward pass
[07/Jan/2008:13:48:16 -0500] - libdb: PANIC: Invalid argument
[07/Jan/2008:13:48:16 -0500] - libdb: PANIC: fatal region error detected; run recovery
[07/Jan/2008:13:48:16 -0500] - Database Recovery Process FAILED. The database is not recoverable. err=-30977: DB_RUNRECOVERY: Fatal error, run database recovery
[07/Jan/2008:13:48:16 -0500] - Please make sure there is enough disk space for dbcache (10000000 bytes) and db region files
[07/Jan/2008:13:48:16 -0500] - start: Failed to init database, err=-30977 DB_RUNRECOVERY: Fatal error, run database recovery
[07/Jan/2008:13:48:16 -0500] - Failed to start database plugin ldbm database
[07/Jan/2008:13:48:16 -0500] - WARNING: ldbm instance userRoot already exists
[07/Jan/2008:13:48:16 -0500] - WARNING: ldbm instance NetscapeRoot already exists
[07/Jan/2008:13:48:16 -0500] binder-based resource limits - nsLookThroughLimit: parameter error (slapi_reslimit_register() already registered)
[07/Jan/2008:13:48:16 -0500] - start: Resource limit registration failed
[07/Jan/2008:13:48:16 -0500] - Failed to start database plugin ldbm database
[07/Jan/2008:13:48:16 -0500] - Error: Failed to resolve plugin dependencies
[07/Jan/2008:13:48:16 -0500] - Error: preoperation plugin 7-bit check is not started
[07/Jan/2008:13:48:16 -0500] - Error: accesscontrol plugin ACL Plugin is not started
[07/Jan/2008:13:48:16 -0500] - Error: preoperation plugin ACL preoperation is not started
[07/Jan/2008:13:48:16 -0500] - Error: object plugin Class of Service is not started
[07/Jan/2008:13:48:16 -0500] - Error: preoperation plugin HTTP Client is not started
[07/Jan/2008:13:48:16 -0500] - Error: database plugin ldbm database is not started
[07/Jan/2008:13:48:16 -0500] - Error: object plugin Legacy Replication Plugin is not started
[07/Jan/2008:13:48:16 -0500] - Error: object plugin Multimaster Replication Plugin is not started
[07/Jan/2008:13:48:16 -0500] - Error: object plugin Roles Plugin is not started
[07/Jan/2008:13:48:16 -0500] - Error: object plugin Views is not started
_________________________________________________________________
Discover new ways to stay in touch with Windows Live! Visit the City @ Live today!
http://getyourliveid.ca/?icid=LIVEIDENCA006
16 years, 4 months
[Fedora-directory-users] Replace userPassword using crypt()
by Benny Chee
Hi,
I m writing a script to synchronize my user's password inside LDAP with a
unix passwd file. Is there a way to insert the crypt passwd inside the unix
passwd file directly into LDAP using ldapmodify userPassword:
{crypt}"whatever appears inside /etc/passwd" ?
dn:uid=roger,ou=abc.com,dc=foo,dc=com
givenName: rico
objectClass: top
person
organizationalPerson
inetorgperson
sn: rico
cn: rico
uid: roger
userPassword: {crypt}HU1bbqwvbXJUY
--
benny
16 years, 4 months
[Fedora-directory-users] Error -8127 with hardware acceleration/Token
by Yann Cloatre
Hello all,
I use DS Fedora LDAP on Solaris 9.
I try to use a crypto accelerator 4000 board (SUN) with Fedora.
(FYI;
http://www.sun.com/products/networking/sslaccel/suncryptoaccel4000/index.xml
)
I've a certificate store on the board, with a certificates inside.
User is define on the board to access this certificate store.
I patched Fedora with a modified script from SUN to enabled this certificate
store in Sun One server.
It's work and i can see 3 certificates store in the window "Manage
Certificate" :
- Internal (Software)
- Acceleration only (Sun Doc don't selected this one, FYI
http://docs.sun.com/app/docs/coll/crypto-accel4000 mine is 1.1 for Solaris
9)
- MYCERTIFICATESTORE
In GUI, each time Fedora need to access inside MYCERTIFICATESTORE, ask me a
password. It's the password define in the accelerator board. So, i enter in
th password box ; "user:password" and Fedora display the related
information.
