[Fedora-directory-users] Fedora-idm-console does not accept password
by Joe W. Byers
I installed FDS 1.1 the other day on my redhat EL5 server. Tested the
system and it seem to be working. When I execute fedora-idm-console -D
9 -a https://financialseal:9380 -f console.log the console window locks
on the password field. Tab does not work, enter does not work,
nothing. The OK button stays disabled. The other fields are fine. I
think it has something to do with my java version. I have tried every
one from 1.4.2 (ibm/bea) through 1.6 (bea/sun)
I can access the DS using the windows tool on my XP box, login in, and
browse to all tabs. I can log in to the DS using my browser on both my
server, my xp box, and my other linux computer here at home.
Only on my server does this error occur. my console.log dump is below.
Any suggestions would be greatly appreciated.
Thank you in advance.
java.util.prefs.userRoot=/root/.fedora-idm-console
java.runtime.name=Java(TM) SE Runtime Environment
sun.boot.library.path=/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre/lib/i386
java.vm.version=10.0-b19
java.vm.vendor=Sun Microsystems Inc.
java.vendor.url=http://java.sun.com/
path.separator=:
java.vm.name=Java HotSpot(TM) Server VM
file.encoding.pkg=sun.io
sun.java.launcher=SUN_STANDARD
user.country=US
sun.os.patch.level=unknown
java.vm.specification.name=Java Virtual Machine Specification
user.dir=/root
java.runtime.version=1.6.0_05-b13
java.awt.graphicsenv=sun.awt.X11GraphicsEnvironment
java.endorsed.dirs=/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre/lib/endorsed
os.arch=i386
java.io.tmpdir=/tmp
line.separator=
java.vm.specification.vendor=Sun Microsystems Inc.
os.name=Linux
sun.jnu.encoding=UTF-8
java.library.path=/usr/lib
java.specification.name=Java Platform API Specification
java.class.version=50.0
sun.management.compiler=HotSpot Tiered Compilers
os.version=2.6.18-84.el5PAE
user.home=/root
user.timezone=America/Chicago
java.awt.printerjob=sun.print.PSPrinterJob
file.encoding=UTF-8
java.specification.version=1.6
java.class.path=/usr/lib/java/jss4.jar:/usr/share/java/ldapjdk.jar:
/usr/share/java/idm-console-base.jar:/usr/share/java/idm-console-mcc.jar:
/usr/share/java/idm-console-mcc_en.jar:/usr/share/java/idm-console-nmclf.jar:
/usr/share/java/idm-console-nmclf_en.jar:
/usr/share/java/fedora-idm-console-1.1.1_en.jar
user.name=root
java.vm.specification.version=1.0
java.home=/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre
sun.arch.data.model=32
java.util.prefs.systemRoot=/root/.fedora-idm-console
user.language=en
java.specification.vendor=Sun Microsystems Inc.
java.vm.info=mixed mode
java.version=1.6.0_05
java.ext.dirs=/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre/lib/ext:
/usr/java/packages/lib/ext
sun.boot.class.path=/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre/lib/resources.jar:
/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre/lib/rt.jar:
/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre/lib/sunrsasign.jar:
/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre/lib/jsse.jar:
/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre/lib/jce.jar:
/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre/lib/charsets.jar:
/usr/lib/jvm/java-1.6.0-sun-1.6.0.5/jre/classes
java.vendor=Sun Microsystems Inc.
file.separator=/
java.vendor.url.bug=http://java.sun.com/cgi-bin/bugreport.cgi
sun.io.unicode.encoding=UnicodeLittle
sun.cpu.endian=little
sun.cpu.isalist=
Fedora-Management-Console/1.1.0 B2007.354.1015
RemoteImage: NOT found in cache
loader16032330:com/netscape/management/nmclf/icons/Error.gif
RemoteImage: Create RemoteImage cache for loader16032330
RemoteImage: NOT found in cache
loader16032330:com/netscape/management/nmclf/icons/Inform.gif
RemoteImage: NOT found in cache
loader16032330:com/netscape/management/nmclf/icons/Warn.gif
RemoteImage: NOT found in cache
loader16032330:com/netscape/management/nmclf/icons/Question.gif
ResourceSet: NOT found in cache
loader16032330:com.netscape.management.client.components.components
RemoteImage: NOT found in cache
loader16032330:com/netscape/management/client/theme/images/logo16.gif
RemoteImage: NOT found in cache
loader16032330:com/netscape/management/client/theme/images/login.gif
ResourceSet: NOT found in cache
loader16032330:com.netscape.management.client.util.default
ResourceSet: found in cache
loader16032330:com.netscape.management.client.util.default
JButtonFactory: button width = 54
JButtonFactory: button height = 19
JButtonFactory: button width = 54
JButtonFactory: button height = 19
JButtonFactory: button width = 90
JButtonFactory: button height = 19
JButtonFactory: button width = 90
JButtonFactory: button height = 19
JButtonFactory: button width = 72
JButtonFactory: button height = 19
JButtonFactory: button width = 72
JButtonFactory: button height = 19
JButtonFactory: button width = 54
JButtonFactory: button height = 19
JButtonFactory: button width = 90
JButtonFactory: button width = 72
ResourceSet: found in cache
loader16032330:com.netscape.management.client.util.default
16 years
[Fedora-directory-users] Manage Password Policy
by 田中 康平
i try to set up fedora ds recentry.
