SERVER A
########
Are you ready to set up your servers? [yes]:
Could not open TLS connection to serverA.mydomain.com:389
<http://serverA.mydomain.com:389> - trying regular connection
rm: cannot remove `/var/lib/dirsrv/slapd-serverA/changelogdb/__db.*':
No such file or directory
rm: cannot remove
`/var/lib/dirsrv/slapd-serverA/changelogdb/guardian': No such file or
directory
Registering the directory server instances with the configuration
directory server . . .
Beginning Admin Server reconfiguration . . .
Registering admin server with the configuration directory server . . .
Updating adm.conf with information from configuration directory server
. . .
Exiting . . .
Log file is '/tmp/setupYUpMQ4.log'
[root@serverA phpldapadmin]# rpm -qi 389-ds-base
Name : 389-ds-base
Version : 1.2.10
Release : 0.5.a5.fc15
Architecture: i686
Install Date: Thu 10 Nov 2011 02:54:23 PM EST
Group : System Environment/Daemons
Size : 4738178
License : GPLv2 with exceptions
Signature : RSA/SHA256, Sat 05 Nov 2011 09:17:58 AM EDT, Key ID
b4ebf579069c8460
Source RPM : 389-ds-base-1.2.10-0.5.a5.fc15.src.rpm
Build Date : Fri 04 Nov 2011 07:13:25 PM EDT
Build Host : x86-11.phx2.fedoraproject.org
<http://x86-11.phx2.fedoraproject.org>
Relocations : (not relocatable)
Packager : Fedora Project
Vendor : Fedora Project
URL : http://port389.org/
Summary : 389 Directory Server (base)
Description :
389 Directory Server is an LDAPv3 compliant server. The base package
includes
the LDAP server and command line utilities for server administration.
SERVER B
#########
Are you ready to set up your servers? [yes]:
Could not open TLS connection to serverB.mydomain.com:389
<http://serverB.mydomain.com:389> - trying regular connection
Registering the directory server instances with the configuration
directory server . . .
Beginning Admin Server reconfiguration . . .
Registering admin server with the configuration directory server . . .
Updating adm.conf with information from configuration directory server
. . .
Exiting . . .
Log file is '/tmp/setupS0ZvAH.log'
[root@serverB admin-serv]# !292
rpm -qi 389-ds-base
Name : 389-ds-base
Version : 1.2.10
Release : 0.5.a5.fc15
Architecture: i686
Install Date: Thu 10 Nov 2011 03:04:01 PM EST
Group : System Environment/Daemons
Size : 4738178
License : GPLv2 with exceptions
Signature : RSA/SHA256, Sat 05 Nov 2011 09:17:58 AM EDT, Key ID
b4ebf579069c8460
Source RPM : 389-ds-base-1.2.10-0.5.a5.fc15.src.rpm
Build Date : Fri 04 Nov 2011 07:13:25 PM EDT
Build Host : x86-11.phx2.fedoraproject.org
<http://x86-11.phx2.fedoraproject.org>
Relocations : (not relocatable)
Packager : Fedora Project
Vendor : Fedora Project
URL : http://port389.org/
Summary : 389 Directory Server (base)
On Thu, Nov 10, 2011 at 2:36 PM, Rich Megginson <[email protected]
<mailto:[email protected]>> wrote:
On 11/10/2011 12:02 PM, Tom Tucker wrote:
Responding to the group..this time.
Thanks for the quick response, unfortunately no change.
OS: FC 15
https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=751495
<https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=751495>
Server1
##########
[root@serverA phpldapadmin]# setup-ds-admin.pl
<http://setup-ds-admin.pl/> -u
==============================================================================
The update option will allow you to re-register your servers with the
configuration directory server and update the information about your
servers that the console and admin server uses. You will need your
configuration directory server admin ID and password to continue.
Continue? [yes]:
==============================================================================
Please specify the information about your configuration directory
server. The following information is required:
- host (fully qualified), port (non-secure or secure), suffix,
protocol (ldap or ldaps) - this information should be provided
in the
form of an LDAP url e.g. for non-secure
ldap://host.example.com:389/o=NetscapeRoot
<http://host.example.com:389/o=NetscapeRoot>
or for secure
ldaps://host.example.com:636/o=NetscapeRoot
<http://host.example.com:636/o=NetscapeRoot>
- admin ID and password
- admin domain
- a CA certificate file may be required if you choose to use
ldaps and
security has not yet been configured - the file must be in
PEM/ASCII
format - specify the absolute path and filename
Configuration directory server URL
[ldap://serverA.mydomain.com:389/o=NetscapeRoot
<http://serverA.mydomain.com:389/o=NetscapeRoot>]:
Configuration directory server admin ID
[uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot]:
Configuration directory server admin password:
Configuration directory server admin domain [mydomain.com
<http://mydomain.com/>]:
==============================================================================
The interactive phase is complete. The script will now set up your
servers. Enter No or go Back if you want to change something.
