Bliss, Aaron
2007-Feb-19 15:37 UTC
[Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Hi everyone I''m currently running fds 1.0.2 on 2 redhat boxes (a master and a slave); are there any gotchas that I should look out for before upgrading to 1.0.4? Can I go directly to this release, or do I need to first upgrade to .3? Thanks for your help. Aaron Confidentiality Notice: The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.
Richard Megginson
2007-Feb-19 15:40 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Bliss, Aaron wrote:> > Hi everyone > I''m currently running fds 1.0.2 on 2 redhat boxes (a master and a > slave); are there any gotchas that I should look out for before > upgrading to 1.0.4? Can I go directly to this release, or do I need > to first upgrade to .3? Thanks for your help. >You can go directly from .2 to .4. Be sure to read the release notes - http://directory.fedora.redhat.com/wiki/Release_Notes - and follow the directions there.> > Aaron > > Confidentiality Notice: > The information contained in this electronic message is intended for > the exclusive use of the individual or entity named above and may > contain privileged or confidential information. If the reader of this > message is not the intended recipient or the employee or agent > responsible to deliver it to the intended recipient, you are hereby > notified that dissemination, distribution or copying of this > information is prohibited. If you have received this communication in > error, please notify the sender immediately by telephone and destroy > the copies you received. > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Bliss, Aaron
2007-Feb-19 17:07 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Well, I checked out the release notes, and disabled all syntax checking in all password policies before upgrading; upgrade seems to have gone okay, however I''m not unable to log into the directory server console; directory server is running: ldap 32287 7.7 2.3 522820 24416 ? Sl 12:01 0:00 /ns-slapd -D /opt/fedora-ds/slapd-al-lnx-s11 -i /opt/fedora-ds/slapd-al-lnx-s11/logs/pid -w root 32374 1.0 0.3 35372 3256 ? Ssl 12:02 0:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/co root 32376 0.0 0.1 35356 1672 ? S 12:02 0:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/co ldap 32379 4.0 0.4 704088 4928 ? Sl 12:02 0:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/co I can however login with the built-in admin account; I''m also able to still log into the console on the slave directory server (which is still running fds 1.0.2); login error is error 401 Authorization required; next line displays status 401. Queries to the server seem to be okay; It seems almost as if the console either isn''t searching the proper directory (like it''s searching the Netscape directory name space or the console has lost the configuration piece that allows my uid to login); I remember setting this thru the console way back when I originally setup fds, however I can''t find where that option is thru the gui; any ideas how to further troubleshoot? Thanks. Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard Megginson Sent: Monday, February 19, 2007 10:41 AM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> > Hi everyone > I''m currently running fds 1.0.2 on 2 redhat boxes (a master and a > slave); are there any gotchas that I should look out for before > upgrading to 1.0.4? Can I go directly to this release, or do I need > to first upgrade to .3? Thanks for your help. >You can go directly from .2 to .4. Be sure to read the release notes - http://directory.fedora.redhat.com/wiki/Release_Notes - and follow the directions there.> > Aaron > > Confidentiality Notice: > The information contained in this electronic message is intended for > the exclusive use of the individual or entity named above and may > contain privileged or confidential information. If the reader of this> message is not the intended recipient or the employee or agent > responsible to deliver it to the intended recipient, you are hereby > notified that dissemination, distribution or copying of this > information is prohibited. If you have received this communication in> error, please notify the sender immediately by telephone and destroy > the copies you received. > >------------------------------------------------------------------------> > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Bliss, Aaron
2007-Feb-19 17:26 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
I should mention that I didn''t run setup after upgrading the rpm; is this necessary? Thanks. Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Bliss, Aaron Sent: Monday, February 19, 2007 12:07 PM To: General discussion list for the Fedora Directory server project. Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Well, I checked out the release notes, and disabled all syntax checking in all password policies before upgrading; upgrade seems to have gone okay, however I''m not unable to log into the directory server console; directory server is running: ldap 32287 7.7 2.3 522820 24416 ? Sl 12:01 0:00 /ns-slapd -D /opt/fedora-ds/slapd-al-lnx-s11 -i /opt/fedora-ds/slapd-al-lnx-s11/logs/pid -w root 32374 1.0 0.3 35372 3256 ? Ssl 12:02 0:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/co root 32376 0.0 0.1 35356 1672 ? S 12:02 0:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/co ldap 32379 4.0 0.4 704088 4928 ? Sl 12:02 0:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/co I can however login with the built-in admin account; I''m also able to still log into the console on the slave directory server (which is still running fds 1.0.2); login error is error 401 Authorization required; next line displays status 401. Queries to the server seem to be okay; It seems almost as if the console either isn''t searching the proper directory (like it''s searching the Netscape directory name space or the console has lost the configuration piece that allows my uid to login); I remember setting this thru the console way back when I originally setup fds, however I can''t find where that option is thru the gui; any ideas how to further troubleshoot? Thanks. Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard Megginson Sent: Monday, February 19, 2007 10:41 AM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> > Hi everyone > I''m currently running fds 1.0.2 on 2 redhat boxes (a master and a > slave); are there any gotchas that I should look out for before > upgrading to 1.0.4? Can I go directly to this release, or do I need > to first upgrade to .3? Thanks for your help. >You can go directly from .2 to .4. Be sure to read the release notes - http://directory.fedora.redhat.com/wiki/Release_Notes - and follow the directions there.> > Aaron > > Confidentiality Notice: > The information contained in this electronic message is intended for > the exclusive use of the individual or entity named above and may > contain privileged or confidential information. If the reader of this> message is not the intended recipient or the employee or agent > responsible to deliver it to the intended recipient, you are hereby > notified that dissemination, distribution or copying of this > information is prohibited. If you have received this communication in> error, please notify the sender immediately by telephone and destroy > the copies you received. > >------------------------------------------------------------------------> > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Richard Megginson
2007-Feb-19 17:38 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Bliss, Aaron wrote:> I should mention that I didn''t run setup after upgrading the rpm; is > this necessary? Thanks. >Yes. Please read http://directory.fedora.redhat.com/wiki/Release_Notes : Finally, run setup as follows: cd /opt/fedora-ds ; ./setup/setup> Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Bliss, > Aaron > Sent: Monday, February 19, 2007 12:07 PM > To: General discussion list for the Fedora Directory server project. > Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > Well, I checked out the release notes, and disabled all syntax checking > in all password policies before upgrading; upgrade seems to have gone > okay, however I''m not unable to log into the directory server console; > directory server is running: > ldap 32287 7.7 2.3 522820 24416 ? Sl 12:01 0:00 > /ns-slapd -D /opt/fedora-ds/slapd-al-lnx-s11 -i > /opt/fedora-ds/slapd-al-lnx-s11/logs/pid -w > root 32374 1.0 0.3 35372 3256 ? Ssl 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > root 32376 0.0 0.1 35356 1672 ? S 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > ldap 32379 4.0 0.4 704088 4928 ? Sl 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > > I can however login with the built-in admin account; I''m also able to > still log into the console on the slave directory server (which is still > running fds 1.0.2); login error is error 401 Authorization required; > next line displays status 401. Queries to the server seem to be okay; > It seems almost as if the console either isn''t searching the proper > directory (like it''s searching the Netscape directory name space or the > console has lost the configuration piece that allows my uid to login); I > remember setting this thru the console way back when I originally setup > fds, however I can''t find where that option is thru the gui; any ideas > how to further troubleshoot? Thanks. > > Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard > Megginson > Sent: Monday, February 19, 2007 10:41 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > Bliss, Aaron wrote: > >> Hi everyone >> I''m currently running fds 1.0.2 on 2 redhat boxes (a master and a >> slave); are there any gotchas that I should look out for before >> upgrading to 1.0.4? Can I go directly to this release, or do I need >> to first upgrade to .3? Thanks for your help. >> >> > You can go directly from .2 to .4. > > Be sure to read the release notes - > http://directory.fedora.redhat.com/wiki/Release_Notes - and follow the > directions there. > >> Aaron >> >> Confidentiality Notice: >> The information contained in this electronic message is intended for >> the exclusive use of the individual or entity named above and may >> contain privileged or confidential information. If the reader of this >> > > >> message is not the intended recipient or the employee or agent >> responsible to deliver it to the intended recipient, you are hereby >> notified that dissemination, distribution or copying of this >> information is prohibited. If you have received this communication in >> > > >> error, please notify the sender immediately by telephone and destroy >> the copies you received. >> >> >> > ------------------------------------------------------------------------ > >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Bliss, Aaron
2007-Feb-19 17:38 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