So everything is ok, i can enable encryption and select my certificate in
MYCERTIFICATESTORE for LDAPs.
But, when i try to restart Fedora ;
[09/Jan/2008:19:34:55 +0000] - SSL alert: Security Initialization: Unable to
find slot (Netscape Portable Runtime error -8127 - The security card or
token does not exist, needs to be initialized, or has been removed.)
[09/Jan/2008:19:34:55 +0000] - ERROR: SSL Initialization Failed
I try to define password in the slapd-servname-pin.txt in alias directory
with a format like ;
Internal (Software) Token:password
MYCERTIFICATESTORE:ldap-admin:password0
But nothing, impossible to restart. Perhaps, the problem is related to the
password format (ldap-admin:password0), but i must provide username and
password to Fedora if the application want access the token.
It's work well in GUI interface and i don't understand why Fedora seems to
not find my token at startup ?
Help appreciate.
Thank you.
16 years, 4 months
[Fedora-directory-users] Fedora Directory Server 1.1 : Cannot log in the Managent Console
by useless@mail.bg
Hello!
Several days ago I downloaded and installed Fedora Directory Server
1.1. The problem is that I cannot log in the Management Console
(fedora-idm-console)- every time when I try to log in it(
http://img181.imageshack.us/my.php?image=snapshot1bx4.png ), I get the
following error :
http://img108.imageshack.us/my.php?image=snapshot2fi1.png
and I find the following messages in the /var/log/httpd dir:
/var/log/httpd/access_log :
127.0.0.1 - - [08/Jan/2008:19:45:26 +0200] "GET
/admin-serv/authenticate HTTP/1.0" 400 294 "-"
"Fedora-Management-Console/1.1.0"
/var/log/httpd/error_log :
[Tue Jan 08 19:45:26 2008] [error] [client 127.0.0.1] Client sent
malformed Host header
The dirsrv, dirsrv-admin and httpd deamons are running. I have no
problem with opening localhost:9830 and
localhost:9830/admin-serv/authenticate in my browser.
Here are the settings that I entered during the install (setup-ds-admin.pl):
------------------------------------------------------
------------------------------------------------------
[08/01/07:23:14:17] - [Setup] Info This program will set up the Fedora
Directory and Administration Servers.
It is recommended that you have "root" privilege to set up the software.
Tips for using this program:
- Press "Enter" to choose the default and go to the next screen
- Type "Control-B" then "Enter" to go back to the previous screen
- Type "Control-C" to cancel the setup program
[08/01/07:23:14:17] - [Setup] Info Would you like to continue with set up?
[08/01/07:23:14:20] - [Setup] Info yes
[08/01/07:23:14:20] - [Setup] Info BY SETTING UP AND USING THIS SOFTWARE YOU
ARE CONSENTING TO BE BOUND BY
AND ARE BECOMING A PARTY TO THE AGREEMENT FOUND IN THE
LICENSE.TXT FILE. IF YOU DO NOT AGREE TO ALL OF THE TERMS
OF THIS AGREEMENT, PLEASE DO NOT SET UP OR USE THIS SOFTWARE.
[08/01/07:23:14:20] - [Setup] Info Do you agree to the license terms?
[08/01/07:23:14:22] - [Setup] Info yes
[08/01/07:23:14:22] - [Setup] Info Your system has been scanned for potential
problems, missing patches,
etc. The following output is a report of the items found that need to
be addressed before running this software in a production
environment.
Fedora Directory Server system tuning analysis version 10-AUGUST-2007.
NOTICE : System is i686-unknown-linux2.6.23.9-85.fc8 (1 processor).
WARNING: 503MB of physical memory is available on the system. 1024MB
is recommended for best performance on large production system.
NOTICE : The net.ipv4.tcp_keepalive_time is set to 7200000
milliseconds (120 minutes). This may cause temporary server
congestion from lost
client connections.
WARNING: There are only 1024 file descriptors (hard limit) available,
which limit the number of simultaneous connections.
WARNING: There are only 1024 file descriptors (soft limit) available,
which limit the number of simultaneous connections.
[08/01/07:23:14:22] - [Setup] Info Would you like to continue?
[08/01/07:23:14:23] - [Setup] Info yes
[08/01/07:23:14:23] - [Setup] Info Choose a setup type:
1. Express
Allows you to quickly set up the servers using the most
common options and pre-defined defaults. Useful for quick
evaluation of the products.
