question
by nima rafiee
hi
I installed fedra-directory server .
It worked till I install perl -ol-schema.pl and aldo stupssh.12 to use samba
but after I did I couldnt login to fedora-ds console the error is bad : usr
and password for directory manager of directoy problem but Im sure that my
userid is cn=directory manger and my pass is correct too
what should i do
I dont know this erro is because of those file that i installed or somthing
else
13 years, 7 months
nsDirectoryServerTask objectClass
by Juan Asensio Sánchez
Hi
I am trying to create a task to update the index database, according
to the instructions described here:
- http://www.redhat.com/docs/manuals/dir-server/8.1/admin/applying-indexes....
- http://directory.fedoraproject.org/wiki/Task_Invocation_Via_LDAP_Design
But when I create the task from a Perl script, i get an error about
unknown object class:
my $entry = Net::LDAP::Entry->new();
$tmp_index_name = 'cn';
my $cn = "$tmp_index_name index task";
$entry->dn("cn=$cn, cn=index, cn=tasks, cn=config");
$entry->add('objectClass' => ['nsDirectoryServerTask']);
$entry->add('cn' => $cn);
$entry->add('nsindexattribute' => "\"eq:pres\"");
my $res = $entry->update($ldap_conn);
The error is 'unknown object class "nsDirectoryServerTask"'. Where is
that objectClass defined?
# rpm -qa | grep -i fedora
fedora-ds-admin-1.1.1-1.fc6
fedora-ds-1.1.0-3.fc6
fedora-ds-base-1.1.0-3.fc6
fedora-admin-console-1.1.0-4.fc6
fedora-idm-console-1.1.0-5.fc6
fedora-ds-console-1.1.0-5.fc6
# uname -a
Linux grsgscbulp0301.sacyl.es 2.6.18-128.1.10.el5.centos.plusPAE #1
SMP Mon May 11 07:51:33 EDT 2009 i686 i686 i386 GNU/Linux
Regards and thanks in advance.
13 years, 7 months
my email
by nima rafiee
rafiee.nima(a)gmail.com
13 years, 7 months
Console error after upgrading to renamed389 packages
by Anthony Joseph Messina
When I attempt to connect using the 389-console, I get the following errors in
the admin-serv/errors log as if the 389-console is still looking for the wrong
files:
[Sat Aug 15 12:54:49 2009] [error] [client 192.168.1.11] File does not exist:
/usr/share/dirsrv/html/java/jars
[Sat Aug 15 12:54:49 2009] [error] [client 192.168.1.11] File does not exist:
/usr/share/dirsrv/html/java/fedora-admin-1.1.jar
[Sat Aug 15 12:54:49 2009] [error] [client 192.168.1.11] File does not exist:
/usr/share/dirsrv/html/fedora-admin-1.1.jar
Is anyone else having this problem? Any ideas on how to fix it?
--
Anthony - http://messinet.com - http://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
13 years, 7 months
LDAP Monitoring CN=Monitor
by Andreas Andersson
Hi!
My name is Andreas and I want to inform you about a little project
I've been working with the last couple of months called CN=Monitor.
It's about monitoring and verifiying directory servers with focus on
389/RHDS. From single installed servers to large scaled deployments.
Its a webbased application where you can:
* Verify availability, compare load and performance between servers
* Collect historical events for long term analysis (and get weekly
reports by mail)
* Verify cluster and load balancing functionality
* Query several directories at the same time for data consistancy
verification
... and a lot more.
Project page:
http://cnmonitor.sourceforge.net
Freshmeat:
http://freshmeat.net/projects/cnmonitor
Tell me what you think! I'm right now working on version 1.1 so if you
have any feature requests let me know!
Best regards - Andreas Andersson
13 years, 7 months
SSH config with FDS
by Prashanth Sundaram
All,
I am having trouble configured SSH access using FDS. I am trying to
configure using the host attribute in the directory schema to verify the
accesss. I enabled pam_check_host_attr, pam_lookup_policy,
pam_login_attribute=uid, pam_password_clear_remove_old and respective uri in
ldap.conf. Please note I have not enabled ssl in my DS, I am trying to do
this one-step at a time. Is there any extra parameters need to be
configured?
Since my db is imported from openldap and AD, I have stripped it to basic
schema and here it is. Just to see if this has to do anything.
dn: uid=username,ou=People,dc=fedorads,dc=net cn: Firstname Lastname gecos:
Firstname Lastname gidNumber: 2005 homeDirectory: /home/username loginShell:
/bin/bash objectClass: top objectClass: account objectClass: posixAccount
uid: amolinaro uidNumber: 2105 userPassword: {MD5}/42DQx3FHKdMlGHAspWv1lFg
13 years, 7 months
Post upgrade to 389-ds* from fedora-ds*
by Anthony Joseph Messina
The upgrade has beem quite rough as seen by my previous email today. I am now
able to use the 389-console to access my upgraded 389ds server and admin
server.