After doing some more reading, I did run the setup script, however I''m still having the login issue with my userid; I also seem to have a few other problems; any help would be much appreciated. [slapd-al-lnx-s11]: starting up server ... [slapd-al-lnx-s11]: Fedora-Directory/1.0.4 B2006.312.435 [slapd-al-lnx-s11]: al-lnx-s11.preferredcare.org:389 (/opt/fedora-ds/slapd-al-lnx-s11) [slapd-al-lnx-s11]: [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] - Fedora-Directory/1.0.4 B2006.312.435 starting up [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] NSMMReplicationPlugin - agmt="cn=rep2" (ms-lnx-s12:636): SSL Not Initialized, Replication over SSL FAILED [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] NSMMReplicationPlugin - agmt="cn=rep2" (ms-lnx-s12:636): Incremental update failed and requires administrator action [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] - slapd started. Listening on All Interfaces port 389 for LDAP requests NMC_Status: 0 NMC_Description: Success! The server has been started. Start Slapd Starting Slapd server reconfiguration. Fatal Slapd ERROR: Could not update Directory Server Instance URL ldap://al-lnx-s11.preferredcare.org:389/o=NetscapeRoot user id admin DN cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo t (19:Constraint violation) Configuring Administration Server... InstallInfo: Apache Directory "ApacheDir" is missing. /opt/fedora-ds/slapd-al-lnx-s11/config/dse.ldif: SSL on ... Restarting Directory Server: /opt/fedora-ds/slapd-al-lnx-s11/start-slapd You can now use the console. Here is the command to use to start the console: cd /opt/fedora-ds /startconsole -u admin -a http://al-lnx-s11.preferredcare.org:1505/ INFO Finished with setup, logfile is setup/setup.log -----Original Message----- From: Bliss, Aaron Sent: Monday, February 19, 2007 12:26 PM To: Bliss, Aaron; General discussion list for the Fedora Directory server project. Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 I should mention that I didn''t run setup after upgrading the rpm; is this necessary? Thanks. Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Bliss, Aaron Sent: Monday, February 19, 2007 12:07 PM To: General discussion list for the Fedora Directory server project. Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Well, I checked out the release notes, and disabled all syntax checking in all password policies before upgrading; upgrade seems to have gone okay, however I''m not unable to log into the directory server console; directory server is running: ldap 32287 7.7 2.3 522820 24416 ? Sl 12:01 0:00 /ns-slapd -D /opt/fedora-ds/slapd-al-lnx-s11 -i /opt/fedora-ds/slapd-al-lnx-s11/logs/pid -w root 32374 1.0 0.3 35372 3256 ? Ssl 12:02 0:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/co root 32376 0.0 0.1 35356 1672 ? S 12:02 0:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/co ldap 32379 4.0 0.4 704088 4928 ? Sl 12:02 0:00 /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/co I can however login with the built-in admin account; I''m also able to still log into the console on the slave directory server (which is still running fds 1.0.2); login error is error 401 Authorization required; next line displays status 401. Queries to the server seem to be okay; It seems almost as if the console either isn''t searching the proper directory (like it''s searching the Netscape directory name space or the console has lost the configuration piece that allows my uid to login); I remember setting this thru the console way back when I originally setup fds, however I can''t find where that option is thru the gui; any ideas how to further troubleshoot? Thanks. Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard Megginson Sent: Monday, February 19, 2007 10:41 AM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> > Hi everyone > I''m currently running fds 1.0.2 on 2 redhat boxes (a master and a > slave); are there any gotchas that I should look out for before > upgrading to 1.0.4? Can I go directly to this release, or do I need > to first upgrade to .3? Thanks for your help. >You can go directly from .2 to .4. Be sure to read the release notes - http://directory.fedora.redhat.com/wiki/Release_Notes - and follow the directions there.> > Aaron > > Confidentiality Notice: > The information contained in this electronic message is intended for > the exclusive use of the individual or entity named above and may > contain privileged or confidential information. If the reader of this> message is not the intended recipient or the employee or agent > responsible to deliver it to the intended recipient, you are hereby > notified that dissemination, distribution or copying of this > information is prohibited. If you have received this communication in> error, please notify the sender immediately by telephone and destroy > the copies you received. > >------------------------------------------------------------------------> > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Richard Megginson
2007-Feb-19 18:02 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Bliss, Aaron wrote:> After doing some more reading, I did run the setup script, however I''m > still having the login issue with my userid; I also seem to have a few > other problems; any help would be much appreciated. > > [slapd-al-lnx-s11]: starting up server ... > [slapd-al-lnx-s11]: Fedora-Directory/1.0.4 B2006.312.435 > [slapd-al-lnx-s11]: al-lnx-s11.preferredcare.org:389 > (/opt/fedora-ds/slapd-al-lnx-s11) > [slapd-al-lnx-s11]: > [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] - > Fedora-Directory/1.0.4 B2006.312.435 starting up > [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] NSMMReplicationPlugin - > agmt="cn=rep2" (ms-lnx-s12:636): SSL Not Initialized, Replication over > SSL FAILED > [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] NSMMReplicationPlugin - > agmt="cn=rep2" (ms-lnx-s12:636): Incremental update failed and requires > administrator action >I think these are ok - ssl is disabled during the upgrade and reenabled at the end - see below.> [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] - slapd started. > Listening on All Interfaces port 389 for LDAP requests > > NMC_Status: 0 > NMC_Description: Success! The server has been started. > > Start Slapd Starting Slapd server reconfiguration. > Fatal Slapd ERROR: Could not update Directory Server Instance > URL ldap://al-lnx-s11.preferredcare.org:389/o=NetscapeRoot user id admin > DN cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server > Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo > t (19:Constraint violation) >This means password policy was not disabled during the upgrade - as specified in the Release Notes - http://directory.fedora.redhat.com/wiki/Release_Notes#Fedora_Directory_Server_1.0.4_-_11.2F09.2F2006> Configuring Administration Server... > InstallInfo: Apache Directory "ApacheDir" is missing. >This may be a consequence of the constraint violation above.> /opt/fedora-ds/slapd-al-lnx-s11/config/dse.ldif: SSL on ... > Restarting Directory Server: /opt/fedora-ds/slapd-al-lnx-s11/start-slapd > > You can now use the console. Here is the command to use to start the > console: > cd /opt/fedora-ds > /startconsole -u admin -a http://al-lnx-s11.preferredcare.org:1505/ > > INFO Finished with setup, logfile is setup/setup.log > > -----Original Message----- > From: Bliss, Aaron > Sent: Monday, February 19, 2007 12:26 PM > To: Bliss, Aaron; General discussion list for the Fedora Directory > server project. > Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > I should mention that I didn''t run setup after upgrading the rpm; is > this necessary? Thanks. > > Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Bliss, > Aaron > Sent: Monday, February 19, 2007 12:07 PM > To: General discussion list for the Fedora Directory server project. > Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > Well, I checked out the release notes, and disabled all syntax checking > in all password policies before upgrading; upgrade seems to have gone > okay, however I''m not unable to log into the directory server console; > directory server is running: > ldap 32287 7.7 2.3 522820 24416 ? Sl 12:01 0:00 > /ns-slapd -D /opt/fedora-ds/slapd-al-lnx-s11 -i > /opt/fedora-ds/slapd-al-lnx-s11/logs/pid -w > root 32374 1.0 0.3 35372 3256 ? Ssl 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > root 32376 0.0 0.1 35356 1672 ? S 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > ldap 32379 4.0 0.4 704088 4928 ? Sl 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > > I can however login with the built-in admin account; I''m also able to > still log into the console on the slave directory server (which is still > running fds 1.0.2); login error is error 401 Authorization required; > next line displays status 401. Queries to the server seem to be okay; > It seems almost as if the console either isn''t searching the proper > directory (like it''s searching the Netscape directory name space or the > console has lost the configuration piece that allows my uid to login); I > remember setting this thru the console way back when I originally setup > fds, however I can''t find where that option is thru the gui; any ideas > how to further troubleshoot? Thanks. > > Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard > Megginson > Sent: Monday, February 19, 2007 10:41 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > Bliss, Aaron wrote: > >> Hi everyone >> I''m currently running fds 1.0.2 on 2 redhat boxes (a master and a >> slave); are there any gotchas that I should look out for before >> upgrading to 1.0.4? Can I go directly to this release, or do I need >> to first upgrade to .3? Thanks for your help. >> >> > You can go directly from .2 to .4. > > Be sure to read the release notes - > http://directory.fedora.redhat.com/wiki/Release_Notes - and follow the > directions there. > >> Aaron >> >> Confidentiality Notice: >> The information contained in this electronic message is intended for >> the exclusive use of the individual or entity named above and may >> contain privileged or confidential information. If the reader of this >> > > >> message is not the intended recipient or the employee or agent >> responsible to deliver it to the intended recipient, you are hereby >> notified that dissemination, distribution or copying of this >> information is prohibited. If you have received this communication in >> > > >> error, please notify the sender immediately by telephone and destroy >> the copies you received. >> >> >> > ------------------------------------------------------------------------ > >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Bliss, Aaron
