[Fedora-directory-users] Admin Server Failure
Ian Marks
imarks at comcast.net
Wed Aug 9 20:14:31 UTC 2006
I really appreciate your help!!
adm.conf
ldapHost: cac.example.com
ldapPort: 389
sie: cn=admin-serv-cac, cn=Fedora Administration Server, cn=Server
Group, cn=cac.example.com, ou=example.com, o=NetscapeRoot
siepid: xxxxxxxx
isie: cn=Fedora Administration Server, cn=Server Group,
cn=cac.example.com, ou=example.com, o=NetscapeRoot
port: 1389
ldapStart: slapd-cac/start-slapd
dbswitch.conf
directory default ldap://cac.example.com:389/o%3DNetscapeRoot
Richard Megginson wrote:
> Ian Marks wrote:
>> Here is the last few lines from the error log after enabling debug.
>>
>>
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
>> populate_tasks_from_server(): Added task entry
>> [cn=htmladmin,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>> administration server,cn=server
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:htmladmin:]
>> for user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
>> populate_tasks_from_server(): Added task entry
>> [cn=statpingserv,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>> administration server,cn=server
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:statpingserv:]
>> for user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
>> populate_tasks_from_server(): Added task entry
>> [cn=viewdata,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>> administration server,cn=server
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewdata:] for
>> user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
>> populate_tasks_from_server(): Added task entry
>> [cn=viewlog,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>> administration server,cn=server
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewlog:] for
>> user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
>> populate_tasks_from_server(): Added task entry
>> [cn=monreplication,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>> administration server,cn=server
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:monreplication:]
>> for user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
>> populate_tasks_from_server(): Added task entry
>> [cn=repl-monitor-cgi.pl,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora
>> administration server,cn=server
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:repl-monitor-cgi.pl:]
>> for user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
>> populate_tasks_from_server(): Added task entry
>> [cn=sync-task-sie-data,cn=commands,cn=admin-serv-cac,cn=fedora
>> administration server,cn=server
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for
>> user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428):
>> populate_tasks_from_server(): Added task entry
>> [cn=change-sie-password,cn=commands,cn=admin-serv-cac,cn=fedora
>> administration server,cn=server
>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for
>> user [LocalSuper]
>> [Wed Aug 09 19:22:22 2006] [crit] host_ip_init(): PSET failure:
>> Failed to create PSET handle (pset error = )
> Hm - just pset? The other ldap stuff is working fine. Please post
> your admin-serv/config/adm.conf and shared/config/dbswitch.conf - be
> sure to obscure any sensitive information first.
>>
>>
>> Ian
>>
>> Richard Megginson wrote:
>>> Ian Marks wrote:
>>>> I have the following ssl packages installed.
>>>> rpm -qa |grep ssl
>>>> openssl-0.9.7a-43.8
>>>> mod_ssl-2.0.52-22.ent.centos4
>>>> openssl-devel-0.9.7a-43.8
>>>> xmlsec1-openssl-1.2.6-3
>>>>
>>>> The directory server is running and appears to be working
>>>> correctly. Several other hosts are able to authenticate via pam
>>>> against this DS server. Here is the output of "sh -xv
>>>> start-admin", minus the copyright stuff:
>>>>
>>>> SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
>>>> + SERVER_ROOT=/opt/fedora-ds
>>>> + export SERVER_ROOT
>>>> NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
>>>> + NETSITE_ROOT=/opt/fedora-ds
>>>> + export NETSITE_ROOT
>>>> ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
>>>> + ADMSERV_ROOT=/opt/fedora-ds/admin-serv
>>>> + export ADMSERV_ROOT
>>>>
>>>> unset PASSWORD_PIPE
>>>> + unset PASSWORD_PIPE
>>>>
>>>> LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export
>>>> LD_LIBRARY_PATH
>>>> + LD_LIBRARY_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:
>>>> + export LD_LIBRARY_PATH
>>>> LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib;
>>>> export LIBPATH
>>>> +
>>>> LIBPATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:::/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib
>>>>
>>>> + export LIBPATH
>>>> SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
>>>> + SHLIB_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib::
>>>> + export SHLIB_PATH
>>>>
>>>> NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
>>>> + NS_SERVER_HOME=/opt/fedora-ds
>>>> + export NS_SERVER_HOME
>>>> PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
>>>> +
>>>> PATH=/opt/fedora-ds/bin/admin/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
>>>>
>>>> + export PATH
>>>>
>>>> HTTPD=/usr/sbin//httpd.worker
>>>> + HTTPD=/usr/sbin//httpd.worker
>>>>
>>>> # see if httpd is linked with the openldap libraries - we need to
>>>> override them
>>>> OS=`uname -s`
>>>> uname -s
>>>> ++ uname -s
>>>> + OS=Linux
>>>> if [ $OS = "Linux" ]; then
>>>> hasol=0
>>>>
>>>> /usr/bin/ldd $HTTPD 2>&1 | grep libldap > /dev/null 2>&1 && hasol=1
>>>>
>>>> if [ $hasol -eq 1 ] ; then
>>>> LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so
>>>> ${SERVER_ROOT}/bin/admin/lib/libldap50.so"
>>>> export LD_PRELOAD
>>>> fi
>>>> fi
>>>> + '[' Linux = Linux ']'
>>>> + hasol=0
>>>> + /usr/bin/ldd /usr/sbin//httpd.worker
>>>> + grep libldap
>>>> + hasol=1
>>>> + '[' 1 -eq 1 ']'
>>>> + LD_PRELOAD='/opt/fedora-ds/bin/admin/lib/libssl3.so
>>>> /opt/fedora-ds/bin/admin/lib/libldap50.so'
>>>> + export LD_PRELOAD
>>>>
>>>> $HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf
>>>> "$@"
>>>> + /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f
>>>> /opt/fedora-ds/admin-serv/config/httpd.conf
>>> So it correctly detects that httpd is linked against openldap and
>>> does the LD_PRELOAD. Next, try turning up the debug level. First,
>>> edit admin-serv/config/httpd.conf and change LogLevel to debug.
>>> Then, do start-admin -e debug. There should be a bunch of stuff in
>>> admin-serv/logs/error
>>>>
>>>>
>>>>
>>>>
>>>> Richard Megginson wrote:
>>>>> Ian Marks wrote:
>>>>>> Does anyone have a good idea where I can start troubleshooting
>>>>>> the error below. I get the error when I attempt to start the
>>>>>> admin server. I also posted an error from the htttpd logs which
>>>>>> could be related. I'm running Centos 4.3 with FDS 1.0.2.
>>>>>>
>>>>>> /opt/fedora-ds/admin-serv/logs/error
>>>>>> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure:
>>>>>> Failed to create PSET handle (pset error = )
>>>>>> Configuration Failed
>>>>> 1) The directory server must be up and running before attempting
>>>>> to start the admin server
>>>>> 2) If the DS is running, what is the output of doing sh -xv
>>>>> start-admin?
>>>>>>
>>>>>> /var/log/httpd/error_log
>>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP
>>>>>> LDAP SDK
>>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support unavailable
>>>>>>
>>>>>> Thanks,
>>>>>> Ian
>>>>>>
>>>>>> --
>>>>>> Fedora-directory-users mailing list
>>>>>> Fedora-directory-users at redhat.com
>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>> ------------------------------------------------------------------------
>>>>>
>>>>>
>>>>> --
>>>>> Fedora-directory-users mailing list
>>>>> Fedora-directory-users at redhat.com
>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>
>>>>
>>>> --
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>> ------------------------------------------------------------------------
>>>
>>>
>>> --
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
More information about the 389-users
mailing list