[389-users] New 389 ds install - cannot logon to adm console

Rich Megginson rmeggins at redhat.com
Tue Nov 30 15:33:14 UTC 2010 

On 11/29/2010 02:49 PM, Trisooma wrote:
> Hi,
>
> I am having the exact same issue:
>
> - fresh install of 389-ds (version 1.2.1-1.fc14)
rpm -qi 389-ds-base 389-adminutil 389-admin
> - server config: (as per
> http://directory.fedoraproject.org/wiki/Howto:AdminServerLDAPMgmt)
>     nsAdminAccessAddresses: *
>     nsAdminAccessHosts:
> - servers are running (dirsrv/dirsrv-admin)
> - firewall is disabled (all traffic is accepted)
> - SELinux is disabled
> - curl can access auth url locally, see below:
>
> [shadowuser at icicle ~]$ curl http://localhost:9830/admin-serv/authenticate
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>401 Authorization Required</title>
> </head><body>
> <h1>Authorization Required</h1>
> <p>This server could not verify that you
> are authorized to access the document
> requested.  Either you supplied the wrong
> credentials (e.g., bad password), or your
> browser doesn't understand how to supply
> the credentials required.</p>
> <hr>
> <address>Apache/2.2 Server at localhost Port 9830</address>
> </body></html>
>
> server log insists that access is denied for this ip, see below:
>
> [Mon Nov 29 22:26:37 2010] [crit] openLDAPConnection(): util_ldap_init
> failed for ldap://:389
> [Mon Nov 29 22:26:37 2010] [warn] Unable to open initial LDAPConnection
> to populate LocalAdmin tasks into cache.
> [Mon Nov 29 22:26:38 2010] [notice] Apache/2.2.17 (Unix) configured --
> resuming normal operations
> [Mon Nov 29 22:26:38 2010] [crit] openLDAPConnection(): util_ldap_init
> failed for ldap://:389
This is not good - if the admin server cannot contact the directory 
server, it cannot read its configuration, including the list of accepted 
and rejected hosts/ip.

Can you provide your /etc/dirsrv/admin-serv/adm.conf?
> [Mon Nov 29 22:26:38 2010] [warn] Unable to open initial LDAPConnection
> to populate LocalAdmin tasks into cache.
> [Mon Nov 29 22:26:56 2010] [notice] [client 127.0.0.1]
> admserv_host_ip_check: Unauthorized host ip=127.0.0.1, connection rejected
> [Mon Nov 29 22:27:37 2010] [notice] [client 127.0.0.1]
> admserv_host_ip_check: Unauthorized host ip=127.0.0.1, connection rejected
> [Mon Nov 29 22:27:54 2010] [notice] [client 127.0.0.1]
> admserv_host_ip_check: Unauthorized host ip=127.0.0.1, connection rejected
> [Mon Nov 29 22:28:02 2010] [notice] [client 127.0.0.1]
> admserv_host_ip_check: Unauthorized host ip=127.0.0.1, connection rejected
> [Mon Nov 29 22:28:05 2010] [notice] [client 127.0.0.1]
> admserv_host_ip_check: Unauthorized host ip=127.0.0.1, connection rejected
> [Mon Nov 29 22:41:27 2010] [notice] [client 127.0.0.1]
> admserv_host_ip_check: Unauthorized host ip=127.0.0.1, connection rejected
>
> What could be wrong?
>
> Regards
>
> Trisooma
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users

More information about the 389-users mailing list