2007-Feb-19 18:11 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Thanks for pointing these out; I decided to restore the old fds instance that I had and will work try this on a test box. More to follow. Aaron -----Original Message----- From: Richard Megginson [mailto:rmeggins@redhat.com] Sent: Monday, February 19, 2007 1:02 PM To: General discussion list for the Fedora Directory server project. Cc: Bliss, Aaron Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> After doing some more reading, I did run the setup script, however I''m > still having the login issue with my userid; I also seem to have a few > other problems; any help would be much appreciated. > > [slapd-al-lnx-s11]: starting up server ... > [slapd-al-lnx-s11]: Fedora-Directory/1.0.4 B2006.312.435 > [slapd-al-lnx-s11]: al-lnx-s11.preferredcare.org:389 > (/opt/fedora-ds/slapd-al-lnx-s11) > [slapd-al-lnx-s11]: > [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] - > Fedora-Directory/1.0.4 B2006.312.435 starting up > [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] NSMMReplicationPlugin-> agmt="cn=rep2" (ms-lnx-s12:636): SSL Not Initialized, Replication over > SSL FAILED > [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] NSMMReplicationPlugin-> agmt="cn=rep2" (ms-lnx-s12:636): Incremental update failed andrequires> administrator action >I think these are ok - ssl is disabled during the upgrade and reenabled at the end - see below.> [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] - slapd started. > Listening on All Interfaces port 389 for LDAP requests > > NMC_Status: 0 > NMC_Description: Success! The server has been started. > > Start Slapd Starting Slapd server reconfiguration. > Fatal Slapd ERROR: Could not update Directory Server Instance > URL ldap://al-lnx-s11.preferredcare.org:389/o=NetscapeRoot user idadmin> DN cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo> t (19:Constraint violation) >This means password policy was not disabled during the upgrade - as specified in the Release Notes - http://directory.fedora.redhat.com/wiki/Release_Notes#Fedora_Directory_S erver_1.0.4_-_11.2F09.2F2006> Configuring Administration Server... > InstallInfo: Apache Directory "ApacheDir" is missing. >This may be a consequence of the constraint violation above.> /opt/fedora-ds/slapd-al-lnx-s11/config/dse.ldif: SSL on ... > Restarting Directory Server:/opt/fedora-ds/slapd-al-lnx-s11/start-slapd> > You can now use the console. Here is the command to use to start the > console: > cd /opt/fedora-ds > /startconsole -u admin -a http://al-lnx-s11.preferredcare.org:1505/ > > INFO Finished with setup, logfile is setup/setup.log > > -----Original Message----- > From: Bliss, Aaron > Sent: Monday, February 19, 2007 12:26 PM > To: Bliss, Aaron; General discussion list for the Fedora Directory > server project. > Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > I should mention that I didn''t run setup after upgrading the rpm; is > this necessary? Thanks. > > Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Bliss, > Aaron > Sent: Monday, February 19, 2007 12:07 PM > To: General discussion list for the Fedora Directory server project. > Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > Well, I checked out the release notes, and disabled all syntaxchecking> in all password policies before upgrading; upgrade seems to have gone > okay, however I''m not unable to log into the directory server console; > directory server is running: > ldap 32287 7.7 2.3 522820 24416 ? Sl 12:01 0:00 > /ns-slapd -D /opt/fedora-ds/slapd-al-lnx-s11 -i > /opt/fedora-ds/slapd-al-lnx-s11/logs/pid -w > root 32374 1.0 0.3 35372 3256 ? Ssl 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > root 32376 0.0 0.1 35356 1672 ? S 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > ldap 32379 4.0 0.4 704088 4928 ? Sl 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > > I can however login with the built-in admin account; I''m also able to > still log into the console on the slave directory server (which isstill> running fds 1.0.2); login error is error 401 Authorization required; > next line displays status 401. Queries to the server seem to be okay; > It seems almost as if the console either isn''t searching the proper > directory (like it''s searching the Netscape directory name space orthe> console has lost the configuration piece that allows my uid to login);I> remember setting this thru the console way back when I originallysetup> fds, however I can''t find where that option is thru the gui; any ideas > how to further troubleshoot? Thanks. > > Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf OfRichard> Megginson > Sent: Monday, February 19, 2007 10:41 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > Bliss, Aaron wrote: > >> Hi everyone >> I''m currently running fds 1.0.2 on 2 redhat boxes (a master and a >> slave); are there any gotchas that I should look out for before >> upgrading to 1.0.4? Can I go directly to this release, or do I need >> to first upgrade to .3? Thanks for your help. >> >> > You can go directly from .2 to .4. > > Be sure to read the release notes - > http://directory.fedora.redhat.com/wiki/Release_Notes - and follow the> directions there. > >> Aaron >> >> Confidentiality Notice: >> The information contained in this electronic message is intended for >> the exclusive use of the individual or entity named above and may >> contain privileged or confidential information. If the reader ofthis>> > > >> message is not the intended recipient or the employee or agent >> responsible to deliver it to the intended recipient, you are hereby >> notified that dissemination, distribution or copying of this >> information is prohibited. If you have received this communicationin>> > > >> error, please notify the sender immediately by telephone and destroy >> the copies you received. >> >> >> >------------------------------------------------------------------------> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Bliss, Aaron
2007-Feb-19 20:19 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
I attempted to run the following with of course a good directory manager password: ldapmodify -x -D "cn=directory manager" -w password dn: cn=config changetype: modify replace: passwordCheckSyntax passwordCheckSyntax: off And receive a response saying" modifying entry "cn=config" however it doesn''t seem that the command ever completes, as control isn''t returned back to the command line (I apologize for the newbie questions, however I''m not all that familiar with editing ldap entries from the command line). Thanks. Aaron -----Original Message----- From: Richard Megginson [mailto:rmeggins@redhat.com] Sent: Monday, February 19, 2007 1:02 PM To: General discussion list for the Fedora Directory server project. Cc: Bliss, Aaron Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> After doing some more reading, I did run the setup script, however I''m > still having the login issue with my userid; I also seem to have a few > other problems; any help would be much appreciated. > > [slapd-al-lnx-s11]: starting up server ... > [slapd-al-lnx-s11]: Fedora-Directory/1.0.4 B2006.312.435 > [slapd-al-lnx-s11]: al-lnx-s11.preferredcare.org:389 > (/opt/fedora-ds/slapd-al-lnx-s11) > [slapd-al-lnx-s11]: > [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] - > Fedora-Directory/1.0.4 B2006.312.435 starting up > [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] NSMMReplicationPlugin-> agmt="cn=rep2" (ms-lnx-s12:636): SSL Not Initialized, Replication over > SSL FAILED > [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] NSMMReplicationPlugin-> agmt="cn=rep2" (ms-lnx-s12:636): Incremental update failed andrequires> administrator action >I think these are ok - ssl is disabled during the upgrade and reenabled at the end - see below.> [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] - slapd started. > Listening on All Interfaces port 389 for LDAP requests > > NMC_Status: 0 > NMC_Description: Success! The server has been started. > > Start Slapd Starting Slapd server reconfiguration. > Fatal Slapd ERROR: Could not update Directory Server Instance > URL ldap://al-lnx-s11.preferredcare.org:389/o=NetscapeRoot user idadmin> DN cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo> t (19:Constraint violation) >This means password policy was not disabled during the upgrade - as specified in the Release Notes - http://directory.fedora.redhat.com/wiki/Release_Notes#Fedora_Directory_S erver_1.0.4_-_11.2F09.2F2006> Configuring Administration Server... > InstallInfo: Apache Directory "ApacheDir" is missing. >This may be a consequence of the constraint violation above.> /opt/fedora-ds/slapd-al-lnx-s11/config/dse.ldif: SSL on ... > Restarting Directory Server:/opt/fedora-ds/slapd-al-lnx-s11/start-slapd> > You can now use the console. Here is the command to use to start the > console: > cd /opt/fedora-ds > /startconsole -u admin -a http://al-lnx-s11.preferredcare.org:1505/ > > INFO Finished with setup, logfile is setup/setup.log > > -----Original Message----- > From: Bliss, Aaron > Sent: Monday, February 19, 2007 12:26 PM > To: Bliss, Aaron; General discussion list for the Fedora Directory > server project. > Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > I should mention that I didn''t run setup after upgrading the rpm; is > this necessary? Thanks. > > Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Bliss, > Aaron > Sent: Monday, February 19, 2007 12:07 PM > To: General discussion list for the Fedora Directory server project. > Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > Well, I checked out the release notes, and disabled all syntaxchecking> in all password policies before upgrading; upgrade seems to have gone > okay, however I''m not unable to log into the directory server console; > directory server is running: > ldap 32287 7.7 2.3 522820 24416 ? Sl 12:01 0:00 > /ns-slapd -D /opt/fedora-ds/slapd-al-lnx-s11 -i > /opt/fedora-ds/slapd-al-lnx-s11/logs/pid -w > root 32374 1.0 0.3 35372 3256 ? Ssl 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > root 32376 0.0 0.1 35356 1672 ? S 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > ldap 32379 4.0 0.4 704088 4928 ? Sl 12:02 0:00 > /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f > /opt/fedora-ds/admin-serv/co > > I can however login with the built-in admin account; I''m also able to > still log into the console on the slave directory server (which isstill> running fds 1.0.2); login error is error 401 Authorization required; > next line displays status 401. Queries to the server seem to be okay; > It seems almost as if the console either isn''t searching the proper > directory (like it''s searching the Netscape directory name space orthe> console has lost the configuration piece that allows my uid to login);I> remember setting this thru the console way back when I originallysetup> fds, however I can''t find where that option is thru the gui; any ideas > how to further troubleshoot? Thanks. > > Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf OfRichard> Megginson > Sent: Monday, February 19, 2007 10:41 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > Bliss, Aaron wrote: > >> Hi everyone >> I''m currently running fds 1.0.2 on 2 redhat boxes (a master and a >> slave); are there any gotchas that I should look out for before >> upgrading to 1.0.4? Can I go directly to this release, or do I need >> to first upgrade to .3? Thanks for your help. >> >> > You can go directly from .2 to .4. > > Be sure to read the release notes - > http://directory.fedora.redhat.com/wiki/Release_Notes - and follow the> directions there. > >> Aaron >> >> Confidentiality Notice: >> The information contained in this electronic message is intended for >> the exclusive use of the individual or entity named above and may >> contain privileged or confidential information. If the reader ofthis>> > > >> message is not the intended recipient or the employee or agent >> responsible to deliver it to the intended recipient, you are hereby >> notified that dissemination, distribution or copying of this >> information is prohibited. If you have received this communicationin>> > > >> error, please notify the sender immediately by telephone and destroy >> the copies you received. >> >> >> >------------------------------------------------------------------------> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Richard Megginson
