[389-users] Problems logging in with 389-console
Mike Mercier
mmercier at gmail.com
Tue Mar 27 15:07:50 UTC 2012
On Tue, Mar 27, 2012 at 10:05 AM, Rich Megginson <rmeggins at redhat.com> wrote:
> On 03/27/2012 06:46 AM, Mike Mercier wrote:
>>
>> Hello,
>>
>> On Mon, Mar 26, 2012 at 10:47 AM, Rich Megginson<rmeggins at redhat.com>
>> wrote:
>>>
>>> On 03/26/2012 08:28 AM, Mike Mercier wrote:
>>>>
>>>> Hello,
>>>>
>>>> adm.conf attached.
>>>
>>> Have you configured the directory server to use TLS/SSL?
>>
>> No, TLS/SSL was not configured. I did the following to install 389.
>>
>> Install fedora 16
>> run yum update
>> install 389
>> run setup-ds-admin.pl using the 'Typical' option
>> run 389-console and try to login as cn=Directory Manager
>>
>>> Can you try with 389-admin-1.1.28 now in updates-testing?
>>
>> [root at localhost ~]# rpm -qa | grep 389
>> 389-console-1.1.7-1.fc16.noarch
>> 389-ds-console-doc-1.2.6-1.fc16.noarch
>> 389-ds-base-libs-1.2.10.4-2.fc16.x86_64
>> 389-ds-1.2.2-1.fc15.noarch
>> 389-ds-base-1.2.10.4-2.fc16.x86_64
>> 389-ds-console-1.2.6-1.fc16.noarch
>> 389-admin-console-doc-1.1.8-2.fc16.noarch
>> 389-admin-console-1.1.8-2.fc16.noarch
>> 389-dsgw-1.1.7-2.fc16.x86_64
>> 389-admin-1.1.28-1.fc16.x86_64
>> 389-adminutil-1.1.14-1.fc16.x86_64
>>
>> When using 389-console
>>
>> /var/log/dirsrv/admin-serv/error
>> [Tue Mar 27 08:36:31 2012] [notice] [client 127.0.0.1]
>> admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1
>> [Tue Mar 27 08:36:31 2012] [error] Could not bind as []: ldap error
>> -1: Can't contact LDAP server
>> [Tue Mar 27 08:36:31 2012] [error] Could not bind as []: ldap error
>> -1: Can't contact LDAP server
>> [Tue Mar 27 08:36:31 2012] [notice] [client 127.0.0.1] unable to bind
>> to server [localhost.localdomain:389] as [(anonymous)]
>> [Tue Mar 27 08:36:31 2012] [crit] buildUGInfo(): unable to initialize
>> TLS connection to LDAP host localhost.localdomain port 389: 4
>> [Tue Mar 27 08:36:31 2012] [error] [client 127.0.0.1] user
>> cn=Directory Manager not found: /admin-serv/authenticate
>>
>>
>> /var/log/dirsrv/admin-serv/access
>> 127.0.0.1 - cn=Directory Manager [27/Mar/2012:08:36:31 -0400] "GET
>> /admin-serv/authenticate HTTP/1.0" 401 478
>>
>> When using http://http://localhost.localdomain:9830/dist/download and
>> clicking '389 Administration Express'
>>
>> /var/log/dirsrv/admin-serv/error
>> [Tue Mar 27 08:41:58 2012] [notice] [client 127.0.0.1]
>> admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1
>> [Tue Mar 27 08:41:58 2012] [notice] [client 127.0.0.1]
>> admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1,
>> referer: http://localhost.localdomain:9830/dist/download
>> [Tue Mar 27 08:41:58 2012] [notice] [client 127.0.0.1]
>> admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1,
>> referer: http://localhost.localdomain:9830/dist/download
>> [Tue Mar 27 08:42:00 2012] [notice] [client 127.0.0.1]
>> admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1,
>> referer: http://localhost.localdomain:9830/dist/download
>> [Tue Mar 27 08:42:00 2012] [error] Could not bind as []: ldap error
>> -1: Can't contact LDAP server
>> [Tue Mar 27 08:42:00 2012] [error] Could not bind as []: ldap error
>> -1: Can't contact LDAP server
>> [Tue Mar 27 08:42:00 2012] [notice] [client 127.0.0.1] unable to bind
>> to server [localhost.localdomain:389] as [(anonymous)], referer:
>> http://localhost.localdomain:9830/dist/download
>> [Tue Mar 27 08:42:00 2012] [crit] buildUGInfo(): unable to initialize
>> TLS connection to LDAP host localhost.localdomain port 389: 4
>>
>>
>> /var/log/dirsrv/admin-serv/access
>>
>> 127.0.0.1 - - [27/Mar/2012:08:41:58 -0400] "GET /dist/download
>> HTTP/1.1" 200 4470
>> 127.0.0.1 - - [27/Mar/2012:08:41:58 -0400] "GET /icons/spacer.gif
>> HTTP/1.1" 200 43
>> 127.0.0.1 - - [27/Mar/2012:08:41:58 -0400] "GET /icons/goto.gif HTTP/1.1"
>> 200 86
>> 127.0.0.1 - admin [27/Mar/2012:08:42:00 -0400] "GET
>> /admin-serv/tasks/configuration/HTMLAdmin?op=index HTTP/1.1" 500 615
>
> What's in your directory server access log from around this time?
