I'm having a really weird issue where any new user I create in 389 DS is not able to browse the directory.
What I mean is that the user binds without any issue, but when you use any directory browser client the user sees nothing in the tree. Also, I've been collaborating with a few in house developers who are writing LDAP auth into their applications - and for both (Java and Perl using the LDAP libraries) they get the same behavior - they are able to bind but the directory is empty. Now if you use any user account that was created before (maybe a week or two ago - I'm not sure) then everything suceeds without any issue. Also, I have a replication consumer and if I connect to it with the new credential everything works fine as well. Using Apache Directory Studio (it's mainly what I use for troubleshooting when 389-console breaks) when I try to connect the error I get is: "Missing schema location in RootDSE, using default schema" Apparently it is referring to the subschemaSubentry attribute in the RootDSE - I can verify that it is there however and seems to be readable by all including anonymous. If I use the JNDI provider for apacheDS then I get the same error followed by 4 LDAP error 53s (unwilling to perform). Any ideas? This is our production LDAP server and I'm getting a bit desperate, I have backups from every week and I'm considering just turning it back until the issue disappears - but it would forever trouble me not to figure out what happenned and how to fix it in the future. Thanks in advance for any input. Andrei Wasylyk Systems Analyst
-- 389 users mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/389-users