so, i have one problem.
$ /usr/bin/fedora-idm-console &
click Directory Server
click Directory tab
rigth click on People of left panel
Manage Password Policy -> For user... or For subtree select
display set field but immediately window widget is all grey color,
don't work!
but new -> user... group... is good. work fine.
so, i try to install jdk1.7.0(IcedTea) or jdk1.6.0_10 or jdk1.6.0_05 or
jdk1.5.0_15
but, it's same on jdk1.7.0(IcedTea) or jdk1.6.0_10 or jdk1.6.0_05
OS: fedora6(DELL PowerEdge440) or fedora8(DELL PowerEdge840)
both is same problem.
16 years
[Fedora-directory-users] warnings in /var/log/secure
by Aaron Bliss
Hi everyone,
I have several redhat 4 and 5 machines authenticating successfully
against our ldap servers. I used authconfig to configure the clients
and everything works great, ssh, vsftp, etc. However, for some reason,
I always see a log entry similar to the following in /var/log/secure,
even though the login works;
Apr 10 08:34:27 server1 sshd[30937]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.21.80.195
user=user1
Here is the contents of /etc/nsswitch.conf
cat /etc/nsswitch.conf | grep -v \#
passwd: files ldap
shadow: files ldap
group: files ldap
hosts: files dns
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files ldap
rpc: files
services: files ldap
netgroup: files ldap
publickey: nisplus
automount: files ldap
aliases: files nisplus
Any ideas? Thanks for your help.
Aaron
16 years
[Fedora-directory-users] configuration prob with fedora-idm-console.bat
by Carol Gibbons
I've seen where other folks have had this problem with the Windows Admin
Console setup and it's perplexing. Any reasons why I can't get this
application to launch? It keeps coming up with set your java PATH error.
Any help would be appreciated. I have installed JRE 1.6.0_05
Thanks,
Carol
Here's my fedora-idm-console.bat with my modifications:
echo off
rem BEGIN COPYRIGHT BLOCK
rem Copyright (C) 2005 Red Hat, Inc.
rem All rights reserved.
rem
rem This library is free software; you can redistribute it and/or
rem modify it under the terms of the GNU Lesser General Public
rem License as published by the Free Software Foundation version
rem 2.1 of the License.
rem
rem This library is distributed in the hope that it will be useful,
rem but WITHOUT ANY WARRANTY; without even the implied warranty of
rem MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
rem Lesser General Public License for more details.
rem
rem You should have received a copy of the GNU Lesser General Public
rem License along with this library; if not, write to the Free Software
rem Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
rem END COPYRIGHT BLOCK
rem set the JAVA to use here
rem set JAVA=
if not "%JAVA%foo"=="foo" goto launch
where java > nul 2>&1 || goto findjre
set JAVA=C:\Program Files\Java\jre1.6.0_05\bin\java.exe
:findjre
rem look for Java Runtime Environment in registry
reg QUERY "HKLM\SOFTWARE\JavaSoft\Java Runtime Environment" > nul 2>&1 ||
goto findjdk
rem can we grab the java location from the registry?
rem set JAVA=
rem apparently not, in a batch file
rem goto launch
echo The Java Runtime Environment is installed on this machine, but the
echo command java.exe is not in your PATH. You can either make sure java.exe
echo is in the PATH, or edit this script to set JAVA to the full path of
echo java.exe
pause
goto end
:findjdk
reg QUERY "HKLM\SOFTWARE\JavaSoft\Java Development Kit" > nul 2>&1 || goto
nojava
rem can we grab the java location from the registry?
rem set JAVA=
rem goto launch
echo The Java Development Kit is installed on this machine, but the
echo command java.exe is not in your PATH. You can either make sure java.exe
echo is in the PATH, or edit this script to set JAVA to the full path of
echo java.exe
pause
goto end
:nojava
echo Java does not appear to be installed on this machine. Please download
and install the Java Runtime Environment and make sure the java.exe command
is in the PATH of this command.