2007-Feb-19 20:40 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Bliss, Aaron wrote:> I attempted to run the following with of course a good directory manager > password: > ldapmodify -x -D "cn=directory manager" -w password > dn: cn=config > changetype: modify > replace: passwordCheckSyntax > passwordCheckSyntax: off > > And receive a response saying" modifying entry "cn=config" however it > doesn''t seem that the command ever completes, as control isn''t returned > back to the command line (I apologize for the newbie questions, however > I''m not all that familiar with editing ldap entries from the command > line). Thanks. >You have to type Ctrl-D (the EOF character) to tell ldapmodify you are done. Also, your modify command must be followed by a blank line, so after the last character input, type Enter, Enter, then Ctrl-D. After typing the second Enter, you should see some feedback about your operation from ldapmodify.> Aaron > > -----Original Message----- > From: Richard Megginson [mailto:rmeggins@redhat.com] > Sent: Monday, February 19, 2007 1:02 PM > To: General discussion list for the Fedora Directory server project. > Cc: Bliss, Aaron > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > Bliss, Aaron wrote: > >> After doing some more reading, I did run the setup script, however I''m >> still having the login issue with my userid; I also seem to have a few >> other problems; any help would be much appreciated. >> >> [slapd-al-lnx-s11]: starting up server ... >> [slapd-al-lnx-s11]: Fedora-Directory/1.0.4 B2006.312.435 >> [slapd-al-lnx-s11]: al-lnx-s11.preferredcare.org:389 >> (/opt/fedora-ds/slapd-al-lnx-s11) >> [slapd-al-lnx-s11]: >> [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] - >> Fedora-Directory/1.0.4 B2006.312.435 starting up >> [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] NSMMReplicationPlugin >> > - > >> agmt="cn=rep2" (ms-lnx-s12:636): SSL Not Initialized, Replication over >> SSL FAILED >> [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] NSMMReplicationPlugin >> > - > >> agmt="cn=rep2" (ms-lnx-s12:636): Incremental update failed and >> > requires > >> administrator action >> >> > I think these are ok - ssl is disabled during the upgrade and reenabled > at the end - see below. > >> [slapd-al-lnx-s11]: [19/Feb/2007:12:33:16 -0500] - slapd started. >> Listening on All Interfaces port 389 for LDAP requests >> >> NMC_Status: 0 >> NMC_Description: Success! The server has been started. >> >> Start Slapd Starting Slapd server reconfiguration. >> Fatal Slapd ERROR: Could not update Directory Server Instance >> URL ldap://al-lnx-s11.preferredcare.org:389/o=NetscapeRoot user id >> > admin > >> DN cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >> >> > Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo > >> t (19:Constraint violation) >> >> > This means password policy was not disabled during the upgrade - as > specified in the Release Notes - > http://directory.fedora.redhat.com/wiki/Release_Notes#Fedora_Directory_S > erver_1.0.4_-_11.2F09.2F2006 > >> Configuring Administration Server... >> InstallInfo: Apache Directory "ApacheDir" is missing. >> >> > This may be a consequence of the constraint violation above. > >> /opt/fedora-ds/slapd-al-lnx-s11/config/dse.ldif: SSL on ... >> Restarting Directory Server: >> > /opt/fedora-ds/slapd-al-lnx-s11/start-slapd > >> You can now use the console. Here is the command to use to start the >> console: >> cd /opt/fedora-ds >> /startconsole -u admin -a http://al-lnx-s11.preferredcare.org:1505/ >> >> INFO Finished with setup, logfile is setup/setup.log >> >> -----Original Message----- >> From: Bliss, Aaron >> Sent: Monday, February 19, 2007 12:26 PM >> To: Bliss, Aaron; General discussion list for the Fedora Directory >> server project. >> Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds >> > 1.0.4 > >> I should mention that I didn''t run setup after upgrading the rpm; is >> this necessary? Thanks. >> >> Aaron >> >> -----Original Message----- >> From: fedora-directory-users-bounces@redhat.com >> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Bliss, >> Aaron >> Sent: Monday, February 19, 2007 12:07 PM >> To: General discussion list for the Fedora Directory server project. >> Subject: RE: [Fedora-directory-users] Preparing to upgrade to fds >> > 1.0.4 > >> Well, I checked out the release notes, and disabled all syntax >> > checking > >> in all password policies before upgrading; upgrade seems to have gone >> okay, however I''m not unable to log into the directory server console; >> directory server is running: >> ldap 32287 7.7 2.3 522820 24416 ? Sl 12:01 0:00 >> /ns-slapd -D /opt/fedora-ds/slapd-al-lnx-s11 -i >> /opt/fedora-ds/slapd-al-lnx-s11/logs/pid -w >> root 32374 1.0 0.3 35372 3256 ? Ssl 12:02 0:00 >> /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f >> /opt/fedora-ds/admin-serv/co >> root 32376 0.0 0.1 35356 1672 ? S 12:02 0:00 >> /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f >> /opt/fedora-ds/admin-serv/co >> ldap 32379 4.0 0.4 704088 4928 ? Sl 12:02 0:00 >> /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f >> /opt/fedora-ds/admin-serv/co >> >> I can however login with the built-in admin account; I''m also able to >> still log into the console on the slave directory server (which is >> > still > >> running fds 1.0.2); login error is error 401 Authorization required; >> next line displays status 401. Queries to the server seem to be okay; >> It seems almost as if the console either isn''t searching the proper >> directory (like it''s searching the Netscape directory name space or >> > the > >> console has lost the configuration piece that allows my uid to login); >> > I > >> remember setting this thru the console way back when I originally >> > setup > >> fds, however I can''t find where that option is thru the gui; any ideas >> how to further troubleshoot? Thanks. >> >> Aaron >> >> -----Original Message----- >> From: fedora-directory-users-bounces@redhat.com >> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >> > Richard > >> Megginson >> Sent: Monday, February 19, 2007 10:41 AM >> To: General discussion list for the Fedora Directory server project. >> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >> > 1.0.4 > >> Bliss, Aaron wrote: >> >> >>> Hi everyone >>> I''m currently running fds 1.0.2 on 2 redhat boxes (a master and a >>> slave); are there any gotchas that I should look out for before >>> upgrading to 1.0.4? Can I go directly to this release, or do I need >>> to first upgrade to .3? Thanks for your help. >>> >>> >>> >> You can go directly from .2 to .4. >> >> Be sure to read the release notes - >> http://directory.fedora.redhat.com/wiki/Release_Notes - and follow the >> > > >> directions there. >> >> >>> Aaron >>> >>> Confidentiality Notice: >>> The information contained in this electronic message is intended for >>> the exclusive use of the individual or entity named above and may >>> contain privileged or confidential information. If the reader of >>> > this > >>> >>> >> >> >>> message is not the intended recipient or the employee or agent >>> responsible to deliver it to the intended recipient, you are hereby >>> notified that dissemination, distribution or copying of this >>> information is prohibited. If you have received this communication >>> > in > >>> >>> >> >> >>> error, please notify the sender immediately by telephone and destroy >>> the copies you received. >>> >>> >>> >>> > ------------------------------------------------------------------------ > >> >> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users@redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >>> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >>
Pete Rowley
2007-Feb-19 20:52 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Richard Megginson wrote:> Bliss, Aaron wrote: >> I attempted to run the following with of course a good directory manager >> password: >> ldapmodify -x -D "cn=directory manager" -w password >> dn: cn=config >> changetype: modify >> replace: passwordCheckSyntax >> passwordCheckSyntax: off >> >> And receive a response saying" modifying entry "cn=config" however it >> doesn''t seem that the command ever completes, as control isn''t returned >> back to the command line (I apologize for the newbie questions, however >> I''m not all that familiar with editing ldap entries from the command >> line). Thanks. >> > You have to type Ctrl-D (the EOF character) to tell ldapmodify you are > done. Also, your modify command must be followed by a blank line, so > after the last character input, type Enter, Enter, then Ctrl-D. After > typing the second Enter, you should see some feedback about your > operation from ldapmodify.Also, I find it much easier to create a file and use the -f option to point to it. Typos aren''t such a big deal then and you don''t have to remember it''s ^D to complete the input :) -- Pete
sigid@JINLab
2007-Feb-20 07:18 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Richard Megginson wrote:> Bliss, Aaron wrote: >> I should mention that I didn''t run setup after upgrading the rpm; is >> this necessary? Thanks. >> > Yes. Please read http://directory.fedora.redhat.com/wiki/Release_Notes : > > Finally, run setup as follows: > > cd /opt/fedora-ds ; ./setup/setuprefering to the release notes there is no need to run setup again after upgrade. just restart the DS service and admin service. I already try this and the system runs well. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF2qDfa2bg8QmXta0RAifJAJ9to51/Ceqwx7+CFXMhLRfSceUX6ACgp4Ty ZMd8mpL6lzIx6+CGraMad38=8yKr -----END PGP SIGNATURE-----
Bliss, Aaron
2007-Feb-21 19:53 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Well, unfortunately I''m still having the same problems, even after disabling all password policies in the directory; I''m still getting the constraint violation error as well as the ApacheDir directory error not found; can you tell me what the ApacheDir directory is suppose to be? I''ll manually create it and try upgrading again; also, do I need to install fds 1.0.3 before installing fds 1.0.4? Thanks again. Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of sigid@JINLab Sent: Tuesday, February 20, 2007 2:19 AM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Richard Megginson wrote:> Bliss, Aaron wrote: >> I should mention that I didn''t run setup after upgrading the rpm; is >> this necessary? Thanks. >> > Yes. Please readhttp://directory.fedora.redhat.com/wiki/Release_Notes :> > Finally, run setup as follows: > > cd /opt/fedora-ds ; ./setup/setuprefering to the release notes there is no need to run setup again after upgrade. just restart the DS service and admin service. I already try this and the system runs well. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF2qDfa2bg8QmXta0RAifJAJ9to51/Ceqwx7+CFXMhLRfSceUX6ACgp4Ty ZMd8mpL6lzIx6+CGraMad38=8yKr -----END PGP SIGNATURE----- -- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users Confidentiality Notice: The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.
