[389-users] management console authentication error

Mark Reynolds mareynol at redhat.com
Mon Apr 23 20:13:57 UTC 2012 

Herb,

Do you know which server is hosting the config data for the 
console(o=netscaperoot)?  If you do, please provide the access log 
output showing the "cn=directory manager" and "admin" binds?  It might 
not hurt to restart the admin server.

Thanks,
Mark



On 04/23/2012 04:06 PM, Herb Burnswell wrote:
> Hi All,
>
> After re-initialization of a dual master server I now cannot log into 
> the directory management console as cn=Directory Manager.  I receive 
> the error:
>
> Cannot logon because of an incorrect user id, incorrect password, or 
> Directory problem.
> httpException:
> Resoponse: HTTP/1.1 401 Unauthorized
> Status: 401
> URL: http://url/admin-serv/authenticate
>
> I know the password is correct as I can drop into an ldapmodify 
> session with ./ldapmodify -D "cn=Directory Manager" -w <passwd> 
> without error.
>
> I've seen a few inquiries about this issue around the web but nothing 
> to resolve the issue.  I see the following in 
> /opt/fedora-ds/admin-serv/logs/error:
>
>  security (27749): for host <hostname> trying to GET 
> /admin-serv/authenticate, basic-ncsa reports: user cn=Directory 
> Manager does not exist in pwfile /opt/fedora-ds/admin-serv/config/admpw
>
> It is correct that there is not a line for cn=Directory Manager in 
> admpw, but it is not located in the admpw file on the other dual 
> master and I can log into its management console as cn=Directory 
> Manager without error.  They both just contain a line for user 'admin'.
>
> When I try to log in as 'admin' (works fine on other dual master) I 
> receive:
>
> cannot connect to the directory server:
> netscape.ldap.LDAPException: error result (32) matchedDN = ou 
> =<domain>,o=netscaperoot; no such object
>
> Is there something else that I need to do after re-initialization?  
> Any guidance is greatly appreciated.
>
> Thanks in advance,
>
> Herb
>
>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20120423/5264a8b2/attachment.html>

More information about the 389-users mailing list