Are you ready to set up your servers? [yes]:
Could not open TLS connection to serverA.mydomain.com:389
<http://serverA.mydomain.com:389/> - trying regular connection
rm: cannot remove
`/var/lib/dirsrv/slapd-serverA/changelogdb/__db.*': No such file
or directory
rm: cannot remove
`/var/lib/dirsrv/slapd-serverA/changelogdb/guardian': No such
file or directory
Undefined subroutine &DSUpdate::updateSystemD called at
/usr/lib/dirsrv/perl/DSUpdate.pm line 419.
rpm -qi 389-ds-base
this issue is fixed in 1.2.10.a5 in updates-testing
Server2
#########
[root@usg-ldap7901 admin-serv]# setup-ds-admin.pl
<http://setup-ds-admin.pl/> -u
==============================================================================
The update option will allow you to re-register your servers with the
configuration directory server and update the information about your
servers that the console and admin server uses. You will need your
configuration directory server admin ID and password to continue.
Continue? [yes]: yes
==============================================================================
Please specify the information about your configuration directory
server. The following information is required:
- host (fully qualified), port (non-secure or secure), suffix,
protocol (ldap or ldaps) - this information should be provided
in the
form of an LDAP url e.g. for non-secure
ldap://host.example.com:389/o=NetscapeRoot
<http://host.example.com:389/o=NetscapeRoot>
or for secure
ldaps://host.example.com:636/o=NetscapeRoot
<http://host.example.com:636/o=NetscapeRoot>
- admin ID and password
- admin domain
- a CA certificate file may be required if you choose to use
ldaps and
security has not yet been configured - the file must be in
PEM/ASCII
format - specify the absolute path and filename
Configuration directory server URL
[ldap://serverA.mydomain.com:389/o=NetscapeRoot
<http://serverA.mydomain.com:389/o=NetscapeRoot>]:
Configuration directory server admin ID
[uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot]:
Configuration directory server admin password:
Configuration directory server admin domain [mydomain.com
<http://mydomain.com/>]:
==============================================================================
The interactive phase is complete. The script will now set up your
servers. Enter No or go Back if you want to change something.
Are you ready to set up your servers? [yes]:
Could not open TLS connection to serverA.mydomain.com:389
<http://serverA.mydomain.com:389/> - trying regular connection
Undefined subroutine &DSUpdate::updateSystemD called at
/usr/lib/dirsrv/perl/DSUpdate.pm line 419.
On Thu, Nov 10, 2011 at 1:48 PM, Rich Megginson
<[email protected] <mailto:[email protected]>> wrote:
On 11/10/2011 11:48 AM, Tom Tucker wrote:
I would appreciate any troubleshooting advise you might have
regarding my registered ldap servers. I am referring to the
first page you see when launching the console (servers
listed underneath Servers and Applications). I see my
servers listed, however I am unable to open them. Their
"Server status" always reports "Stopped" even though the
remote servers are running.
Based on my tcpdump capture below the 'admin prohibited'
message is a clear indication of the problem, but I can't
seem to correct it. I have reran the setup several times,
confirmed the password and such.
What am I missing?
Have you tried running setup-ds-admin.pl
<http://setup-ds-admin.pl> -u on both the local servers and
the remote servers?
==============================================================================
13:35:27.458489 IP serverA.mydomain.com.30940 >
serverB.mydomain.com.ldap: Flags [S], seq 404137883, win
14600, options [mss 1460,sackOK,TS val 348721371 ecr
0,nop,wscale 6], length 0
13:35:27.458591 IP serverB.mydomain.com
<http://serverB.mydomain.com> > serverA.mydomain.com
<http://serverA.mydomain.com>: ICMP host
serverB.mydomain.com <http://serverB.mydomain.com>
unreachable - admin prohibited, length 68
Please specify the information about your configuration
directory
server. The following information is required:
- host (fully qualified), port (non-secure or secure), suffix,
protocol (ldap or ldaps) - this information should be
provided in the
form of an LDAP url e.g. for non-secure
ldap://host.example.com:389/o=NetscapeRoot
<http://host.example.com:389/o=NetscapeRoot>
or for secure
ldaps://host.example.com:636/o=NetscapeRoot
<http://host.example.com:636/o=NetscapeRoot>
- admin ID and password
- admin domain
- a CA certificate file may be required if you choose to use
ldaps and
security has not yet been configured - the file must be in
PEM/ASCII
format - specify the absolute path and filename
Configuration directory server URL
[ldap://serverA.mydomain.com:389/o=NetscapeRoot
<http://serverA.mydomain.com:389/o=NetscapeRoot>]:
Configuration directory server admin ID
[uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot]:
Configuration directory server admin password:
Configuration directory server admin domain [mydomain.com
<http://mydomain.com>]:
--
389 users mailing list
[email protected]
<mailto:[email protected]>
https://admin.fedoraproject.org/mailman/listinfo/389-users