Richard Megginson
2007-Feb-21 20:54 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Bliss, Aaron wrote:> Well, unfortunately I''m still having the same problems, even after > disabling all password policies in the directory; I''m still getting the > constraint violation errorWeird. Can you find err=19 in your directory server access log?> as well as the ApacheDir directory error not > found; can you tell me what the ApacheDir directory is suppose to be? >I think you can ignore this.> I''ll manually create it and try upgrading again; also, do I need to > install fds 1.0.3 before installing fds 1.0.4?No. You should be able to go straight from 1.0.2 to 1.0.4.> Thanks again. > > Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of > sigid@JINLab > Sent: Tuesday, February 20, 2007 2:19 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Richard Megginson wrote: > >> Bliss, Aaron wrote: >> >>> I should mention that I didn''t run setup after upgrading the rpm; is >>> this necessary? Thanks. >>> >>> >> Yes. Please read >> > http://directory.fedora.redhat.com/wiki/Release_Notes : > >> Finally, run setup as follows: >> >> cd /opt/fedora-ds ; ./setup/setup >> > > refering to the release notes there is no need to run setup again after > upgrade. just restart the DS service and admin service. > I already try this and the system runs well. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.5 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFF2qDfa2bg8QmXta0RAifJAJ9to51/Ceqwx7+CFXMhLRfSceUX6ACgp4Ty > ZMd8mpL6lzIx6+CGraMad38> =8yKr > -----END PGP SIGNATURE----- > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > Confidentiality Notice: > The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received. > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Bliss, Aaron
2007-Feb-22 13:40 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Yep, err=19 was in the output log... [21/Feb/2007:17:08:01 -0500] conn=0 fd=64 slot=64 connection from 172.16.1.126 to 172.16.1.126 [21/Feb/2007:17:08:01 -0500] conn=0 op=0 BIND dn="" method=128 version=3 [21/Feb/2007:17:08:01 -0500] conn=0 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="" [21/Feb/2007:17:08:01 -0500] conn=0 op=1 SRCH base="cn=monitor" scope=0 filter="(objectClass=*)" attrs="* aci passwordExpirationTime passwordExpWarned passwordRetryCount retryCountResetTime accountUnlockTime passwordHistory passwordAllowChangeTime nsUniqueId nsLookThroughLimit nsSizeLimit nsTimeLimit nsIdleTimeout nsRole nsRoleDN nsAccountLock" [21/Feb/2007:17:08:01 -0500] conn=0 op=1 RESULT err=0 tag=101 nentries=1 etime=0 [21/Feb/2007:17:08:01 -0500] conn=0 op=2 BIND dn="" method=128 version=3 [21/Feb/2007:17:08:01 -0500] conn=0 op=2 RESULT err=0 tag=97 nentries=0 etime=0 dn="" [21/Feb/2007:17:08:01 -0500] conn=0 op=3 SRCH base="o=NetscapeRoot" scope=2 filter="(uid=admin)" attrs=ALL [21/Feb/2007:17:08:01 -0500] conn=0 op=3 RESULT err=0 tag=101 nentries=1 etime=0 [21/Feb/2007:17:08:01 -0500] conn=0 op=4 BIND dn="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" method=128 version=3 [21/Feb/2007:17:08:01 -0500] conn=0 op=4 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot" [21/Feb/2007:17:08:01 -0500] conn=0 op=5 SRCH base="cn=al-lnx-s11.preferredcare.org, ou=preferredcare.org, o=NetscapeRoot" scope=2 filter="(&(objectClass=nsApplication)(nsNickName=slapd)(nsInstalledLocat ion=/opt/fedora-ds))" attrs="* aci passwordExpirationTime passwordExpWarned passwordRetryCount retryCountResetTime accountUnlockTime passwordHistory passwordAllowChangeTime nsUniqueId nsLookThroughLimit nsSizeLimit nsTimeLimit nsIdleTimeout nsRole nsRoleDN nsAccountLock" [21/Feb/2007:17:08:02 -0500] conn=0 op=5 RESULT err=0 tag=101 nentries=1 etime=1 [21/Feb/2007:17:08:02 -0500] conn=0 op=6 SRCH base="cn=Fedora Directory Server,cn=Server Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo t" scope=0 filter="(objectClass=*)" attrs="* aci passwordExpirationTime passwordExpWarned passwordRetryCount retryCountResetTime accountUnlockTime passwordHistory passwordAllowChangeTime nsUniqueId nsLookThroughLimit nsSizeLimit nsTimeLimit nsIdleTimeout nsRole nsRoleDN nsAccountLock" [21/Feb/2007:17:08:02 -0500] conn=0 op=6 RESULT err=0 tag=101 nentries=1 etime=0 [21/Feb/2007:17:08:02 -0500] conn=0 op=7 MOD dn="cn=Fedora Directory Server,cn=Server Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo t" [21/Feb/2007:17:08:02 -0500] conn=0 op=7 RESULT err=0 tag=103 nentries=0 etime=0 [21/Feb/2007:17:08:02 -0500] conn=0 op=8 SRCH base="cn=Fedora Directory Server,cn=Server Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo t" scope=1 filter="(objectClass=nsDirectoryServer)" attrs="* aci passwordExpirationTime passwordExpWarned passwordRetryCount retryCountResetTime accountUnlockTime passwordHistory passwordAllowChangeTime nsUniqueId nsLookThroughLimit nsSizeLimit nsTimeLimit nsIdleTimeout nsRole nsRoleDN nsAccountLock" [21/Feb/2007:17:08:02 -0500] conn=0 op=8 RESULT err=0 tag=101 nentries=1 etime=0 [21/Feb/2007:17:08:02 -0500] conn=0 op=9 SRCH base="cn=slapd-al-lnx-s11, cn=Fedora Directory Server, cn=Server Group, cn=al-lnx-s11.preferredcare.org, ou=preferredcare.org, o=NetscapeRoot" scope=0 filter="(objectClass=*)" attrs="* aci passwordExpirationTime passwordExpWarned passwordRetryCount retryCountResetTime accountUnlockTime passwordHistory passwordAllowChangeTime nsUniqueId nsLookThroughLimit nsSizeLimit nsTimeLimit nsIdleTimeout nsRole nsRoleDN nsAccountLock" [21/Feb/2007:17:08:02 -0500] conn=0 op=9 RESULT err=0 tag=101 nentries=1 etime=0 [21/Feb/2007:17:08:02 -0500] conn=0 op=10 SRCH base="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo t" scope=0 filter="(objectClass=*)" attrs="* aci passwordExpirationTime passwordExpWarned passwordRetryCount retryCountResetTime accountUnlockTime passwordHistory passwordAllowChangeTime nsUniqueId nsLookThroughLimit nsSizeLimit nsTimeLimit nsIdleTimeout nsRole nsRoleDN nsAccountLock" [21/Feb/2007:17:08:02 -0500] conn=0 op=10 RESULT err=0 tag=101 nentries=1 etime=0 [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 nentries=0 etime=0 [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo t", invalid password syntax [21/Feb/2007:17:08:02 -0500] conn=0 op=12 UNBIND [21/Feb/2007:17:08:02 -0500] conn=0 op=12 fd=64 closed - U1 Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard Megginson Sent: Wednesday, February 21, 2007 3:54 PM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> Well, unfortunately I''m still having the same problems, even after > disabling all password policies in the directory; I''m still gettingthe> constraint violation error >>Weird. Can you find err=19 in your directory server access log?Yes, I found the error, it reads conn=0 op=11 RESULT err=19 tag=103 nentries=0 etime=0 -I''m not sure what this means, but it may be meaningful to you> as well as the ApacheDir directory error not > found; can you tell me what the ApacheDir directory is suppose to be? >I think you can ignore this.> I''ll manually create it and try upgrading again; also, do I need to > install fds 1.0.3 before installing fds 1.0.4?No. You should be able to go straight from 1.0.2 to 1.0.4.> Thanks again. > > Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of > sigid@JINLab > Sent: Tuesday, February 20, 2007 2:19 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Richard Megginson wrote: > >> Bliss, Aaron wrote: >> >>> I should mention that I didn''t run setup after upgrading the rpm; is >>> this necessary? Thanks. >>> >>> >> Yes. Please read >> > http://directory.fedora.redhat.com/wiki/Release_Notes : > >> Finally, run setup as follows: >> >> cd /opt/fedora-ds ; ./setup/setup >> > > refering to the release notes there is no need to run setup againafter> upgrade. just restart the DS service and admin service. > I already try this and the system runs well. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.5 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFF2qDfa2bg8QmXta0RAifJAJ9to51/Ceqwx7+CFXMhLRfSceUX6ACgp4Ty > ZMd8mpL6lzIx6+CGraMad38> =8yKr > -----END PGP SIGNATURE----- > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > Confidentiality Notice: > The information contained in this electronic message is intended forthe exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.> > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Richard Megginson
2007-Feb-22 15:02 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Bliss, Aaron wrote:> Yep, err=19 was in the output log... ><snip>> > [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 > nentries=0 etime=0 > [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD > dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server > Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo > t", invalid password syntax >This means that there is still some password policy being applied. I''m not sure what''s going on, but you need to make sure all password policy is disabled before running setup.