> /var/log/dirsrv/slapd-INSTANCE/access
Strangely, there are no entries in the file from that time... below
is the entire file
/var/log/dirsrv/slapd-mpls/access:
389-Directory/1.2.10.2 B2012.054.1543
localhost.localdomain:389 (/etc/dirsrv/slapd-mpls)
[22/Mar/2012:15:09:39 -0400] conn=8 op=-1 fd=64 closed - B1
[22/Mar/2012:15:09:39 -0400] conn=10 op=-1 fd=65 closed - B1
>
>>
>> Thanks,
>> Mike
>>
>>
>>
>>>> Thanks,
>>>> Mike
>>>>
>>>> On Fri, Mar 23, 2012 at 10:42 AM, Rich Megginson<rmeggins at redhat.com>
>>>> wrote:
>>>>>
>>>>> On 03/22/2012 10:47 AM, Mike Mercier wrote:
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> Sorry for the delay...
>>>>>>
>>>>>> /var/log/dirsrv/admin-serv/access
>>>>>>
>>>>>> 127.0.0.1 - cn=Directory Manager [22/Mar/2012:12:43:32 -0400] "GET
>>>>>> /admin-serv/authenticate HTTP/1.0" 401 478
>>>>>>
>>>>>> /var/log/dirsrv/admin-serv/error
>>>>>> [Thu Mar 22 12:43:26 2012] [notice] caught SIGTERM, shutting down
>>>>>> [Thu Mar 22 12:43:27 2012] [notice] SELinux policy enabled; httpd
>>>>>> running as context system_u:system_r:httpd_t:s0
>>>>>> [Thu Mar 22 12:43:28 2012] [error] Could not bind as []: ldap error
>>>>>> -1: Can't contact LDAP server
>>>>>> [Thu Mar 22 12:43:28 2012] [error] Could not bind as []: ldap error
>>>>>> -1: Can't contact LDAP server
>>>>>> [Thu Mar 22 12:43:28 2012] [warn] Unable to bind as LocalAdmin to
>>>>>> populate LocalAdmin tasks into cache.
>>>>>> [Thu Mar 22 12:43:28 2012] [notice] Access Host filter is: *
>>>>>> [Thu Mar 22 12:43:28 2012] [notice] Access Address filter is: *
>>>>>> [Thu Mar 22 12:43:29 2012] [notice] Apache/2.2.22 (Unix) configured --
>>>>>> resuming normal operations
>>>>>> [Thu Mar 22 12:43:29 2012] [error] Could not bind as []: ldap error
>>>>>> -1: Can't contact LDAP server
>>>>>> [Thu Mar 22 12:43:29 2012] [error] Could not bind as []: ldap error
>>>>>> -1: Can't contact LDAP server
>>>>>> [Thu Mar 22 12:43:29 2012] [warn] Unable to bind as LocalAdmin to
>>>>>> populate LocalAdmin tasks into cache.
>>>>>> [Thu Mar 22 12:43:29 2012] [notice] Access Host filter is: *
>>>>>> [Thu Mar 22 12:43:29 2012] [notice] Access Address filter is: *
>>>>>> [Thu Mar 22 12:43:32 2012] [notice] [client 127.0.0.1]
>>>>>> admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1
>>>>>> [Thu Mar 22 12:43:32 2012] [error] Could not bind as []: ldap error
>>>>>> -1: Can't contact LDAP server
>>>>>> [Thu Mar 22 12:43:32 2012] [error] Could not bind as []: ldap error
>>>>>> -1: Can't contact LDAP server
>>>>>> [Thu Mar 22 12:43:32 2012] [notice] [client 127.0.0.1] unable to bind
>>>>>> to server [localhost.localdomain:389] as [(anonymous)]
>>>>>> [Thu Mar 22 12:43:32 2012] [crit] buildUGInfo(): unable to initialize
>>>>>> TLS connection to LDAP host localhost.localdomain port 389: 4
>>>>>
>>>>>
>>>>> Can you post your /etc/dirsrv/admin-serv/adm.conf?
>>>>> Have you configured your directory server to use SSL?
>>>>>
>>>>>> [Thu Mar 22 12:43:32 2012] [error] [client 127.0.0.1] user
>>>>>> cn=Directory Manager not found: /admin-serv/authenticate
>>>>>>
>>>>>> NOTE: This is after modifying 'local.conf' with
>>>>>> configuration.nsadminaccesshosts: *
>>>>>>
>>>>>> Thanks,
>>>>>> Mike
>>>>>>
>>>>>> On Fri, Mar 16, 2012 at 5:43 PM, Mark Reynolds<mareynol at redhat.com>
>>>>>> wrote:
>>>>>>>
>>>>>>> Hi Michael,
>>>>>>>
>>>>>>> see comments below...