Most of the issues seem to relate to the fact that I had SSL enabled on my
admin server which is a problem if you attempt to upgrade via the instructions
here:
http://www.redhat.com/docs/manuals/dir-server/8.1/install/upgrade.html
the setup-ds-admin.pl -u command wants you to enter a new CA cert, even though
I already had one in there.
Also, once I finally got around that, I now am not able to use the "Manage
Certificates" task/utility as it appears that I don't have the netscape
pkcs#11 internal security module installed, though I can access the server
just fine with TLS/SSL.
I also cannot configure the admin server via the console with a message:
"no protocol: asmin-serv/tasks/Configuration/ServerSetup"
See the attached screenshots.
Any help is appreciated. I had done a lot of reading about updating before I
did this and it turned out to be a disaster anyway.
--
Anthony - http://messinet.com - http://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
13 years, 7 months
Disable SSL in Administration server from command line?
by Wolf Siedler
Hi,
I probably caused a major hiccup in my system - I can't log onto anymore
by the Java console to the Administration Server. Unfortunately, my
direcory server knowledge is not yet very deep so I got lost now.
Last action I had done before that the attempted removal of SSL
encryption from the Administration Server.
Originally, I had connected with SSL encryption to the Admin Server.
I then went to Configuration - Encryption, unchecked "Enable SSL for
this server" saved everything and restarted dirsrv-admin on the command
line.
The outcome was as desired: Originally I connected the console by
"https://admin.example.com:20126". After this change, connecting via
"http://admin.example.com":20126" worked. In both cases, I connected
from a remote PC.
But then I goofed by rechecking "Enable SSL for this server" and saving
the settings (nothing else was changed, in particular not the previously
working certificate settings). After I few distractions I had forgotten
about this and restarted the dirsrv-admin.
Since then I can't log on via fedora-idm-console anymore. Neither
"https://admin.example.com:20126" nor "http://admin.example.com":20126"
works anymore.
For https://admin.example.com:20216, I get the error:
Cannot connect to the Admin Server "https://admin.example.com:20126"
The URL is not correct or the server is not working.
For http://admin.example.com:20216, I get this error:
Cannot log on because of an incorrect User ID, Incorrect password or
Directory problem.
java.io.EOFException: Connection lost
OK, the second failure I expected, but not the first one.
I ca not believe that it is a typing error in URL, user name or password
as all this information comes from a script and except for https/http,
there were no modifications at all to this script.
For both attempts, /var/log/dirsrv/admin-serv/error shows
> [Fri Aug 14 16:19:05 2009] [error] SSL Library Error: -12268 Cannot
> connect: SSL is disabled
> [Fri Aug 14 16:19:25 2009] [error] SSL Library Error: -12268 Cannot
> connect: SSL is disabled
> [Fri Aug 14 16:32:39 2009] [error] SSL Library Error: -12268 Cannot
> connect: SSL is disabled
> [Fri Aug 14 16:35:26 2009] [error] SSL Library Error: -12268 Cannot
> connect: SSL is disabled
So it seems to me as if during the attempted reenabling of SSL on the
Admin Server, something went really wrong.
Hence my question:
Is it possible to force SSL usage from the Admin Server by command line?
I saw
http://directory.fedoraproject.org/wiki/Howto:SSL#Starting_the_Server_wit...
and hoped that something similar is possible in reverse direction?
Is there any way to overcome this problem? It would be most appreciated
is a complete reinstallation could be avoided. I was on the way to a
full backup (I do have an LDIF export) when I encountered problems and
messed up things while trying to get the backup done.
Any advice would be highly appreciated!
Regards,
Wolf
PS:
Installed versions are:
fedora-ds-1.1.2-1.fc6
fedora-idm-console-1.1.1-1.fc6
fedora-ds-dsgw-1.1.1-1.fc6
fedora-ds-admin-console-1.1.2-1.fc6
fedora-ds-base-1.1.3-2.fc6
fedora-ds-console-1.1.2-1.fc6
fedora-ds-admin-1.1.6-1.fc6
13 years, 7 months
Disable SSL in Administration server from command line?
by Wolf Siedler
As a follow-up:
The console also doesn't work (same errors) locally on the machine where
the directory server is installed.
I would also consider most helpful any advice on how to properly enable
SSL from command line (again) for the Admin Server.
Either way - as long as I can get the console operational again...
Many thanks for any advice!
Regards,
Wolf
13 years, 7 months
