Ok, this is just great. I've locked myself out of the admin
server now,
and no ips can connect. So... I'll try the admconfig tool mentioned in
the console.pdf file... oh great, that doesn't work either:
[root@corporate-ds admin]# ./admconfig --h
./admconfig: line 55: /opt/fedora-ds/bin/base/jre/bin/java: No such file or directory
./admconfig: line 55: exec: /opt/fedora-ds/bin/base/jre/bin/java: cannot execute: No such
file or directory
[root@corporate-ds admin]# ls -l /opt/fedora-ds/bin/
admin/ slapd/ user/
Can I manually edit some config files somewhere to allow this to work?
Also, I come in today to find the replication server's admin console doing this:
[Fri Dec 16 11:30:22 2005] [notice] [client 10.5.1.202] unable to bind to server
[ldap02.inside.*****.com:389] as [cn=admin-serv-ldap02, cn=Fedora Administration Server,
cn=Server Group,
cn=ldap02.inside.******.com,
ou=inside.*******.com, o=NetscapeRoot]
[Fri Dec 16 11:30:22 2005] [crit] populate_tasks_from_server(): Unable to search
[cn=admin-serv-ldap02, cn=Fedora Administration Server, cn=Server Group,
cn=ldap02.inside.*****.com,
ou=inside.***************.com, o=NetscapeRoot] for
LDAPConnection [ldap02.inside.*********.com:389]
[Fri Dec 16 11:30:22 2005] [crit] [client 10.5.1.202] admserv_check_authz(): Task
[cn=statusping, cn=operation, cn=tasks, cn=admin-serv-ldap02, cn=fedora administration
server, cn=server group,
cn=ldap02.inside.*************.com,
ou=inside.*********************.com, o=netscaperoot] not found for user [uid=admin,
ou=Administrators, ou=TopologyManagement, o=NetscapeRoot] - either the task was not
registered or the user was not authorized
And the admin console server won't start with this error:
[Fri Dec 16 11:39:31 2005] [crit] mod_admserv_post_config(): unable to build user/group
LDAP server info: unable to set User/Group baseDN
Anybody got any clues what is going on? I seem to be having some pretty bad luck here.
Thanks again.
On Fri, 2005-12-16 at 11:29 -0600, Michael Montgomery wrote:
> >You need to set hostnames to allow to NULL or empty - if there is anything
there, it will assume you want to do access based on host/domain name, which must have the
correct DNS /etc/nsswitch.conf or /etc/hosts configuration.
>
> Thank you,
> Thank you.
>
> When it mentions that you can use wildcards, it simply causes confusion.