2. Typical
Allows you to specify common defaults and options.
3. Custom
Allows you to specify more advanced options. This is
recommended for experienced server administrators only.
To accept the default shown in brackets, press the Enter key.
[08/01/07:23:14:23] - [Setup] Info Choose a setup type
[08/01/07:23:14:25] - [Setup] Info 2
[08/01/07:23:14:25] - [Setup] Info Enter the fully qualified domain name of
the computer
on which you're setting up server software. Using the form
<hostname>.<domainname>
Example: eros.example.com.
To accept the default shown in brackets, press the Enter key.
[08/01/07:23:14:25] - [Setup] Info Computer name
[08/01/07:23:14:26] - [Setup] Info localhost.localdomain
[08/01/07:23:14:26] - [Setup] Info The servers must run as a specific user in
a specific group.
It is strongly recommended that this user should have no privileges
on the computer (i.e. a non-root user). The setup procedure
will give this user/group some permissions in specific paths/files
to perform server-specific operations.
If you have not yet created a user and group for the servers,
create this user and group using your native operating
system utilities.
[08/01/07:23:14:29] - [Setup] Info System User
[08/01/07:23:14:34] - [Setup] Info fdsuser
[08/01/07:23:14:34] - [Setup] Info System Group
[08/01/07:23:14:37] - [Setup] Info fdsuser
[08/01/07:23:14:37] - [Setup] Info Server information is stored in the
configuration directory server. This information is used by the
console and administration server to configure and manage your
servers. If you have already set up a configuration directory server,
you should register any servers you set up or create with the
configuration server. To do so, the following information about the
configuration server is required: the
fully qualified host name of the form <hostname>.<domainname>(e.g.
hostname.example.com), the port number (default 389), the suffix, the
DN and password of a user having permission to write the configuration
information, usually the configuration directory administrator, and if
you are using security (TLS/SSL). If you are using TLS/SSL, specify
the TLS/SSL (LDAPS) port number (default 636) instead of the regular
LDAP port number, and
provide the CA certificate (in PEM/ASCII format).
If you do not yet have a configuration directory server, enter 'No' to
be prompted to set up one.
[08/01/07:23:14:37] - [Setup] Info Do you want to register this
software with an existing configuration directory server?
[08/01/07:23:14:39] - [Setup] Info no
[08/01/07:23:14:39] - [Setup] Info Please enter the administrator ID
for the configuration directory server. This is the ID typically used
to log in to the console. You will also be prompted for the password.
[08/01/07:23:14:39] - [Setup] Info Configuration directory server
administrator ID
[08/01/07:23:14:40] - [Setup] Info admin
[08/01/07:23:14:40] - [Setup] Info Password
[08/01/07:23:14:44] - [Setup] Info Password (confirm)
[08/01/07:23:14:45] - [Setup] Info The information stored in the
configuration directory server can be
separated into different Administration Domains. If you are managing
multiple software releases at the same time, or managing information
about multiple domains, you may use the Administration Domain to keep
them separate.
If you are not using administrative domains, press Enter to select the
default. Otherwise, enter some descriptive, unique name for the
administration domain, such as the name of the organization
responsible for managing the domain.
[08/01/07:23:14:45] - [Setup] Info Administration Domain
[08/01/07:23:14:46] - [Setup] Info localdomain
[08/01/07:23:14:46] - [Setup] Info The standard directory server
network port number is 389. However, if you are not logged as the
superuser, or port 389 is in use, the default value will be a random
unused port number greater than 1024. If you want to use port 389,
make sure that you are logged in as the superuser, that port 389 is
not in use.
[08/01/07:23:14:46] - [Setup] Info Directory server network port
[08/01/07:23:14:47] - [Setup] Info 389
[08/01/07:23:14:47] - [Setup] Info Each instance of a directory server
requires a unique identifier. This identifier is used to name the
various
instance specific files and directories in the file system, as well as
for other uses as a server instance identifier.
[08/01/07:23:14:47] - [Setup] Info Directory server identifier
[08/01/07:23:14:48] - [Setup] Info localhost
[08/01/07:23:14:48] - [Setup] Info The suffix is the root of your
directory tree. The suffix must be a valid DN.
It is recommended that you use the dc=domaincomponent suffix convention.
For example, if your domain is example.com, you should use
dc=example,dc=com for your suffix.