pause
goto end
:launch
set BASEPATH=C:\Fedora Identity Management Console
set FIDMCONSOLEJARDIR=C:\Fedora Identity Management Console
set CONSOLEJARDIR=C:\Fedora Identity Management Console
set JSSDIR=C:\Fedora Identity Management Console
set LDAPJARDIR=C:\Fedora Identity Management Console
set PATH=C:\Fedora Identity Management Console;C:\Program
Files\Java\jre1.6.0_05\bin\java.exe
rem
rem Launch the Console
rem
echo on
"%JAVA%" "-Djava.library.path=%JSSDIR%" -cp
"%JSSDIR%\jss4.jar;%LDAPJARDIR%\ldapjdk.jar;%CONSOLEJARDIR%\idm-console-base.jar;%CONSOLEJARDIR%\idm-console-mcc.jar;%CONSOLEJARDIR%\idm-console-mcc_en.jar;%CONSOLEJARDIR%\idm-console-nmclf.jar;%CONSOLEJARDIR%\idm-console-nmclf_en.jar;%FIDMCONSOLEJARDIR%\fedora-idm-console_en.jar"
-Djava.util.prefs.systemRoot=%HOME%\.fedora-idm-console
-Djava.util.prefs.userRoot=%HOME%\.fedora-idm-console
com.netscape.management.client.console.Console %*
:end
16 years
[Fedora-directory-users] certutil
by ggistra@aol.com
Step 5 in section "Using certutil" of the?The Directory Server Administrator's Guide 7.1, Chapter 11, generates?"the encryption key" using the -G option. According to the certutil documentation, this generates a public/private key pair.?
What is this key pair used for? It doesn't seem?to be the key used for the self-signed ceritficate or the server certificate, as the -S switch on certutil -??judging by the available options for -S? - appears to generate a new key pair.
?
Thanks,
Gabi
16 years
[Fedora-directory-users] Windows Sync and Posix
by Glenn
We are trying to replicate user data between Fedora Directory 1.0.4 and
Active Directory using Windows Sync. It works fine until we add the posix
objectclass to users in FD. This seems to break replication. Can anyone
supply a workaround for this? Thanks. -G.
16 years
[Fedora-directory-users] Question about Fedora DS <-> MS AD Syncing
by Егор Дубин
Hi all! First of all, excuse me for my English :/
Not so long ago I've become a sysadmin of a Win2003 AD with ~14000 users and
~120 computers, placed into huge amount of OUs (60 or even more, I think).
Since LDAP functions of an AD are seem to be rather poor for me, I've tried
to start FDS, everything works fine, but as I've understood, am I to create
OUs in FDS by hand???
So, that is a quiestion: is there a way to sync OUs automatically??
----------
При покупке ноутбука HP - сумка HP в подарок!
Выбери ближайший магазин ЛИГИ!
http://www.cp.com.by/promo.html
16 years
[Fedora-directory-users] Preferred authentication mechanism - LDAPS or startTLS
by Chun Tat David Chu
Hi group,
I'm currently looking into LDAP authentication and would like to know about
what is the preferred authentication mechanism. If I want to use TLS for
authentication, should I use LDAPS or startTLS?
>From my understanding, LDAPS was introduced in LDAPv2 and startTLS is
introduced in LDAPv3.
I surfed on the Internet, and it appears that startTLS should be deprecating
LDAPS but a lot of people are still using LDAPS today.
Beside startTLS, what are some other popular LDAP authentication mechanisms
that is widely use in today's enterprise world?
Thanks!
David
16 years
[Fedora-directory-users] Loads of db log files, how to clean
by Kimmo Koivisto
Hello
My FDS (1.0.4 in RHEL4) is generating loads of db log files:
-rw------- 1 nobody nobody 10M Apr 9 22:32 log.0000011814
-rw------- 1 nobody nobody 10M Apr 9 22:36 log.0000011815
-rw------- 1 nobody nobody 10M Apr 9 22:40 log.0000011816
-rw------- 1 nobody nobody 10M Apr 9 22:44 log.0000011817
-rw------- 1 nobody nobody 10M Apr 9 22:48 log.0000011818
-rw------- 1 nobody nobody 10M Apr 9 22:53 log.0000011819
-rw------- 1 nobody nobody 10M Apr 9 22:57 log.0000011820
-rw------- 1 nobody nobody 10M Apr 9 23:01 log.0000011821
-rw------- 1 nobody nobody 10M Apr 9 23:05 log.0000011822
I just realized that I had unindexed attribute that was searched constantly. I
have ~500 entried stored to FDS. Can that cause massive db log files (now
17Gb) and can I just delete those? Or how to do the cleaning?
After realizing that the searches were mostly unindexed, I created index entry
to the attribute.
Regards,
Kimmo
16 years