Bliss, Aaron
2007-Feb-22 15:46 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
I thought that you might say that...I''m not really sure where else there would be a password policy getting applied, is there any kind of custom ldap query that I would use to figure what dn''s the policy is defined at? Thanks. Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard Megginson Sent: Thursday, February 22, 2007 10:02 AM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> Yep, err=19 was in the output log... ><snip>> > [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 > nentries=0 etime=0 > [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD > dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo> t", invalid password syntax >This means that there is still some password policy being applied. I''m not sure what''s going on, but you need to make sure all password policy is disabled before running setup. Confidentiality Notice: The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.
Richard Megginson
2007-Feb-22 15:48 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Bliss, Aaron wrote:> I thought that you might say that...I''m not really sure where else there > would be a password policy getting applied, is there any kind of custom > ldap query that I would use to figure what dn''s the policy is defined > at? Thanks. >Are you using global password policy or per-user/per-subtree?> Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard > Megginson > Sent: Thursday, February 22, 2007 10:02 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > Bliss, Aaron wrote: > >> Yep, err=19 was in the output log... >> >> > <snip> > >> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 >> nentries=0 etime=0 >> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD >> dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >> >> > Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo > >> t", invalid password syntax >> >> > This means that there is still some password policy being applied. I''m > not sure what''s going on, but you need to make sure all password policy > is disabled before running setup. > > > Confidentiality Notice: > The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received. > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Bliss, Aaron
2007-Feb-22 15:52 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
I had both in place; a few users had individual password policies that I disabled, as well as a global password policy Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard Megginson Sent: Thursday, February 22, 2007 10:49 AM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> I thought that you might say that...I''m not really sure where elsethere> would be a password policy getting applied, is there any kind ofcustom> ldap query that I would use to figure what dn''s the policy is defined > at? Thanks. >Are you using global password policy or per-user/per-subtree?> Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf OfRichard> Megginson > Sent: Thursday, February 22, 2007 10:02 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > Bliss, Aaron wrote: > >> Yep, err=19 was in the output log... >> >> > <snip> > >> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 >> nentries=0 etime=0 >> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD >> dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >> >> >Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo> >> t", invalid password syntax >> >> > This means that there is still some password policy being applied.I''m> not sure what''s going on, but you need to make sure all passwordpolicy> is disabled before running setup. > > > Confidentiality Notice: > The information contained in this electronic message is intended forthe exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.> > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Richard Megginson
2007-Feb-22 15:56 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Bliss, Aaron wrote:> I had both in place; a few users had individual password policies that I > disabled, as well as a global password policy >I just don''t know. The DN in question is under o=NetscapeRoot - I doubt you would have applied any user or subtree password policy there, so it must be the global password policy. Are you using the console? Can you verify that global password policy is disabled?> Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard > Megginson > Sent: Thursday, February 22, 2007 10:49 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > Bliss, Aaron wrote: > >> I thought that you might say that...I''m not really sure where else >> > there > >> would be a password policy getting applied, is there any kind of >> > custom > >> ldap query that I would use to figure what dn''s the policy is defined >> at? Thanks. >> >> > Are you using global password policy or per-user/per-subtree? > >> Aaron >> >> -----Original Message----- >> From: fedora-directory-users-bounces@redhat.com >> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >> > Richard > >> Megginson >> Sent: Thursday, February 22, 2007 10:02 AM >> To: General discussion list for the Fedora Directory server project. >> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >> > 1.0.4 > >> Bliss, Aaron wrote: >> >> >>> Yep, err=19 was in the output log... >>> >>> >>> >> <snip> >> >> >>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 >>> nentries=0 etime=0 >>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD >>> dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >>> >>> >>> > Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo > >> >> >>> t", invalid password syntax >>> >>> >>> >> This means that there is still some password policy being applied. >> > I''m > >> not sure what''s going on, but you need to make sure all password >> > policy > >> is disabled before running setup. >> >> >> Confidentiality Notice: >> The information contained in this electronic message is intended for >> > the exclusive use of the individual or entity named above and may > contain privileged or confidential information. If the reader of this > message is not the intended recipient or the employee or agent > responsible to deliver it to the intended recipient, you are hereby > notified that dissemination, distribution or copying of this information > is prohibited. If you have received this communication in error, please > notify the sender immediately by telephone and destroy the copies you > received. > >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Bliss, Aaron
2007-Feb-22 18:23 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
More progress; I''ve been able to find the lonely password policy that wasn''t disabled; turns out the entire policy had to be disabled, not just the password syntax checking piece; so the setup piece finished without a hitch, Directory server shows version 1.0.4, however my userid is still unable to log into the console; this is so peculiar; I''m able to login as admin only; the directory console error log shows "user myuserid not found: /admin-serv/authenticate"; I''ve verified that myuserid is listed as follows; after logging into the console with the admin account, servername, server group, right click Administration Server, set access permissions; I did the same for the Directory Server. I''m just not sure what/where else to check...it''s almost as if authenticating to the console is only searching the Netscape root, not the user directory database...Any other ideas? Thanks again. Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard Megginson Sent: Thursday, February 22, 2007 10:56 AM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> I had both in place; a few users had individual password policies thatI> disabled, as well as a global password policy >I just don''t know. The DN in question is under o=NetscapeRoot - I doubt you would have applied any user or subtree password policy there, so it must be the global password policy. Are you using the console? Can you verify that global password policy is disabled?> Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf OfRichard> Megginson > Sent: Thursday, February 22, 2007 10:49 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > Bliss, Aaron wrote: > >> I thought that you might say that...I''m not really sure where else >> > there > >> would be a password policy getting applied, is there any kind of >> > custom > >> ldap query that I would use to figure what dn''s the policy is defined >> at? Thanks. >> >> > Are you using global password policy or per-user/per-subtree? > >> Aaron >> >> -----Original Message----- >> From: fedora-directory-users-bounces@redhat.com >> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >> > Richard > >> Megginson >> Sent: Thursday, February 22, 2007 10:02 AM >> To: General discussion list for the Fedora Directory server project. >> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >> > 1.0.4 > >> Bliss, Aaron wrote: >> >> >>> Yep, err=19 was in the output log... >>> >>> >>> >> <snip> >> >> >>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 >>> nentries=0 etime=0 >>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD >>> dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >>> >>> >>> >Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo> >> >> >>> t", invalid password syntax >>> >>> >>> >> This means that there is still some password policy being applied. >> > I''m > >> not sure what''s going on, but you need to make sure all password >> > policy > >> is disabled before running setup. >> >> >> Confidentiality Notice: >> The information contained in this electronic message is intended for >> > the exclusive use of the individual or entity named above and may > contain privileged or confidential information. If the reader of this > message is not the intended recipient or the employee or agent > responsible to deliver it to the intended recipient, you are hereby > notified that dissemination, distribution or copying of thisinformation> is prohibited. If you have received this communication in error,please> notify the sender immediately by telephone and destroy the copies you > received. > >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Richard Megginson
