I have been attempting to add the entries suggested in https://bugzilla.redhat.com/show_bug.cgi?id=431103.  When i go to users and groups in the Directory Console, it is blank.  When i choose create, it gives me an option to connect to another DS.  when i select that, the default values for User Directory Host and User Directory subtree are (null).  Bind userID is blank.  If I update these to Host to localhost and Bind User ID to cn=Directory Manager, I get this error:  "Specified Base DN is not valid:  netscape.ldap.LDAPException: error result(32); No such object"  Does User Directory Subtree affect this error?  What should it be?  I tried dc=domain,dc=org.

I also get a "No such object" error when I try to connect to the directory now with the LDAP Admin client.

So at this point, I am unable to add to the Directory, so I cannot try the workaround suggested in Bug 431103.

Additional information:  from the host itself, i am able to query

/usr/bin/ldapsearch -x -h domain.org -p portNumber -s base -b "" "objectclass=*"
and it returns
result: 32 No such object

This seems to show to me that the host can access itself via the domain, and that something else is still wrong, because it is now returning error 32.

nick

On Fri, Feb 29, 2008 at 10:30 AM, Rich Megginson <rmeggins@redhat.com> wrote:
Nick P wrote:
> I am trying to install and configure my first FDS, and first LDAP
> server.  I have spent many hours with little fruit so far.  Currently,
> I am receiving an error at the end of the setup-ds-admin script:
> [08/02/29:02:37:41] - [Setup] Fatal Could not register the directory
> server with the configuration directory server.
>
> The error is similar to what is described in this bug:
> https://bugzilla.redhat.com/show_bug.cgi?id=431103.  However, my
> configuration directory is _not_ on another host.  I answered 'no' to
> the question of whether I would be registering with a current
> configuration server.  I don't know if the solution presented there
> would work - I am forwarding a port to the server, and do not have a
> hostname.domain.org to use there.  I have had trouble adding entries,
> so if I added them and it didn't fix the problem, I would not know if
> the solution failed or if I failed to add the entries properly.   The
> server is NAT'ed and receiving a forwarded port.  so I have been using
> mydomain.org for the servername and identifying the port that gets
> forwarded.
>
> If you can help me make some sense of this, I would very much
> appreciate it.  If the workaround in the bug above is the answer,
> could you address my specific situation of not having a FQDN with a
> host and everything - how will this effect the entries?  After failing
> to add entries with success many times I have started to use a windows
> client, Ldapadmin - could I use this, if the work around is the
> solution?  Should the entries go in o=netscaperoot or dc=domain,dc=org
> ?
>
You should use dc=domain,dc=org for your user and group entries.
> I am also including a portion of the log file that was created during
> the installation.  Is there anything here that shows what the root of
> the problem is?
>
I think the problem is that the setup script assumes that if you want
the server to use hostname ldap.domain.org then the hostname
ldap.domain.org must be available to resolve to the setup program.  I
suppose an enhancement to setup would be to allow you to specify the
hostname you want the client requests to use, and the hostname you want
the setup program to use internally to connect to and set up the server.
> Thanks,
>
> Nick
>
> --------------------
>
> +Entry cn=topologyplugin, ou=1.1, ou=Admin, ou=Global Preferences,
> ou=admin, o=NetscapeRoot is added
> +++check_and_add_entry: Entry not found cn=defaultplugin,
> cn=topologyplugin, ou=1.1, ou=Admin, ou=Global Preferences, ou=admin,
> o=NetscapeRoot error No such object
> +Entry cn=defaultplugin, cn=topologyplugin, ou=1.1, ou=Admin,
> ou=Global Preferences, ou=admin, o=NetscapeRoot is added
> +++check_and_add_entry: Entry not found cn=UI,ou=1.1, ou=Admin,
> ou=Global Preferences, ou=admin, o=NetscapeRoot error No such object
> +Entry cn=UI,ou=1.1, ou=Admin, ou=Global Preferences, ou=admin,
> o=NetscapeRoot is added
> +Processing /usr/share/dirsrv/data/12dsconfig.mod.tmpl ...
> +++check_and_add_entry: Found entry cn=config
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl
> "Configuration Administrators Group"; allow (all)
> groupdn="ldap:///cn=Configuration Administrators, ou=Groups,
> ou=TopologyManagement, o=NetscapeRoot";) to entry cn=config
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl
> "Configuration Administrator"; allow (all) userdn="ldap:///uid=admin,
> ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";) to entry
> cn=config
> +++Adding attr=aci value=(targetattr = "*")(version 3.0; acl "SIE
> Group"; allow (all) groupdn = "ldap:///cn=slapd-server, cn=Fedora
> Directory Server, cn=Server Group, cn=server, ou=admin,
> o=NetscapeRoot";) to entry cn=config
> +++check_and_add_entry: Found entry cn=SNMP,cn=config
> +++Adding attr=aci
> value=(target="ldap:///cn=SNMP,cn=config")(targetattr !="aci")(version
> 3.0;acl "snmp";allow (read, search, compare)(userdn =
> "ldap:///anyone");) to entry cn=SNMP,cn=config
> +++check_and_add_entry: Found entry
> oid=2.16.840.1.113730.3.4.9,cn=features,cn=config
> +++Adding attr=aci value=(targetattr != "aci")(version 3.0; acl "VLV
> Request Control"; allow( read, search, compare, proxy ) userdn =
> "ldap:///all";) to entry
> oid=2.16.840.1.113730.3.4.9,cn=features,cn=config
> +Processing /usr/share/dirsrv/data/13dsschema.mod.tmpl ...
> +++check_and_add_entry: Found entry cn=schema
> +++Adding attr=aci value=(target="ldap:///cn=schema")(targetattr
> !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search,
> compare) userdn = "ldap:///anyone";) to entry cn=schema
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl
> "Configuration Administrators Group"; allow (all)
> groupdn="ldap:///cn=Configuration Administrators, ou=Groups,
> ou=TopologyManagement, o=NetscapeRoot";) to entry cn=schema
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl
> "Configuration Administrator"; allow (all)
> userdn="ldap:///uid=admin,ou=Administrators, ou=TopologyManagement,
> o=NetscapeRoot";) to entry cn=schema
> +++Adding attr=aci value=(targetattr = "*")(version 3.0; acl "SIE
> Group"; allow (all) groupdn = "ldap:///cn=slapd-server, cn=Fedora
> Directory Server, cn=Server Group, cn=server, ou=admin,
> o=NetscapeRoot";) to entry cn=schema
> +Processing /usr/share/dirsrv/data/14dsmonitor.mod.tmpl ...
> +++check_and_add_entry: Found entry cn=monitor
> +++Adding attr=aci value=(target ="ldap:///cn=monitor*")(targetattr !=
> "aci || connection")(version 3.0; acl "monitor"; allow( read, search,
> compare ) userdn = "ldap:///anyone";) to entry cn=monitor
> +Processing /usr/share/dirsrv/data/16dssuffixadmin.mod.tmpl ...
> +++check_and_add_entry: Entry not found dc=hpconnect,dc=org error No such object
> Could not authenticate as user 'uid=admin, ou=Administrators,
> ou=TopologyManagement, o=NetscapeRoot' to server
> 'ldap://server:46645/o=NetscapeRoot'.  Error: Invalid credentials
> Could not register the directory server with the configuration directory server.
>
>
> -----------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>


--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users