[389-users] Cannot login as cn=Directory Manager
Rich Megginson
rmeggins at redhat.com
Wed Jan 5 16:04:16 UTC 2011
On 01/05/2011 08:40 AM, harry.devine at faa.gov wrote:
>
> How do I tell what the other versions are?
rpm -qi 389-console 389-ds-base 389-admin idm-console-framework
389-adminutil
> I haven't upgraded or anything, so its the same version/installation
> that I initially did a few months ago.
So it just stopped working, with no explanation, and nothing has changed?
> Should I upgrade? Is there a bug that's fixed in a newer version that
> could be causing what I'm seeing?
>
> The /var/log/dirsrv/admin-serv/error log shows:
> [Wed Jan 05 10:40:45 2011] [notice] [client 127.0.0.1]
> admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1
> [Wed Jan 05 10:40:45 2011] [notice] [client 127.0.0.1]
> admserv_host_ip_check: host [localhost.localdomain] did not match
> pattern [*.test.com] -will scan aliases
> [Wed Jan 05 10:40:45 2011] [notice] [client 127.0.0.1]
> admserv_host_ip_check: host alias [localhost] did not match pattern
> [*.test.com]
> [Wed Jan 05 10:41:25 2011] [crit] buildUGInfo(): unable to initialize
> TLS connection to LDAP host localhost.test.com port 389: 4
This error message is somewhat misleading - it is not actually
attempting a TLS connection unless you have configured it to use TLS.
What's in the directory server access log on or around [Wed Jan 05
10:41:25 2011] ?
> [Wed Jan 05 10:41:25 2011] [error] [client 127.0.0.1] user
> cn=Directory Manager not found: /admin-serv/authenticate
If the directory server connection fails, it will fail to lookup/bind too.
>
> The /var/log/dirsrv/admin-serv/access log (which only got written to
> AFTER I closed 389-console) shows:
> 127.0.0.1 - cn=Directory Manager [05/Jan/2011:10:40:45 -0500] "GET
> /admin-serv/authenticate HTTP/1.0" 401 466
>
> Thanks!
> Harry
>
> Harry Devine
> Common ARTS Software Development
> AJT-144
> (609)485-4218
> Harry.Devine at faa.gov
>
>
> From: Rich Megginson <rmeggins at redhat.com>
> To: Harry Devine/ACT/FAA at FAA
> Cc: 389-users at lists.fedoraproject.org
> Date: 01/05/2011 10:23 AM
> Subject: Re: [389-users] Cannot login as cn=Directory Manager
>
>
> ------------------------------------------------------------------------
>
>
>
> On 01/05/2011 05:59 AM, _harry.devine at faa.gov_
> <mailto:harry.devine at faa.gov>wrote:
>
> I'm on CentOS 5.4 and my 389 version is 1.1.3 if I'm reading the
> console log properly. The console log that got generated when I ran
> "389-console -D 9 -f console.log" is attached.
> What are the versions of the other components?
> 389-ds-base, 389-admin, idm-console-framework
>
> What does it say in the admin server logs in
> /var/log/dirsrv/admin-serv/error and access?
>
> Have you upgraded recently? If so, did you run setup-ds-admin.pl -u
> after upgrading?
>
> Thanks for the help!
> Harry
>
>
>
> Harry Devine
> Common ARTS Software Development
> AJT-144
> (609)485-4218_
> __Harry.Devine at faa.gov_ <mailto:Harry.Devine at faa.gov>
>
> From: Rich Megginson _<rmeggins at redhat.com>_ <mailto:rmeggins at redhat.com>
> To: "General discussion list for the 389 Directory server project."
> _<389-users at lists.fedoraproject.org>_
> <mailto:389-users at lists.fedoraproject.org>
> Cc: Harry Devine/ACT/FAA at FAA
> Date: 01/04/2011 04:40 PM
> Subject: Re: [389-users] Cannot login as cn=Directory Manager
>
>
>
> ------------------------------------------------------------------------
>
>
>
> On 01/04/2011 12:55 PM, _harry.devine at faa.gov_
> <mailto:harry.devine at faa.gov>wrote:
>
> I've been away from my 389-ds admin for a few months (I'm just
> starting to get familiar with it), and I can't login using the user ID
> "cn=Directory Manager". A few months ago I could using the GUI
> 389-console application. But today I can't. It keeps saying:
>
> "Can't login because of an incorrect User ID, Incorrect password, or
> Directory problem."
>
> The error log shows: "[error] [client 127.0.0.1] user cn=Directory
> Manager not found: /admin-serv/authenticate"
>
> I am able to get data back when I enter: "ldapsearch -x -b
> o=netscaperoot -D "cn=Directory Manager" -w <password>
> "objectclass=nsAdminConfig"" from the command line, so I know that the
> password is correct.
>
> Any thoughts on what to do to fix this?
> What platform? What versions of 389-ds-base, 389-admin,
> idm-console-framework?
> run 389-console -D 9 -f console.log then send console.log (you will
> first want to obscure any sensitive information)
>
> Thanks!
> Harry
>
> Harry Devine
> Common ARTS Software Development
> AJT-144
> (609)485-4218_
> __Harry.Devine at faa.gov_ <mailto:Harry.Devine at faa.gov>
>
>
> --
> 389 users mailing list_
> __389-users at lists.fedoraproject.org_
> <mailto:389-users at lists.fedoraproject.org>_
> __https://admin.fedoraproject.org/mailman/listinfo/389-users_
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20110105/7b65b6a4/attachment.html>
More information about the 389-users
mailing list