>>>>>>>
>>>>>>>
>>>>>>> On 03/16/2012 02:42 PM, Michael Mercier wrote:
>>>>>>>
>>>>>>> Hello,
>>>>>>>
>>>>>>> I seem to be having problems using the 389-console GUI.
>>>>>>>
>>>>>>> I am entering the following information into each of the fields:
>>>>>>>
>>>>>>> User ID: cn=Directory Manager
>>>>>>> Password: password
>>>>>>> Administration URL: http://localhost.localdomain:9830
>>>>>>>
>>>>>>> It fails with the following error:
>>>>>>>
>>>>>>> Cannot logon because of an incorrect User ID,
>>>>>>> Incorrect password or Directory problem.
>>>>>>>
>>>>>>> HttpException:
>>>>>>> Response: HTTP/1.1 401 Authorization Required
>>>>>>> Status: 401
>>>>>>> URL: http://localhost.localdomain:9830/admin-serv/authenticate
>>>>>>>
>>>>>>> Do you have a DS access log snippet showing the bind& result?
>>>>>>>
>>>>>>>
>>>>>>> I might not hurt to restart the admin server as well.
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Mark
>>>>>>>
>>>>>>>
>>>>>>> I have also tried with:
>>>>>>> User ID: admin
>>>>>>> Password: password
>>>>>>> Administration URL: http://localhost.localdomain:9830
>>>>>>>
>>>>>>> It fails with the following error:
>>>>>>>
>>>>>>> Cannot connect to the directory server:
>>>>>>> netscape.ldap.LDAPException: error result (32): No such object
>>>>>>>
>>>>>>> I am able to run searches from the command line:
>>>>>>>
>>>>>>> [root at localhost ~]# ldapsearch -x -b o=netscaperoot -D "cn=directory
>>>>>>> manager" -w password "nsDirectoryURL=*"
>>>>>>> # extended LDIF
>>>>>>> #
>>>>>>> # LDAPv3
>>>>>>> # base<o=netscaperoot> with scope subtree
>>>>>>> # filter: nsDirectoryURL=*
>>>>>>> # requesting: ALL
>>>>>>> #
>>>>>>>
>>>>>>> # UserDirectory, Global Preferences, MyDomain, NetscapeRoot
>>>>>>> dn: cn=UserDirectory,ou=Global Preferences,ou=MyDomain,o=NetscapeRoot
>>>>>>> objectClass: top
>>>>>>> objectClass: nsDirectoryInfo
>>>>>>> nsDirectoryURL: ldap://localhost.localdomain:389/dc=mpls
>>>>>>> cn: UserDirectory
>>>>>>>
>>>>>>> # search result
>>>>>>> search: 2
>>>>>>> result: 0 Success
>>>>>>>
>>>>>>> # numResponses: 2
>>>>>>> # numEntries: 1
>>>>>>> [root at localhost ~]#
>>>>>>>
>>>>>>> If I try to access http://localhost.localdomain:9830 with a web
>>>>>>> browser, I am shown the "Services for users" page, but when I click
>>>>>>> on
>>>>>>> "389 Administration Express" i get the following error:
>>>>>>>
>>>>>>> Internal Server Error
>>>>>>>
>>>>>>> The server encountered an internal error or misconfiguration and was
>>>>>>> unable to complete your request.
>>>>>>>
>>>>>>> Please contact the server administrator, [no address given] and
>>>>>>> inform
>>>>>>> them of the time the error occurred, and anything you might have done
>>>>>>> that may have caused the error.
>>>>>>>
>>>>>>> More information about this error may be available in the server
>>>>>>> error
>>>>>>> log.
>>>>>>> Apache/2.2 Server at localhost.localdomain Port 9830
>>>>>>>
>>>>>>> Anyone have any ideas?
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Mike
>>>>>>>
>>>>>>> [root at localhost ~]# more /etc/redhat-release
>>>>>>> Fedora release 16 (Verne)
>>>>>>> [root at localhost ~]# rpm -qa|grep 389
>>>>>>> 389-console-1.1.7-1.fc16.noarch
>>>>>>> 389-ds-console-doc-1.2.6-1.fc16.noarch
>>>>>>> 389-ds-base-libs-1.2.10.2-1.fc16.x86_64
>>>>>>> 389-ds-1.2.2-1.fc15.noarch
>>>>>>> 389-ds-console-1.2.6-1.fc16.noarch
>>>>>>> 389-admin-1.1.23-1.fc16.x86_64
>>>>>>> 389-admin-console-doc-1.1.8-2.fc16.noarch
>>>>>>> 389-admin-console-1.1.8-2.fc16.noarch
>>>>>>> 389-dsgw-1.1.7-2.fc16.x86_64
>>>>>>> 389-adminutil-1.1.14-1.fc16.x86_64
>>>>>>> 389-ds-base-1.2.10.2-1.fc16.x86_64
>>>>>>>
>>>>>>> --
>>>>>>> 389 users mailing list
>>>>>>> 389-users at lists.fedoraproject.org
>>>>>>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>>>>>>
>>>>>> --
>>>>>> 389 users mailing list
>>>>>> 389-users at lists.fedoraproject.org
>>>>>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>>>>>
>>>>>
>
More information about the 389-users
mailing list