Setup will create this initial suffix for you, but you may have more
than one suffix.
Use the directory server utilities to create additional suffixes.
[08/01/07:23:14:48] - [Setup] Info Suffix
[08/01/07:23:14:52] - [Setup] Info dc=localdomain
[08/01/07:23:14:52] - [Setup] Info Certain directory server operations
require an administrative user.
This user is referred to as the Directory Manager and typically has a
bind Distinguished Name (DN) of cn=Directory Manager.
You will also be prompted for the password for this user. The
password must be at least 8 characters long, and contain no spaces.
[08/01/07:23:14:52] - [Setup] Info Directory Manager DN
[08/01/07:23:14:53] - [Setup] Info cn=Directory Manager
[08/01/07:23:14:53] - [Setup] Info Password
[08/01/07:23:15:02] - [Setup] Info Password (confirm)
[08/01/07:23:15:05] - [Setup] Info The Administration Server is
separate from any of your web or application servers since it listens
to a different port and access to it is restricted.
Pick a port number between 1024 and 65535 to run your Administration
Server on. You should NOT use a port number which you plan to
run a web or application server on, rather, select a number which you
will remember and which will not be used for anything else.
[08/01/07:23:15:05] - [Setup] Info Administration port
[08/01/07:23:15:06] - [Setup] Info 9830
[08/01/07:23:15:06] - [Setup] Info The interactive phase is complete.
The script will now set up your servers. Enter No or go Back if you
want to change something.
[08/01/07:23:15:06] - [Setup] Info Are you ready to set up your servers?
[08/01/07:23:15:10] - [Setup] Info yes
[08/01/07:23:15:10] - [Setup] Info Creating directory server . . .
[08/01/07:23:15:13] - [Setup] Info Your new DS instance 'localhost'
was successfully created.
[08/01/07:23:15:13] - [Setup] Info Creating the configuration
directory server . . .
[08/01/07:23:15:15] - [Setup] Info Beginning Admin Server creation . . .
[08/01/07:23:15:15] - [Setup] Info Creating Admin Server files and
directories . . .
[08/01/07:23:15:15] - [Setup] Info Updating adm.conf . . .
[08/01/07:23:15:15] - [Setup] Info Updating admpw . . .
[08/01/07:23:15:15] - [Setup] Info Registering admin server with the
configuration directory server . . .
[08/01/07:23:15:15] - [Setup] Info Updating adm.conf with information
from configuration directory server . . .
[08/01/07:23:15:15] - [Setup] Info Updating the configuration for the
httpd engine . . .
[08/01/07:23:15:15] - [Setup] Info Starting admin server . . .
[08/01/07:23:15:16] - [Setup] Info The admin server was successfully started.
[08/01/07:23:15:16] - [Setup] Info Admin server was successfully
created, configured, and started.
[08/01/07:23:15:16] - [Setup] Success Exiting . . .
Log file is '/tmp/setupIqi3Gn.log'
------------------------------------------------------
------------------------------------------------------
[General]
AdminDomain = localdomain
SuiteSpotGroup = fdsuser
ConfigDirectoryLdapURL = ldap://localhost.localdomain:389/o=NetscapeRoot
ConfigDirectoryAdminID = admin
SuiteSpotUserID = fdsuser
ConfigDirectoryAdminPwd = <pass>
FullMachineName = localhost.localdomain
[admin]
ServerAdminID = admin
ServerAdminPwd = <pass>
SysUser = fdsuser
Port = 9830
[slapd]
InstallLdifFile = suggest
ServerIdentifier = localhost
ServerPort = 389
AddOrgEntries = Yes
RootDN = cn=Directory Manager
RootDNPwd = <pass>
SlapdConfigForMC = yes
Suffix = dc=localdomain
UseExistingMC = 0
AddSampleEntries = No
------------------------------------------------------
------------------------------------------------------
Any ideas why I cannot log in the Management Console?
Thanks in advance!
-------------------------------------
Sportingbet.com
Залози на живо на всички срещи от Шампионска Лига!
http://bg.sportingbet.com/t/index.aspx?affiliate=mailbg10
16 years, 4 months
[Fedora-directory-users] Admin server startup errors 1.0.4-1 on RHEWS3
by Ken Marsh
Hi all,
I gave up on ES5 64 bit due to the FDS/Apache 2.2 httpd.conf conflicts.