2007-Feb-22 19:22 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Bliss, Aaron wrote:> More progress; I''ve been able to find the lonely password policy that > wasn''t disabled; turns out the entire policy had to be disabled, not > just the password syntax checking piece; so the setup piece finished > without a hitch, Directory server shows version 1.0.4, however my userid > is still unable to log into the console; this is so peculiar; I''m able > to login as admin only; the directory console error log shows "user > myuserid not found: /admin-serv/authenticate"; I''ve verified that > myuserid is listed as follows; after logging into the console with the > admin account, servername, server group, right click Administration > Server, set access permissions; I did the same for the Directory Server. > I''m just not sure what/where else to check...it''s almost as if > authenticating to the console is only searching the Netscape root, not > the user directory database...Any other ideas? Thanks again. >So, before the upgrade, you were able to login to the console using a regular user account, and now you are not able to? Did you login with just your uid or did you have to specify your full DN?> Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard > Megginson > Sent: Thursday, February 22, 2007 10:56 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > Bliss, Aaron wrote: > >> I had both in place; a few users had individual password policies that >> > I > >> disabled, as well as a global password policy >> >> > I just don''t know. The DN in question is under o=NetscapeRoot - I doubt > > you would have applied any user or subtree password policy there, so it > must be the global password policy. Are you using the console? Can you > > verify that global password policy is disabled? > >> Aaron >> >> -----Original Message----- >> From: fedora-directory-users-bounces@redhat.com >> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >> > Richard > >> Megginson >> Sent: Thursday, February 22, 2007 10:49 AM >> To: General discussion list for the Fedora Directory server project. >> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >> > 1.0.4 > >> Bliss, Aaron wrote: >> >> >>> I thought that you might say that...I''m not really sure where else >>> >>> >> there >> >> >>> would be a password policy getting applied, is there any kind of >>> >>> >> custom >> >> >>> ldap query that I would use to figure what dn''s the policy is defined >>> at? Thanks. >>> >>> >>> >> Are you using global password policy or per-user/per-subtree? >> >> >>> Aaron >>> >>> -----Original Message----- >>> From: fedora-directory-users-bounces@redhat.com >>> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >>> >>> >> Richard >> >> >>> Megginson >>> Sent: Thursday, February 22, 2007 10:02 AM >>> To: General discussion list for the Fedora Directory server project. >>> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >>> >>> >> 1.0.4 >> >> >>> Bliss, Aaron wrote: >>> >>> >>> >>>> Yep, err=19 was in the output log... >>>> >>>> >>>> >>>> >>> <snip> >>> >>> >>> >>>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 >>>> nentries=0 etime=0 >>>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD >>>> dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >>>> >>>> >>>> >>>> > Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo > >> >> >>> >>> >>> >>>> t", invalid password syntax >>>> >>>> >>>> >>>> >>> This means that there is still some password policy being applied. >>> >>> >> I''m >> >> >>> not sure what''s going on, but you need to make sure all password >>> >>> >> policy >> >> >>> is disabled before running setup. >>> >>> >>> Confidentiality Notice: >>> The information contained in this electronic message is intended for >>> >>> >> the exclusive use of the individual or entity named above and may >> contain privileged or confidential information. If the reader of this >> message is not the intended recipient or the employee or agent >> responsible to deliver it to the intended recipient, you are hereby >> notified that dissemination, distribution or copying of this >> > information > >> is prohibited. If you have received this communication in error, >> > please > >> notify the sender immediately by telephone and destroy the copies you >> received. >> >> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users@redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >>> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Bliss, Aaron
2007-Feb-22 19:29 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Yes, before the upgrade I was able to login with my userid, was not fully qualified; I just tried fully qualifying my userid and it works...not sure if this is a bug... Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard Megginson Sent: Thursday, February 22, 2007 2:22 PM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> More progress; I''ve been able to find the lonely password policy that > wasn''t disabled; turns out the entire policy had to be disabled, not > just the password syntax checking piece; so the setup piece finished > without a hitch, Directory server shows version 1.0.4, however myuserid> is still unable to log into the console; this is so peculiar; I''m able > to login as admin only; the directory console error log shows "user > myuserid not found: /admin-serv/authenticate"; I''ve verified that > myuserid is listed as follows; after logging into the console with the > admin account, servername, server group, right click Administration > Server, set access permissions; I did the same for the DirectoryServer.> I''m just not sure what/where else to check...it''s almost as if > authenticating to the console is only searching the Netscape root, not > the user directory database...Any other ideas? Thanks again. >So, before the upgrade, you were able to login to the console using a regular user account, and now you are not able to? Did you login with just your uid or did you have to specify your full DN?> Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf OfRichard> Megginson > Sent: Thursday, February 22, 2007 10:56 AM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > Bliss, Aaron wrote: > >> I had both in place; a few users had individual password policiesthat>> > I > >> disabled, as well as a global password policy >> >> > I just don''t know. The DN in question is under o=NetscapeRoot - Idoubt> > you would have applied any user or subtree password policy there, soit> must be the global password policy. Are you using the console? Canyou> > verify that global password policy is disabled? > >> Aaron >> >> -----Original Message----- >> From: fedora-directory-users-bounces@redhat.com >> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >> > Richard > >> Megginson >> Sent: Thursday, February 22, 2007 10:49 AM >> To: General discussion list for the Fedora Directory server project. >> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >> > 1.0.4 > >> Bliss, Aaron wrote: >> >> >>> I thought that you might say that...I''m not really sure where else >>> >>> >> there >> >> >>> would be a password policy getting applied, is there any kind of >>> >>> >> custom >> >> >>> ldap query that I would use to figure what dn''s the policy isdefined>>> at? Thanks. >>> >>> >>> >> Are you using global password policy or per-user/per-subtree? >> >> >>> Aaron >>> >>> -----Original Message----- >>> From: fedora-directory-users-bounces@redhat.com >>> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >>> >>> >> Richard >> >> >>> Megginson >>> Sent: Thursday, February 22, 2007 10:02 AM >>> To: General discussion list for the Fedora Directory server project. >>> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >>> >>> >> 1.0.4 >> >> >>> Bliss, Aaron wrote: >>> >>> >>> >>>> Yep, err=19 was in the output log... >>>> >>>> >>>> >>>> >>> <snip> >>> >>> >>> >>>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 >>>> nentries=0 etime=0 >>>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD >>>> dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >>>> >>>> >>>> >>>> >Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo> >> >> >>> >>> >>> >>>> t", invalid password syntax >>>> >>>> >>>> >>>> >>> This means that there is still some password policy being applied. >>> >>> >> I''m >> >> >>> not sure what''s going on, but you need to make sure all password >>> >>> >> policy >> >> >>> is disabled before running setup. >>> >>> >>> Confidentiality Notice: >>> The information contained in this electronic message is intended for >>> >>> >> the exclusive use of the individual or entity named above and may >> contain privileged or confidential information. If the reader ofthis>> message is not the intended recipient or the employee or agent >> responsible to deliver it to the intended recipient, you are hereby >> notified that dissemination, distribution or copying of this >> > information > >> is prohibited. If you have received this communication in error, >> > please > >> notify the sender immediately by telephone and destroy the copies you >> received. >> >> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users@redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >>> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Richard Megginson
2007-Feb-22 19:46 UTC
Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
