Dan Deighton
2006-Nov-02 15:39 UTC
Re: [Fedora-directory-users] Problem accessing Configuration Directory after upgrade to 1.0.3
On Thu, 2006-11-02 at 08:09 -0700, Richard Megginson wrote: Dan Deighton wrote:> With FDS 1.0.2, I had setup a Secure Connection under the > Configuration DS in the Admin Console. Everything was going fine > until I updated to 1.0.3. After that, the Directory Server would > start, but the Admin Server would not. > > I thought it may have been a problem with the upgrade, so I did a > fresh install of FDS 1.0.3. As soon as I enabled a Secure Connection > for the Configuration DS. The problem was back.Can you post the error log from your admin server? admin-serv/logs/error If that doesn''t have much information in it, try doing start-admin -e debug> > I had no problem setting up encryption for the Admin Server and the > User DS. It only happens with the Configuration DS. > > Has anyone else seen this problem? Am I missing something obvious > that changed with 1.0.3? > > Any help would be appreciated. > > Thanks > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users Without debug: -------------- admin-serv/logs/error: --- [Thu Nov 02 10:27:11 2006] [warn] NSSProtocols not set; using: SSLv3 and TLSv1 [Thu Nov 02 10:27:12 2006] [crit] mod_admserv_post_config(): unable to build user/group LDAP server info: unable to set User/Group baseDN Configuration Failed --- -------------- With debug: -------------- admin-serv/logs/error --- [Thu Nov 02 10:31:34 2006] [info] done Init: Initializing NSS library [Thu Nov 02 10:31:34 2006] [warn] NSSProtocols not set; using: SSLv3 and TLSv1 [Thu Nov 02 10:31:35 2006] [debug] mod_admserv.c(760): sslinit: mod_nss has been started and initialized [Thu Nov 02 10:31:35 2006] [crit] mod_admserv_post_config(): unable to build user/group LDAP server info: unable to set User/Group baseDN Configuration Failed --- STDOUT: --- ./start-admin -e debug [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module access_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module auth_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module log_config_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module env_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module mime_magic_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module expires_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module deflate_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module headers_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module unique_id_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module setenvif_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module mime_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module vhost_alias_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module negotiation_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module dir_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module actions_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module alias_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module rewrite_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module cache_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module disk_cache_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module file_cache_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module mem_cache_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module cgi_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module restartd_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module nss_module [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module admserv_module [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2382): [22117] create_server_config [0x9f09370] for (null) [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] create_config [0x9f09380] for (null) [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2431): [22117] Set [0x9f09370] [ADMCacheLifeTime] to 600 [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2449): [22117] Set [0x9f09370] [ADMServerVersionString] to Fedora-Administrator/1.0.3 [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] create_config [0x9f38f88] for /opt/fedora-ds/clients/dsgw/bin/ [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] create_config [0x9f3a2b0] for /*/[tT]asks/[Oo]peration/* [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] create_config [0x9f38878] for /*/[tT]asks/[Cc]onfiguration/* [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] create_config [0x9f3b8e0] for /*/[tT]asks/[Oo]peration/(?i:stop|start|restart|startconfigds|create)$ Please enter password for "internal" token: --- --------------
Richard Megginson
2006-Nov-02 16:31 UTC
Re: [Fedora-directory-users] Problem accessing Configuration Directory after upgrade to 1.0.3
Dan Deighton wrote:> On Thu, 2006-11-02 at 08:09 -0700, Richard Megginson wrote: > Dan Deighton wrote: >> With FDS 1.0.2, I had setup a Secure Connection under the >> Configuration DS in the Admin Console. Everything was going fine >> until I updated to 1.0.3. After that, the Directory Server would >> start, but the Admin Server would not. >> >> I thought it may have been a problem with the upgrade, so I did a >> fresh install of FDS 1.0.3. As soon as I enabled a Secure Connection >> for the Configuration DS. The problem was back. > Can you post the error log from your admin server? admin-serv/logs/error > If that doesn''t have much information in it, try doing start-admin -e > debugThanks. The last line of error output is odd: > Please enter password for "internal" token: Are you using a pin file for the admin server ssl password? If not, did you type in the password on the command line?>> >> I had no problem setting up encryption for the Admin Server and the >> User DS. It only happens with the Configuration DS. >> >> Has anyone else seen this problem? Am I missing something obvious >> that changed with 1.0.3? >> >> Any help would be appreciated. >> >> Thanks >> >> ------------------------------------------------------------------------ >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > Without debug: > -------------- > > admin-serv/logs/error: > --- > [Thu Nov 02 10:27:11 2006] [warn] NSSProtocols not set; using: SSLv3 > and TLSv1 > [Thu Nov 02 10:27:12 2006] [crit] mod_admserv_post_config(): unable to > build user/group LDAP server info: unable to set User/Group baseDN > Configuration Failed > --- > > -------------- > > > > With debug: > -------------- > > admin-serv/logs/error > --- > > [Thu Nov 02 10:31:34 2006] [info] done Init: Initializing NSS library > [Thu Nov 02 10:31:34 2006] [warn] NSSProtocols not set; using: SSLv3 > and TLSv1 > [Thu Nov 02 10:31:35 2006] [debug] mod_admserv.c(760): sslinit: > mod_nss has been started and initialized > [Thu Nov 02 10:31:35 2006] [crit] mod_admserv_post_config(): unable to > build user/group LDAP server info: unable to set User/Group baseDN > Configuration Failed > > --- > > STDOUT: > --- > ./start-admin -e debug > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > access_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > auth_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > log_config_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > env_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > mime_magic_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > expires_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > deflate_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > headers_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > unique_id_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > setenvif_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > mime_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > vhost_alias_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > negotiation_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > dir_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > actions_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > alias_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > rewrite_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > cache_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > disk_cache_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > file_cache_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > mem_cache_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > cgi_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > restartd_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > nss_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > admserv_module > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2382): [22117] > create_server_config [0x9f09370] for (null) > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] > create_config [0x9f09380] for (null) > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2431): [22117] Set > [0x9f09370] [ADMCacheLifeTime] to 600 > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2449): [22117] Set > [0x9f09370] [ADMServerVersionString] to Fedora-Administrator/1.0.3 > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] > create_config [0x9f38f88] for /opt/fedora-ds/clients/dsgw/bin/ > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] > create_config [0x9f3a2b0] for /*/[tT]asks/[Oo]peration/* > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] > create_config [0x9f38878] for /*/[tT]asks/[Cc]onfiguration/* > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] > create_config [0x9f3b8e0] for > /*/[tT]asks/[Oo]peration/(?i:stop|start|restart|startconfigds|create)$ > Please enter password for "internal" token: > > --- > > -------------- > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users
Rob Crittenden
2006-Nov-02 17:56 UTC
Re: [Fedora-directory-users] Problem accessing Configuration Directory after upgrade to 1.0.3
I don''t think that the password thing is necessarily a problem depending on how mod_nss is configured. I''m more curious what is logged on the LDAP side. Is the admin server attempting to open a connection? If so, how is it failing? rob Richard Megginson wrote:> Dan Deighton wrote: >> On Thu, 2006-11-02 at 08:09 -0700, Richard Megginson wrote: >> Dan Deighton wrote: >>> With FDS 1.0.2, I had setup a Secure Connection under the >>> Configuration DS in the Admin Console. Everything was going fine >>> until I updated to 1.0.3. After that, the Directory Server would >>> start, but the Admin Server would not. >>> >>> I thought it may have been a problem with the upgrade, so I did a >>> fresh install of FDS 1.0.3. As soon as I enabled a Secure Connection >>> for the Configuration DS. The problem was back. >> Can you post the error log from your admin server? admin-serv/logs/error >> If that doesn''t have much information in it, try doing start-admin -e >> debug > Thanks. The last line of error output is odd: > > Please enter password for "internal" token: > Are you using a pin file for the admin server ssl password? If not, did > you type in the password on the command line? >>> >>> I had no problem setting up encryption for the Admin Server and the >>> User DS. It only happens with the Configuration DS. >>> >>> Has anyone else seen this problem? Am I missing something obvious >>> that changed with 1.0.3? >>> >>> Any help would be appreciated. >>> >>> Thanks >>> >>> ------------------------------------------------------------------------ >>> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users@redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> >> >> Without debug: >> -------------- >> >> admin-serv/logs/error: >> --- >> [Thu Nov 02 10:27:11 2006] [warn] NSSProtocols not set; using: SSLv3 >> and TLSv1 >> [Thu Nov 02 10:27:12 2006] [crit] mod_admserv_post_config(): unable to >> build user/group LDAP server info: unable to set User/Group baseDN >> Configuration Failed >> --- >> >> -------------- >> >> >> >> With debug: >> -------------- >> >> admin-serv/logs/error >> --- >> >> [Thu Nov 02 10:31:34 2006] [info] done Init: Initializing NSS library >> [Thu Nov 02 10:31:34 2006] [warn] NSSProtocols not set; using: SSLv3 >> and TLSv1 >> [Thu Nov 02 10:31:35 2006] [debug] mod_admserv.c(760): sslinit: >> mod_nss has been started and initialized >> [Thu Nov 02 10:31:35 2006] [crit] mod_admserv_post_config(): unable to >> build user/group LDAP server info: unable to set User/Group baseDN >> Configuration Failed >> >> --- >> >> STDOUT: >> --- >> ./start-admin -e debug >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> access_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> auth_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> log_config_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> env_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> mime_magic_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> expires_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> deflate_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> headers_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> unique_id_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> setenvif_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> mime_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> vhost_alias_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> negotiation_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> dir_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> actions_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> alias_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> rewrite_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> cache_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> disk_cache_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> file_cache_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> mem_cache_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> cgi_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> restartd_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> nss_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module >> admserv_module >> [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2382): [22117] >> create_server_config [0x9f09370] for (null) >> [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] >> create_config [0x9f09380] for (null) >> [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2431): [22117] Set >> [0x9f09370] [ADMCacheLifeTime] to 600 >> [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2449): [22117] Set >> [0x9f09370] [ADMServerVersionString] to Fedora-Administrator/1.0.3 >> [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] >> create_config [0x9f38f88] for /opt/fedora-ds/clients/dsgw/bin/ >> [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] >> create_config [0x9f3a2b0] for /*/[tT]asks/[Oo]peration/* >> [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] >> create_config [0x9f38878] for /*/[tT]asks/[Cc]onfiguration/* >> [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] >> create_config [0x9f3b8e0] for >> /*/[tT]asks/[Oo]peration/(?i:stop|start|restart|startconfigds|create)$ >> Please enter password for "internal" token: >> >> --- >> >> --------------