I guess I could craft my own httpd.conf, but I'm not feeling creative.
:-)
I've installed fedora-ds-1.0.4-1.RHEL3.i386.opt.rpm on RHEWS3 where it
is much happier with the Apache 2.0 worker installed there. Once again
the admin server configuration bombed out, and I can start a console but
it finds on admin server to connect to. Once again, I hacked up the
*.conf.tmpl templates, copied up start-admin script and linked the
modules and the magic file in from their OS locations. Oh yeah, had to
set LD_LIBRARY_PATH to /opt/fedora-ds/bin/slapd/lib .
Now when I try to start the admin server, I get no stderr or stdout and
an exit value of 1. In the admin-serv/logs/error is:
[Thu Jan 03 18:19:53 2008] [error] (1)Operation not permitted:
mod_mime_magic: can't read magic file
/opt/fedora-ds/admin-serv/conf/magic
[Thu Jan 03 18:19:54 2008] [crit] mod_admserv_post_config(): unable to
create AdmldapInfo
Configuration Failed!
[Thu Jan 03 18:57:46 2008] [crit] mod_admserv_post_config(): unable to
create AdmldapInfo
Configuration Failed!
When I try to check on the config information in the DS, I get this
error:
# ./ldapsearch -b o=netscaperoot -D "cn=directory manager" -w
'mypassword' "objectclass=nsAdminConfig" dn
ldap_search: No such object
Any ideas? It looked like the admin server setup script bombed out
before it populated the directory server (which seems to be running).
How do I duplicate what it was supposed to do?
Perhaps a deeper question, why does the admin setup script bomb out on
two very different architectures?
Thanks,
Ken.
16 years, 4 months
Re: [Fedora-directory-users] Setting up Multi-Master replication between 7.1 and 1.0.1-4
by Ken Marsh
Ulf,
Thanks for that info. I have a lot to learn.
I just got around the issue by re-installing 1.0.1-4 and having telling
the setup script to save both sets of config data locally. Then the
mmr.pl script ran flawlessly. You helped by helping me sort out the
repman issues.
I now have a second DS with multi-master replication! Woohoo! No more
single point of failure.
There are some other things I'd like to setup, I think I'll start a new
thread, though.
-Ken.
16 years, 4 months
[Fedora-directory-users] Fedora 1.0.4 and remote console
by kiran madala
Hi,
I think this question might have been asked before. I installed fedora 1.0.4 ds and admin on CentOS 5. The servers run fine and I am using remote console to view the contents. The console connects fine but the servers are not visible.
I only have the command line on CentOS so I wanted to use remote admin console. Alternatively can I use fedora 1.1 ds on CenOS 5?
Thanks in advance
_________________________________________________________________
Use fowl language with Chicktionary. Click here to start playing!
http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig
16 years, 4 months
[Fedora-directory-users] Windows Active Directory sync Help!
by kiran madala
Hello,
I am trying to sync the DS with AD. Since I am new to AD and DS I have few questions.
I want to synchronize only users and groups so Is it necessary to enable SSL on Active Directory and connect to Active directory through SSL?
In the replica settings the supplier DN user need to be on both AD and DS with should be a Domain admin of the AD?
When trying to synchronize with AD the bind DN (In screen shot) user should be in both AD and DS?
I have attached the screen shot of my final DS agreement window. I believe currently it is defined to synchronize users what changes I need to make it synchronize groups aswell.
Thanks in advance
_________________________________________________________________
Exercise your brain! Try Flexicon!
http://puzzles.sympatico.msn.ca/chicktionary/index.html?icid=htmlsig
16 years, 4 months
Re: [Fedora-directory-users] Setting up Multi-Master replication between 7.1 and 1.0.1-4
by Ken Marsh
Ulf,
Thanks, you gave me some things to look at. The spacing seems to be OK,
and the same code worked to do the Replica object insertion into the 7.1
server.
I think the problem is that when I configured the 1.0.1-4 server, I had
it store the config data in the 7.1 server. As a result, the "mapping
tree" part of config does not have a subordinate named
"dc=company,dc=com". So, when the mmr.pl script goes to insert the
Replica object, it fails.
I wonder if this is because I had the setup script store config
information for 1.0.1-4 in 7.1. Perhaps if it was stored locally I could
start multi-master?
-Ken.
16 years, 4 months