[389-users] Problems logging in with 389-console

Fri Mar 23 14:42:08 UTC 2012

On 03/22/2012 10:47 AM, Mike Mercier wrote:
> Hi,
>
> Sorry for the delay...
>
> /var/log/dirsrv/admin-serv/access
>
> 127.0.0.1 - cn=Directory Manager [22/Mar/2012:12:43:32 -0400] "GET
> /admin-serv/authenticate HTTP/1.0" 401 478
>
> /var/log/dirsrv/admin-serv/error
> [Thu Mar 22 12:43:26 2012] [notice] caught SIGTERM, shutting down
> [Thu Mar 22 12:43:27 2012] [notice] SELinux policy enabled; httpd
> running as context system_u:system_r:httpd_t:s0
> [Thu Mar 22 12:43:28 2012] [error] Could not bind as []: ldap error
> -1: Can't contact LDAP server
> [Thu Mar 22 12:43:28 2012] [error] Could not bind as []: ldap error
> -1: Can't contact LDAP server
> [Thu Mar 22 12:43:28 2012] [warn] Unable to bind as LocalAdmin to
> populate LocalAdmin tasks into cache.
> [Thu Mar 22 12:43:28 2012] [notice] Access Host filter is: *
> [Thu Mar 22 12:43:28 2012] [notice] Access Address filter is: *
> [Thu Mar 22 12:43:29 2012] [notice] Apache/2.2.22 (Unix) configured --
> resuming normal operations
> [Thu Mar 22 12:43:29 2012] [error] Could not bind as []: ldap error
> -1: Can't contact LDAP server
> [Thu Mar 22 12:43:29 2012] [error] Could not bind as []: ldap error
> -1: Can't contact LDAP server
> [Thu Mar 22 12:43:29 2012] [warn] Unable to bind as LocalAdmin to
> populate LocalAdmin tasks into cache.
> [Thu Mar 22 12:43:29 2012] [notice] Access Host filter is: *
> [Thu Mar 22 12:43:29 2012] [notice] Access Address filter is: *
> [Thu Mar 22 12:43:32 2012] [notice] [client 127.0.0.1]
> admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1
> [Thu Mar 22 12:43:32 2012] [error] Could not bind as []: ldap error
> -1: Can't contact LDAP server
> [Thu Mar 22 12:43:32 2012] [error] Could not bind as []: ldap error
> -1: Can't contact LDAP server
> [Thu Mar 22 12:43:32 2012] [notice] [client 127.0.0.1] unable to bind
> to server [localhost.localdomain:389] as [(anonymous)]
> [Thu Mar 22 12:43:32 2012] [crit] buildUGInfo(): unable to initialize
> TLS connection to LDAP host localhost.localdomain port 389: 4

Can you post your /etc/dirsrv/admin-serv/adm.conf?
Have you configured your directory server to use SSL?

> [Thu Mar 22 12:43:32 2012] [error] [client 127.0.0.1] user
> cn=Directory Manager not found: /admin-serv/authenticate
>
> NOTE: This is after modifying 'local.conf' with
> configuration.nsadminaccesshosts: *
>
> Thanks,
> Mike
>
> On Fri, Mar 16, 2012 at 5:43 PM, Mark Reynolds<mareynol at redhat.com>  wrote:
>> Hi Michael,
>>
>> see comments below...
>>
>>
>> On 03/16/2012 02:42 PM, Michael Mercier wrote:
>>
>> Hello,
>>
>> I seem to be having problems using the 389-console GUI.
>>
>> I am entering the following information into each of the fields:
>>
>> User ID: cn=Directory Manager
>> Password: password
>> Administration URL: http://localhost.localdomain:9830
>>
>> It fails with the following error:
>>
>> Cannot logon because of an incorrect User ID,
>> Incorrect password or Directory problem.
>>
>> HttpException:
>> Response: HTTP/1.1 401 Authorization Required
>> Status: 401
>> URL:     http://localhost.localdomain:9830/admin-serv/authenticate
>>
>> Do you have a DS access log snippet showing the bind&  result?
>>
>> I might not hurt to restart the admin server as well.
>>
>> Thanks,
>> Mark
>>
>>
>> I have also tried with:
>> User ID: admin
>> Password: password
>> Administration URL: http://localhost.localdomain:9830
>>
>> It fails with the following error:
>>
>> Cannot connect to the directory server:
>> netscape.ldap.LDAPException: error result (32): No such object
>>
>> I am able to run searches from the command line:
>>
>> [root at localhost ~]# ldapsearch -x -b o=netscaperoot -D "cn=directory
>> manager" -w password "nsDirectoryURL=*"
>> # extended LDIF
>> #
>> # LDAPv3
>> # base<o=netscaperoot>  with scope subtree
>> # filter: nsDirectoryURL=*
>> # requesting: ALL
>> #
>>
>> # UserDirectory, Global Preferences, MyDomain, NetscapeRoot
>> dn: cn=UserDirectory,ou=Global Preferences,ou=MyDomain,o=NetscapeRoot
>> objectClass: top
>> objectClass: nsDirectoryInfo
>> nsDirectoryURL: ldap://localhost.localdomain:389/dc=mpls
>> cn: UserDirectory
>>
>> # search result
>> search: 2
>> result: 0 Success
>>
>> # numResponses: 2
>> # numEntries: 1
>> [root at localhost ~]#
>>
>> If I try to access http://localhost.localdomain:9830 with a web
>> browser, I am shown the "Services for users" page, but when I click on
>> "389 Administration Express" i get the following error:
>>
>> Internal Server Error
>>
>> The server encountered an internal error or misconfiguration and was
>> unable to complete your request.
>>
>> Please contact the server administrator, [no address given] and inform
>> them of the time the error occurred, and anything you might have done
>> that may have caused the error.
>>
>> More information about this error may be available in the server error log.
>> Apache/2.2 Server at localhost.localdomain Port 9830
>>
>> Anyone have any ideas?
>>
>> Thanks,
>> Mike
>>
>> [root at localhost ~]# more /etc/redhat-release
>> Fedora release 16 (Verne)
>> [root at localhost ~]# rpm -qa|grep 389
>> 389-console-1.1.7-1.fc16.noarch
>> 389-ds-console-doc-1.2.6-1.fc16.noarch
>> 389-ds-base-libs-1.2.10.2-1.fc16.x86_64
>> 389-ds-1.2.2-1.fc15.noarch
>> 389-ds-console-1.2.6-1.fc16.noarch
>> 389-admin-1.1.23-1.fc16.x86_64
>> 389-admin-console-doc-1.1.8-2.fc16.noarch
>> 389-admin-console-1.1.8-2.fc16.noarch
>> 389-dsgw-1.1.7-2.fc16.x86_64
>> 389-adminutil-1.1.14-1.fc16.x86_64
>> 389-ds-base-1.2.10.2-1.fc16.x86_64
>>
>> --
>> 389 users mailing list
>> 389-users at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users