Bliss, Aaron wrote:> Yes, before the upgrade I was able to login with my userid, was not > fully qualified; I just tried fully qualifying my userid and it > works...not sure if this is a bug... >I''m really surprised that it ever worked. Did you have to do anything to make that work? I don''t know how to make the console dialog box search somewhere other than o=NetscapeRoot.> Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard > Megginson > Sent: Thursday, February 22, 2007 2:22 PM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 > > Bliss, Aaron wrote: > >> More progress; I''ve been able to find the lonely password policy that >> wasn''t disabled; turns out the entire policy had to be disabled, not >> just the password syntax checking piece; so the setup piece finished >> without a hitch, Directory server shows version 1.0.4, however my >> > userid > >> is still unable to log into the console; this is so peculiar; I''m able >> to login as admin only; the directory console error log shows "user >> myuserid not found: /admin-serv/authenticate"; I''ve verified that >> myuserid is listed as follows; after logging into the console with the >> admin account, servername, server group, right click Administration >> Server, set access permissions; I did the same for the Directory >> > Server. > >> I''m just not sure what/where else to check...it''s almost as if >> authenticating to the console is only searching the Netscape root, not >> the user directory database...Any other ideas? Thanks again. >> >> > So, before the upgrade, you were able to login to the console using a > regular user account, and now you are not able to? Did you login with > just your uid or did you have to specify your full DN? > >> Aaron >> >> -----Original Message----- >> From: fedora-directory-users-bounces@redhat.com >> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >> > Richard > >> Megginson >> Sent: Thursday, February 22, 2007 10:56 AM >> To: General discussion list for the Fedora Directory server project. >> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >> > 1.0.4 > >> Bliss, Aaron wrote: >> >> >>> I had both in place; a few users had individual password policies >>> > that > >>> >>> >> I >> >> >>> disabled, as well as a global password policy >>> >>> >>> >> I just don''t know. The DN in question is under o=NetscapeRoot - I >> > doubt > >> you would have applied any user or subtree password policy there, so >> > it > >> must be the global password policy. Are you using the console? Can >> > you > >> verify that global password policy is disabled? >> >> >>> Aaron >>> >>> -----Original Message----- >>> From: fedora-directory-users-bounces@redhat.com >>> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >>> >>> >> Richard >> >> >>> Megginson >>> Sent: Thursday, February 22, 2007 10:49 AM >>> To: General discussion list for the Fedora Directory server project. >>> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >>> >>> >> 1.0.4 >> >> >>> Bliss, Aaron wrote: >>> >>> >>> >>>> I thought that you might say that...I''m not really sure where else >>>> >>>> >>>> >>> there >>> >>> >>> >>>> would be a password policy getting applied, is there any kind of >>>> >>>> >>>> >>> custom >>> >>> >>> >>>> ldap query that I would use to figure what dn''s the policy is >>>> > defined > >>>> at? Thanks. >>>> >>>> >>>> >>>> >>> Are you using global password policy or per-user/per-subtree? >>> >>> >>> >>>> Aaron >>>> >>>> -----Original Message----- >>>> From: fedora-directory-users-bounces@redhat.com >>>> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >>>> >>>> >>>> >>> Richard >>> >>> >>> >>>> Megginson >>>> Sent: Thursday, February 22, 2007 10:02 AM >>>> To: General discussion list for the Fedora Directory server project. >>>> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >>>> >>>> >>>> >>> 1.0.4 >>> >>> >>> >>>> Bliss, Aaron wrote: >>>> >>>> >>>> >>>> >>>>> Yep, err=19 was in the output log... >>>>> >>>>> >>>>> >>>>> >>>>> >>>> <snip> >>>> >>>> >>>> >>>> >>>>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 >>>>> nentries=0 etime=0 >>>>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD >>>>> dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >>>>> >>>>> >>>>> >>>>> >>>>> > Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo > >> >> >>> >>> >>> >>>> >>>> >>>> >>>> >>>>> t", invalid password syntax >>>>> >>>>> >>>>> >>>>> >>>>> >>>> This means that there is still some password policy being applied. >>>> >>>> >>>> >>> I''m >>> >>> >>> >>>> not sure what''s going on, but you need to make sure all password >>>> >>>> >>>> >>> policy >>> >>> >>> >>>> is disabled before running setup. >>>> >>>> >>>> Confidentiality Notice: >>>> The information contained in this electronic message is intended for >>>> >>>> >>>> >>> the exclusive use of the individual or entity named above and may >>> contain privileged or confidential information. If the reader of >>> > this > >>> message is not the intended recipient or the employee or agent >>> responsible to deliver it to the intended recipient, you are hereby >>> notified that dissemination, distribution or copying of this >>> >>> >> information >> >> >>> is prohibited. If you have received this communication in error, >>> >>> >> please >> >> >>> notify the sender immediately by telephone and destroy the copies you >>> received. >>> >>> >>> >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users@redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>>> >>>> >>>> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users@redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >>> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Bliss, Aaron
2007-Feb-22 19:51 UTC
RE: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4
No, never had to fully qualify my uid before...at any rate, thanks very much for working thru this with me...All seems okay. Aaron -----Original Message----- From: fedora-directory-users-bounces@redhat.com [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of Richard Megginson Sent: Thursday, February 22, 2007 2:46 PM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds 1.0.4 Bliss, Aaron wrote:> Yes, before the upgrade I was able to login with my userid, was not > fully qualified; I just tried fully qualifying my userid and it > works...not sure if this is a bug... >I''m really surprised that it ever worked. Did you have to do anything to make that work? I don''t know how to make the console dialog box search somewhere other than o=NetscapeRoot.> Aaron > > -----Original Message----- > From: fedora-directory-users-bounces@redhat.com > [mailto:fedora-directory-users-bounces@redhat.com] On Behalf OfRichard> Megginson > Sent: Thursday, February 22, 2007 2:22 PM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds1.0.4> > Bliss, Aaron wrote: > >> More progress; I''ve been able to find the lonely password policy that >> wasn''t disabled; turns out the entire policy had to be disabled, not >> just the password syntax checking piece; so the setup piece finished >> without a hitch, Directory server shows version 1.0.4, however my >> > userid > >> is still unable to log into the console; this is so peculiar; I''mable>> to login as admin only; the directory console error log shows "user >> myuserid not found: /admin-serv/authenticate"; I''ve verified that >> myuserid is listed as follows; after logging into the console withthe>> admin account, servername, server group, right click Administration >> Server, set access permissions; I did the same for the Directory >> > Server. > >> I''m just not sure what/where else to check...it''s almost as if >> authenticating to the console is only searching the Netscape root,not>> the user directory database...Any other ideas? Thanks again. >> >> > So, before the upgrade, you were able to login to the console using a > regular user account, and now you are not able to? Did you login with> just your uid or did you have to specify your full DN? > >> Aaron >> >> -----Original Message----- >> From: fedora-directory-users-bounces@redhat.com >> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >> > Richard > >> Megginson >> Sent: Thursday, February 22, 2007 10:56 AM >> To: General discussion list for the Fedora Directory server project. >> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >> > 1.0.4 > >> Bliss, Aaron wrote: >> >> >>> I had both in place; a few users had individual password policies >>> > that > >>> >>> >> I >> >> >>> disabled, as well as a global password policy >>> >>> >>> >> I just don''t know. The DN in question is under o=NetscapeRoot - I >> > doubt > >> you would have applied any user or subtree password policy there, so >> > it > >> must be the global password policy. Are you using the console? Can >> > you > >> verify that global password policy is disabled? >> >> >>> Aaron >>> >>> -----Original Message----- >>> From: fedora-directory-users-bounces@redhat.com >>> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >>> >>> >> Richard >> >> >>> Megginson >>> Sent: Thursday, February 22, 2007 10:49 AM >>> To: General discussion list for the Fedora Directory server project. >>> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >>> >>> >> 1.0.4 >> >> >>> Bliss, Aaron wrote: >>> >>> >>> >>>> I thought that you might say that...I''m not really sure where else >>>> >>>> >>>> >>> there >>> >>> >>> >>>> would be a password policy getting applied, is there any kind of >>>> >>>> >>>> >>> custom >>> >>> >>> >>>> ldap query that I would use to figure what dn''s the policy is >>>> > defined > >>>> at? Thanks. >>>> >>>> >>>> >>>> >>> Are you using global password policy or per-user/per-subtree? >>> >>> >>> >>>> Aaron >>>> >>>> -----Original Message----- >>>> From: fedora-directory-users-bounces@redhat.com >>>> [mailto:fedora-directory-users-bounces@redhat.com] On Behalf Of >>>> >>>> >>>> >>> Richard >>> >>> >>> >>>> Megginson >>>> Sent: Thursday, February 22, 2007 10:02 AM >>>> To: General discussion list for the Fedora Directory serverproject.>>>> Subject: Re: [Fedora-directory-users] Preparing to upgrade to fds >>>> >>>> >>>> >>> 1.0.4 >>> >>> >>> >>>> Bliss, Aaron wrote: >>>> >>>> >>>> >>>> >>>>> Yep, err=19 was in the output log... >>>>> >>>>> >>>>> >>>>> >>>>> >>>> <snip> >>>> >>>> >>>> >>>> >>>>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 RESULT err=19 tag=103 >>>>> nentries=0 etime=0 >>>>> [21/Feb/2007:17:08:02 -0500] conn=0 op=11 MOD >>>>> dn="cn=slapd-al-lnx-s11,cn=Fedora Directory Server,cn=Server >>>>> >>>>> >>>>> >>>>> >>>>> >Group,cn=al-lnx-s11.preferredcare.org,ou=preferredcare.org,o=NetscapeRoo> >> >> >>> >>> >>> >>>> >>>> >>>> >>>> >>>>> t", invalid password syntax >>>>> >>>>> >>>>> >>>>> >>>>> >>>> This means that there is still some password policy being applied. >>>> >>>> >>>> >>> I''m >>> >>> >>> >>>> not sure what''s going on, but you need to make sure all password >>>> >>>> >>>> >>> policy >>> >>> >>> >>>> is disabled before running setup. >>>> >>>> >>>> Confidentiality Notice: >>>> The information contained in this electronic message is intendedfor>>>> >>>> >>>> >>> the exclusive use of the individual or entity named above and may >>> contain privileged or confidential information. If the reader of >>> > this > >>> message is not the intended recipient or the employee or agent >>> responsible to deliver it to the intended recipient, you are hereby >>> notified that dissemination, distribution or copying of this >>> >>> >> information >> >> >>> is prohibited. If you have received this communication in error, >>> >>> >> please >> >> >>> notify the sender immediately by telephone and destroy the copiesyou>>> received. >>> >>> >>> >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users@redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>>> >>>> >>>> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users@redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >>> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >