access log, [22/Sep/2010:14:22:39 +1200] conn=48 fd=65 slot=65 connection from 127.0.0.1 to 127.0.0.1 [22/Sep/2010:14:22:39 +1200] conn=48 op=0 BIND dn="" method=128 version=3 [22/Sep/2010:14:22:39 +1200] conn=48 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="" [22/Sep/2010:14:22:39 +1200] conn=48 op=1 SRCH base="dc=vuw,dc=ac,dc=nz" scope=2 filter="(&(cn=pulse-rt)(objectClass=posixGroup))" attrs="objectClass cn userPassword gidNumber member nsUniqueId modifyTimestamp" [22/Sep/2010:14:22:39 +1200] conn=48 op=1 RESULT err=0 tag=101 nentries=0 etime=0 [22/Sep/2010:14:23:57 +1200] conn=49 fd=66 slot=66 SSL connection from 130.195.53.104 to 130.195.53.104 [22/Sep/2010:14:23:57 +1200] conn=49 SSL 256-bit AES [22/Sep/2010:14:23:57 +1200] conn=49 op=0 BIND dn="cn=directory manager" method=128 version=3 [22/Sep/2010:14:23:57 +1200] conn=49 op=0 RESULT err=49 tag=97 nentries=0 etime=0 [22/Sep/2010:14:23:57 +1200] conn=49 op=1 UNBIND [22/Sep/2010:14:23:57 +1200] conn=49 op=1 fd=66 closed - U1 [22/Sep/2010:14:24:02 +1200] conn=50 fd=66 slot=66 SSL connection from 130.195.53.104 to 130.195.53.104 [22/Sep/2010:14:24:02 +1200] conn=50 SSL 256-bit AES [22/Sep/2010:14:24:02 +1200] conn=50 op=0 BIND dn="cn=directory manager" method=128 version=3 [22/Sep/2010:14:24:02 +1200] conn=50 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager" [22/Sep/2010:14:24:02 +1200] conn=50 op=1 SRCH base="cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-instancedir nsslapd-errorlog nsslapd-certdir nsslapd-schemadir" [22/Sep/2010:14:24:02 +1200] conn=50 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [22/Sep/2010:14:24:02 +1200] conn=50 op=2 SRCH base="cn=config,cn=ldbm database,cn=plugins,cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-directory" [22/Sep/2010:14:24:02 +1200] conn=50 op=2 RESULT err=0 tag=101 nentries=1 etime=0 [22/Sep/2010:14:24:02 +1200] conn=50 op=3 SRCH base="cn=mapping tree,cn=config" scope=2 filter="(|(objectClass=nsDSWindowsReplicationAgreement)(objectClass=nsds5ReplicationAgreement))" attrs=ALL [22/Sep/2010:14:24:02 +1200] conn=50 op=3 RESULT err=0 tag=101 nentries=1 etime=0 [22/Sep/2010:14:24:02 +1200] conn=50 op=4 SRCH base="cn=meTovuwwincodc00001.vuw.ac.nz636, cn=replica, cn=\22dc=vuw,dc=ac,dc=nz\22, cn=mapping tree, cn=config" scope=2 filter="(objectClass=*)" attrs=ALL [22/Sep/2010:14:24:02 +1200] conn=50 op=4 RESULT err=0 tag=101 nentries=1 etime=0 [22/Sep/2010:14:24:02 +1200] conn=50 op=5 UNBIND [22/Sep/2010:14:24:02 +1200] conn=50 op=5 fd=66 closed - U1 [22/Sep/2010:14:33:36 +1200] conn=51 fd=66 slot=66 SSL connection from 130.195.53.104 to 130.195.53.104 [22/Sep/2010:14:33:36 +1200] conn=51 SSL 256-bit AES [22/Sep/2010:14:33:36 +1200] conn=51 op=0 BIND dn="cn=directory manager" method=128 version=3 [22/Sep/2010:14:33:36 +1200] conn=51 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager" [22/Sep/2010:14:33:36 +1200] conn=51 op=1 SRCH base="cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-instancedir nsslapd-errorlog nsslapd-certdir nsslapd-schemadir" [22/Sep/2010:14:33:36 +1200] conn=51 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [22/Sep/2010:14:33:36 +1200] conn=51 op=2 SRCH base="cn=config,cn=ldbm database,cn=plugins,cn=config" scope=0 filter="(objectClass=*)" attrs="nsslapd-directory" [22/Sep/2010:14:33:36 +1200] conn=51 op=2 RESULT err=0 tag=101 nentries=1 etime=0
Steven Jones Technical Specialist Linux/Vmware Tele 64 4 463 6272 Victoria University Kelburn New Zealand -----Original Message----- From: Rich Megginson [mailto:[email protected]] Sent: Wednesday, 22 September 2010 2:45 p.m. To: Steven Jones Cc: [email protected] Subject: Re: [Freeipa-users] probems installin freeipa v2 Steven Jones wrote: > Hi, > > Ok, it isnt crashing the LDAP server/service its doing a shutdown of it > according to the error log... > What exactly do you see in the error log? Can you provide excerpts? Can you also provide excerpts of the access log from around the time of the shutdown? > So while a sync is happening the LDAP server is offline? > No, not possible. Something is going wrong. > How long should this take? > > 30secs? > > 3mins? > > 30mins? > > regards > > Steven Jones Technical Specialist Linux/Vmware > Tele 64 4 463 6272 > Victoria University > Kelburn > New Zealand > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Steven Jones > Sent: Wednesday, 22 September 2010 2:27 p.m. > To: [email protected] > Subject: Re: [Freeipa-users] probems installin freeipa v2 > > For ipa-replica-manage list > > The output is my AD > > vuwwincodc00001.vuw.ac.nz > > > regards > > Steven Jones Technical Specialist Linux/Vmware > Tele 64 4 463 6272 > Victoria University > Kelburn > New Zealand > > > -----Original Message----- > From: Rob Crittenden [mailto:[email protected]] > Sent: Wednesday, 22 September 2010 2:20 p.m. > To: Steven Jones > Cc: [email protected] > Subject: Re: [Freeipa-users] probems installin freeipa v2 > > Steven Jones wrote: > >> Hi, >> >> yes I think you are correct, --binpw is ndded except running this crashed >> the LDAP server....or sends it off to zombie land and I have to reboot it! >> >> >> ipa-replica-manage add --winsync --binddn >> cn=administrator,cn=users,dc=example,dc=com --bindpw<domain admin password> >> \ >> --cacert /path/to/certfile.cer adserver.example.com --passsync<domain admin >> password> -v >> >> Is there a log somewhere to look for why? >> > > Crashed which LDAP server? Logs are in /var/log/dirsrv-YOUR_INSTANCE_NAME. > > Can you provide the output of ipa-replica-manage? > > rob > > >> regards >> >> Steven Jones Technical Specialist Linux/Vmware >> Tele 64 4 463 6272 >> Victoria University >> Kelburn >> New Zealand >> >> >> -----Original Message----- >> From: Rob Crittenden [mailto:[email protected]] >> Sent: Wednesday, 22 September 2010 1:57 p.m. >> To: Steven Jones >> Cc: [email protected] >> Subject: Re: [Freeipa-users] probems installin freeipa v2 >> >> Steven Jones wrote: >> >>> This time I copied the output from the ldapsearch command >>> >>> "dn: cn=ipa_pwd_extop,cn=plugins,cn=config" >>> >>> and it worked... >>> >> Cosmic rays maybe, those strings look identical to me. Glad its working >> now in any case. >> >> >>> ? >>> >>> So, section 4.4 >>> >>> ipa-replica-manage add --winsync --binddn >>> cn=administrator,cn=users,dc=example,dc=com \ >>> --bindpw password --cacert /path/to/certfile.cer adserver.example.com -v >>> >>> This appears to be wrong? >>> >>> It should be, >>> >>> ipa-replica-manage add --winsync --binddn >>> cn=administrator,cn=users,dc=example,dc=com \ >>> --cacert /path/to/certfile.cer adserver.example.com --passsync<domain admin >>> password> -v >>> >>> >> You're right in that --passsync is required but --bindpw should also be >> required. >> >> I filed https://bugzilla.redhat.com/show_bug.cgi?id=636377 for this. >> >> rob >> >> _______________________________________________ >> Freeipa-users mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/freeipa-users >> > > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users > _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
