Re: Erasing and rewriting 389
by Patrick Landry
Well, I am far from an expert but if the directory server is working properly
then your scripts have to create your DIT. If you are running a script to create
the dc=tld,dc=dn entry and it is not being created there must be some error
there.
----- Original Message -----
From: "Charlie Mordant" <cmordant1(a)gmail.com>
To: "General discussion list for the 389 Directory server project." <389-users(a)lists.fedoraproject.org>
Sent: Tuesday, April 26, 2016 11:59:28 AM
Subject: [389-users] Re: Erasing and rewriting 389
Hi Patrick,
Yes, my script does the exact inverse of the procedure.
I didn't see any error while reinstalling, setup-ds-admin.pl says that all is right...
Regards
Le 25 avr. 2016 23:35, "Patrick M. Landry" < patrick.landry(a)louisiana.edu > a écrit :
<blockquote>
That's pretty much the steps I follow to completely remove
a 389 DS installation.
I presume your "existing scripts" attempt to recreate your DIT. Do they
produce any error messages?
<blockquote>
From: "Charlie Mordant" < cmordant1(a)gmail.com >
To: "General discussion list for the 389 Directory server project." < 389-users(a)lists.fedoraproject.org >
Sent: Monday, April 25, 2016 3:51:28 PM
Subject: [389-users] Erasing and rewriting 389
Hi Laposte experts (French national mailing delivery)!
I'm trying some experiments some simple things on 389 ds.
I've an existing 389 installation, with some users, groups and acls (on fedora 21), and I'm trying to uninstall, erase my existing ldap to reinstall it.
So my script is:
* remove-ds-admin.pl -a -f -y
* service stop (dirsrv@myldap, dirsrv-admin)
* yum uninstall 389-*
* rm -rf /**dirsrv*/**
* then reinstalling with my existing script.
As it looks like a nice thing, it seems that there's a catch: my dc=tld,dc=dn subgroups are not created.
Is there something somewhere that I should be aware to be able to remove everything?
Best regards,
Charlie
--
Charlie Mordant
Full OSGI/EE stack made with Karaf: https://github.com/OsgiliathEnterprise/net.osgiliath.parent
--
389-users mailing list
389-users(a)lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
--
Patrick Landry
Director, UCSS
University of Louisiana at Lafayette
pml(a)louisiana.edu
--
389-users mailing list
389-users(a)lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
</blockquote>
--
389-users mailing list
389-users(a)lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
</blockquote>
--
Patrick Landry
Director, UCSS
University of Louisiana at Lafayette
pml(a)louisiana.edu
7 years, 11 months
How to delete bad entry based on ID?
by Addison Laurent
After an upgrade, replication has stopped. Looking at the problem, I
(also?) found this:
[05/May/2016:15:25:17 -0400] - str2entry returned NULL for id 72659,
string="dn"
dbscan -f /var/lib/dirsrv/slapd-fjord/db/userRoot/id2entry.db4 -K 72659
id 72659
id 72659
dn: cn=,ou=Groups,dc=cise,dc=ufl,dc=edu
cn;vucsn-502edefb000000010000;mdcsn-502edefb000000010000:
gidNumber;vucsn-502edefb000000010000: 11523
memberUid;vucsn-502edefb000000010000:
ntUserDomainId;vucsn-502edefb000000010000:
objectClass;vucsn-502edefb000000010000: top
objectClass;vucsn-502edefb000000010000: groupofuniquenames
objectClass;vucsn-502edefb000000010000: posixgroup
objectClass;vucsn-502edefb000000010000: ntgroup
uniqueMember;vucsn-502edefb000000010000:
uid=,ou=Users,dc=cise,dc=ufl,dc=edu
creatorsName;vucsn-502edefb000000010000:
uid=suser,dc=cise,dc=ufl,dc=edu
modifiersName;vucsn-502edefb000000010000:
uid=suser,dc=cise,dc=ufl,dc=edu
createTimestamp;vucsn-502edefb000000010000: 20120818001644Z
modifyTimestamp;vucsn-502edefb000000010000: 20120818001644Z
nsUniqueId: e8d26a81-e8c911e1-ba42b7ef-aa3939d0
parentid: 3
entryid: 72659
entrydn: cn=,ou=groups,dc=cise,dc=ufl,dc=edu
How do I delete that based on id, since the cn is blank?
Thanks,
Addison
7 years, 11 months
Admin-server connection
by Job Cacka
Recently, I was researching samba connections, and noticed that the Linux 'Domain Users' group was displaying as the Unix GID number instead of the name. I went to login to the admin-server express from 'https://zigzag.ccbox.com:9830/dist/download' and that page loads but when I click on the link I get.
"
Internal Server Error
The server encountered an internal error ormisconfiguration and was unable to completeyour request.Please contact the server administrator, [no address given] and inform them of the time the error occurred,and anything you might have done that may havecaused the error.More information about this error may be availablein the server error log.ADDRESS:
Apache/2.2 Server at zigzag.ccbox.com Port 9830
"
So I went over to the 389 Management Console on my Windows box and I enter cn=Directory Manager the password and https://zigzag.ccbox.com:9830 and I get a message saying the URL is not correct or the server is not running. For kicks and giggles I tried it with http instead of https and it gives an error that says,"Cannot logon because of an incorrect User ID, Incorrect password, or Directory problem. java.io.InterruptedIOExceptio: HTTP response timeout"Which indicates to me that the correct protocol should be https:
To further verify this I ran the following command at the Linux CLI on the server and a server that communicates with it.
ldapsearch -H ldaps://zigzag.ccbox.com [-x] -b o=netscaperoot -D "cn=directory manager" -W "objectclass=nsAdminConfig"
This returns 129 responses, but I don't know if they are valid or make sense. They look like they are unique to my system.
Here is a pastbin of some error logs I noticed after I restarted the admin server with stop-ds-admin and start-ds-admin.
#357156 • Fedora Project Pastebin
|
|
|
| | |
|
|
|
| |
#357156 • Fedora Project Pastebin
Fedora Sticky Notes is a feature-rich, yet lightweight paste utility | |
|
|
Job Cacka
7 years, 11 months