<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> <title></title> </head> <body> Hi,<br><br>I have installed fedora-ds-1.0.4-1 on a FC6 Linux. I am able to run the startconsole, but when I open the Admin Server window and select any item than an error message appears that it trys to access to /admin-serv/tasks/Configuration/ServerSetup. But the tasks directory don''t exist. I would expect that is was created by the rpm-package while installation but it isn''t.<br>I started the rpm-installation with the --nodeps argument (what I would like to avoid, I assume that could be the reason) because it says that no httpd is available, but an apache is already installed as source-package on this system. I have created a symbolic link before to the httpd-file in /usr/sbin but that don''t help.<br>Anyone knows, why no tasks directory and its subfolders was created after the installation ?<br><br>Excuse me for my bad English and many Thanks in advance<br>Martin<br> </body> </html>
Richard Megginson
2007-Oct-09 15:47 UTC
Re: [Fedora-directory-users] Missing tasks directory
Martin Eckel wrote:> Hi, > > I have installed fedora-ds-1.0.4-1 on a FC6 Linux. I am able to run > the startconsole, but when I open the Admin Server window and select > any item than an error message appears that it trys to access to > /admin-serv/tasks/Configuration/ServerSetup. But the tasks directory > don''t exist. I would expect that is was created by the rpm-package > while installation but it isn''t. > I started the rpm-installation with the --nodeps argument (what I > would like to avoid, I assume that could be the reason) because it > says that no httpd is available, but an apache is already installed as > source-package on this system. I have created a symbolic link before > to the httpd-file in /usr/sbin but that don''t help. > Anyone knows, why no tasks directory and its subfolders was created > after the installation ?That URL path is not the actual path in the file system. The way the admin server works is that it maps that URL to a LDAP entry somewhere under o=NetscapeRoot in the configuration directory server. It does this so it can apply fine grained access control to each task based on Fedora DS ACIs, rather than on httpd access control. It''s going to be tricky to install properly without an httpd.worker package available for setup.> > Excuse me for my bad English and many Thanks in advance > Martin > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> <title></title> </head> <body> Am Di 09.10.2007 17:47 schrieb Richard Megginson <rmeggins@redhat.com>:<br><br>> Martin Eckel wrote:<br>> > Hi,<br>> ><br>> > I have installed fedora-ds-1.0.4-1 on a FC6 Linux. I am able to run <br>> > the startconsole, but when I open the Admin Server window and select <br>> > any item than an error message appears that it trys to access to <br>> > /admin-serv/tasks/Configuration/ServerSetup. But the tasks directory <br>> > don''t exist. I would expect that is was created by the rpm-package <br>> > while installation but it isn''t.<br>> > I started the rpm-installation with the --nodeps argument (what I <br>> > would like to avoid, I assume that could be the reason) because it <br>> > says that no httpd is available, but an apache is already installed as <br>> > source-package on this system. I have created a symbolic link before <br>> > to the httpd-file in /usr/sbin but that don''t help.<br>> > Anyone knows, why no tasks directory and its subfolders was created <br>> > after the installation ?<br>> That URL path is not the actual path in the file system. The way the <br>> admin server works is that it maps that URL to a LDAP entry somewhere <br>> under o=NetscapeRoot in the configuration directory server. It does <br>> this so it can apply fine grained access control to each task based on <br>> Fedora DS ACIs, rather than on httpd access control.<br>> <br>> It''s going to be tricky to install properly without an httpd.worker <br>> package available for setup.<br><br>My Apache is compiled as worker version.<br><br>> ><br>> > Excuse me for my bad English and many Thanks in advance<br>> > Martin<br>> > ------------------------------------------------------------------------<br>> ><br>> > --<br>> > Fedora-directory-users mailing list<br>> > Fedora-directory-users@redhat.com<br>> > https://www.redhat.com/mailman/listinfo/fedora-directory-users<br>> > <br>> <br><br>Thank you for your answer, Richard. I am still working on the same problem. I have checked my ldap structure into the Directory Server startconsole. There exists an "admin-serv-ldap" element into the NetscapeRoot Directory. I have called my servername "ldap" while the installation setup,so it should be correct. But if I click on any button into the Admin Server console window, the error-message shows that it trys to access to "admin-serv" directory.<br>Also a mysterious thing is that if I click on a button into the Directory Server window, i.e. "Manage Certificates" than only an empty box is appearing.<br>Is there any configuration file where this access path is defined ?<br><br>Regards,<br>Martin<br><br><br> </body> </html>
Richard Megginson
2007-Oct-11 20:15 UTC
Re: [Fedora-directory-users] Missing tasks directory
Martin Eckel wrote:> Am Di 09.10.2007 17:47 schrieb Richard Megginson <rmeggins@redhat.com>: > > > Martin Eckel wrote: > > > Hi, > > > > > > I have installed fedora-ds-1.0.4-1 on a FC6 Linux. I am able to run > > > the startconsole, but when I open the Admin Server window and select > > > any item than an error message appears that it trys to access to > > > /admin-serv/tasks/Configuration/ServerSetup. But the tasks directory > > > don''t exist. I would expect that is was created by the rpm-package > > > while installation but it isn''t. > > > I started the rpm-installation with the --nodeps argument (what I > > > would like to avoid, I assume that could be the reason) because it > > > says that no httpd is available, but an apache is already > installed as > > > source-package on this system. I have created a symbolic link before > > > to the httpd-file in /usr/sbin but that don''t help. > > > Anyone knows, why no tasks directory and its subfolders was created > > > after the installation ? > > That URL path is not the actual path in the file system. The way the > > admin server works is that it maps that URL to a LDAP entry somewhere > > under o=NetscapeRoot in the configuration directory server. It does > > this so it can apply fine grained access control to each task based on > > Fedora DS ACIs, rather than on httpd access control. > > > > It''s going to be tricky to install properly without an httpd.worker > > package available for setup. > > My Apache is compiled as worker version. > > > > > > > Excuse me for my bad English and many Thanks in advance > > > Martin > > > > ------------------------------------------------------------------------ > > > > > > -- > > > Fedora-directory-users mailing list > > > Fedora-directory-users@redhat.com > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > Thank you for your answer, Richard. I am still working on the same > problem. I have checked my ldap structure into the Directory Server > startconsole. There exists an "admin-serv-ldap" element into the > NetscapeRoot Directory. I have called my servername "ldap" while the > installation setup,so it should be correct. But if I click on any > button into the Admin Server console window, the error-message shows > that it trys to access to "admin-serv" directory.Check the admin server access and error logs /opt/fedora-ds/admin-serv/logs> Also a mysterious thing is that if I click on a button into the > Directory Server window, i.e. "Manage Certificates" than only an empty > box is appearing.Check the admin server access and error logs?> Is there any configuration file where this access path is defined ?Not exactly. It''s really very simple - the admin server converts the path /admin-serv/Tasks/Name into an ldap entry - it first looks for the admin server entry cn=admin-serv-ldap, then looks for cn=Name,cn=Tasks under that entry.> > Regards, > Martin > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> <title></title> </head> <body> Am Do 11.10.2007 22:15 schrieb Richard Megginson <rmeggins@redhat.com>:<br><br>> Martin Eckel wrote:<br>> > Am Di 09.10.2007 17:47 schrieb Richard Megginson <rmeggins@redhat.com>:<br>> ><br>> > > Martin Eckel wrote:<br>> > > > Hi,<br>> > > ><br>> > > > I have installed fedora-ds-1.0.4-1 on a FC6 Linux. I am able to run<br>> > > > the startconsole, but when I open the Admin Server window and select<br>> > > > any item than an error message appears that it trys to access to<br>> > > > /admin-serv/tasks/Configuration/ServerSetup. But the tasks directory<br>> > > > don''t exist. I would expect that is was created by the rpm-package<br>> > > > while installation but it isn''t.<br>> > > > I started the rpm-installation with the --nodeps argument (what I<br>> > > > would like to avoid, I assume that could be the reason) because it<br>> > > > says that no httpd is available, but an apache is already <br>> > installed as<br>> > > > source-package on this system. I have created a symbolic link before<br>> > > > to the httpd-file in /usr/sbin but that don''t help.<br>> > > > Anyone knows, why no tasks directory and its subfolders was created<br>> > > > after the installation ?<br>> > > That URL path is not the actual path in the file system. The way the<br>> > > admin server works is that it maps that URL to a LDAP entry somewhere<br>> > > under o=NetscapeRoot in the configuration directory server. It does<br>> > > this so it can apply fine grained access control to each task based on<br>> > > Fedora DS ACIs, rather than on httpd access control.<br>> > ><br>> > > It''s going to be tricky to install properly without an httpd.worker<br>> > > package available for setup.<br>> ><br>> > My Apache is compiled as worker version.<br>> ><br>> > > ><br>> > > > Excuse me for my bad English and many Thanks in advance<br>> > > > Martin<br>> > > > <br>> > ------------------------------------------------------------------------<br>> > > ><br>> > > > --<br>> > > > Fedora-directory-users mailing list<br>> > > > Fedora-directory-users@redhat.com<br>> > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users<br>> > > ><br>> > ><br>> ><br>> > Thank you for your answer, Richard. I am still working on the same <br>> > problem. I have checked my ldap structure into the Directory Server <br>> > startconsole. There exists an "admin-serv-ldap" element into the <br>> > NetscapeRoot Directory. I have called my servername "ldap" while the <br>> > installation setup,so it should be correct. But if I click on any <br>> > button into the Admin Server console window, the error-message shows <br>> > that it trys to access to "admin-serv" directory.<br>> Check the admin server access and error logs /opt/fedora-ds/admin-serv/logs<br>> > Also a mysterious thing is that if I click on a button into the <br>> > Directory Server window, i.e. "Manage Certificates" than only an empty <br>> > box is appearing.<br>> Check the admin server access and error logs?<br>> > Is there any configuration file where this access path is defined ?<br>> Not exactly. It''s really very simple - the admin server converts the <br>> path /admin-serv/Tasks/Name into an ldap entry - it first looks for the <br>> admin server entry cn=admin-serv-ldap, then looks for cn=Name,cn=Tasks <br>> under that entry.<br>> ><br>> > Regards,<br>> > Martin<br>> ><br>> ><br>> > ------------------------------------------------------------------------<br>> ><br>> > --<br>> > Fedora-directory-users mailing list<br>> > Fedora-directory-users@redhat.com<br>> > https://www.redhat.com/mailman/listinfo/fedora-directory-users<br>> > <br>> <br><br>This is a part of the admin-serv/logs/error file:<br>[Fri Oct 12 14:37:02 2007] [notice] [client 217.24.204.116] admserv_host_ip_check: ap_get_remote_host could not resolve 217.24.204.116<br>[Fri Oct 12 14:37:02 2007] [warn] [client 217.24.204.116] admserv_host_ip_check: failed to get host by ip addr [217.24.204.116] - check your host and DNS configuration<br>[Fri Oct 12 14:37:10 2007] [notice] [client 217.24.204.116] admserv_host_ip_check: ap_get_remote_host could not resolve 217.24.204.116<br>[Fri Oct 12 14:37:10 2007] [warn] [client 217.24.204.116] admserv_host_ip_check: failed to get host by ip addr [217.24.204.116] - check your host and DNS configuration<br>[Fri Oct 12 14:37:10 2007] [error] [client 217.24.204.116] (104)Connection reset by peer: ap_content_length_filter: apr_bucket_read() failed<br><br><br>And this will always repeated in the access file if I do something into the Admin Server:<br>217.24.204.110 - admin [12/Oct/2007:14:36:54 +0200] "GET /admin-serv/authenticate HTTP/1.0" 200 369<br>217.24.204.116 - uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot [12/Oct/2007:14:37:00 +0200] "GET /admin-serv/tasks/operation/StatusPing HTTP/1.0" 200 19<br>217.24.204.116 - uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot [12/Oct/2007:14:37:02 +0200] "GET /admin-serv/tasks/operation/StatusPing HTTP/1.0" 200 19<br>217.24.204.116 - uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot [12/Oct/2007:14:37:10 +0200] "POST /admin-serv/tasks/Configuration/ServerSetup HTTP/1.0" 20<br>0 58<br><br>Could it be, that reverse DNS mapping is required for a correct functionality of the Admin Server ?<br>The URL of my ldap server has a valid entry in a DNS server ald I can do a ping on it. In the error log is nothing else than the DNS errors<br><br> </body> </html>
Richard Megginson
2007-Oct-12 13:43 UTC
Re: [Fedora-directory-users] Missing tasks directory
Martin Eckel wrote:> Am Do 11.10.2007 22:15 schrieb Richard Megginson <rmeggins@redhat.com>: > > > Martin Eckel wrote: > > > Am Di 09.10.2007 17:47 schrieb Richard Megginson > <rmeggins@redhat.com>: > > > > > > > Martin Eckel wrote: > > > > > Hi, > > > > > > > > > > I have installed fedora-ds-1.0.4-1 on a FC6 Linux. I am able > to run > > > > > the startconsole, but when I open the Admin Server window and > select > > > > > any item than an error message appears that it trys to access to > > > > > /admin-serv/tasks/Configuration/ServerSetup. But the tasks > directory > > > > > don''t exist. I would expect that is was created by the rpm-package > > > > > while installation but it isn''t. > > > > > I started the rpm-installation with the --nodeps argument (what I > > > > > would like to avoid, I assume that could be the reason) because it > > > > > says that no httpd is available, but an apache is already > > > installed as > > > > > source-package on this system. I have created a symbolic link > before > > > > > to the httpd-file in /usr/sbin but that don''t help. > > > > > Anyone knows, why no tasks directory and its subfolders was > created > > > > > after the installation ? > > > > That URL path is not the actual path in the file system. The way the > > > > admin server works is that it maps that URL to a LDAP entry > somewhere > > > > under o=NetscapeRoot in the configuration directory server. It does > > > > this so it can apply fine grained access control to each task > based on > > > > Fedora DS ACIs, rather than on httpd access control. > > > > > > > > It''s going to be tricky to install properly without an httpd.worker > > > > package available for setup. > > > > > > My Apache is compiled as worker version. > > > > > > > > > > > > > Excuse me for my bad English and many Thanks in advance > > > > > Martin > > > > > > > > > ------------------------------------------------------------------------ > > > > > > > > > > -- > > > > > Fedora-directory-users mailing list > > > > > Fedora-directory-users@redhat.com > > > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > > > > > > > > > Thank you for your answer, Richard. I am still working on the same > > > problem. I have checked my ldap structure into the Directory Server > > > startconsole. There exists an "admin-serv-ldap" element into the > > > NetscapeRoot Directory. I have called my servername "ldap" while the > > > installation setup,so it should be correct. But if I click on any > > > button into the Admin Server console window, the error-message shows > > > that it trys to access to "admin-serv" directory. > > Check the admin server access and error logs > /opt/fedora-ds/admin-serv/logs > > > Also a mysterious thing is that if I click on a button into the > > > Directory Server window, i.e. "Manage Certificates" than only an > empty > > > box is appearing. > > Check the admin server access and error logs? > > > Is there any configuration file where this access path is defined ? > > Not exactly. It''s really very simple - the admin server converts the > > path /admin-serv/Tasks/Name into an ldap entry - it first looks for the > > admin server entry cn=admin-serv-ldap, then looks for cn=Name,cn=Tasks > > under that entry. > > > > > > Regards, > > > Martin > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > -- > > > Fedora-directory-users mailing list > > > Fedora-directory-users@redhat.com > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > This is a part of the admin-serv/logs/error file: > [Fri Oct 12 14:37:02 2007] [notice] [client 217.24.204.116] > admserv_host_ip_check: ap_get_remote_host could not resolve 217.24.204.116 > [Fri Oct 12 14:37:02 2007] [warn] [client 217.24.204.116] > admserv_host_ip_check: failed to get host by ip addr [217.24.204.116] > - check your host and DNS configuration > [Fri Oct 12 14:37:10 2007] [notice] [client 217.24.204.116] > admserv_host_ip_check: ap_get_remote_host could not resolve 217.24.204.116 > [Fri Oct 12 14:37:10 2007] [warn] [client 217.24.204.116] > admserv_host_ip_check: failed to get host by ip addr [217.24.204.116] > - check your host and DNS configuration > [Fri Oct 12 14:37:10 2007] [error] [client 217.24.204.116] > (104)Connection reset by peer: ap_content_length_filter: > apr_bucket_read() failed > > > And this will always repeated in the access file if I do something > into the Admin Server: > 217.24.204.110 - admin [12/Oct/2007:14:36:54 +0200] "GET > /admin-serv/authenticate HTTP/1.0" 200 369 > 217.24.204.116 - uid=admin, ou=Administrators, ou=TopologyManagement, > o=NetscapeRoot [12/Oct/2007:14:37:00 +0200] "GET > /admin-serv/tasks/operation/StatusPing HTTP/1.0" 200 19 > 217.24.204.116 - uid=admin, ou=Administrators, ou=TopologyManagement, > o=NetscapeRoot [12/Oct/2007:14:37:02 +0200] "GET > /admin-serv/tasks/operation/StatusPing HTTP/1.0" 200 19 > 217.24.204.116 - uid=admin, ou=Administrators, ou=TopologyManagement, > o=NetscapeRoot [12/Oct/2007:14:37:10 +0200] "POST > /admin-serv/tasks/Configuration/ServerSetup HTTP/1.0" 20 > 0 58 > > Could it be, that reverse DNS mapping is required for a correct > functionality of the Admin Server ?It is if you want to restrict access by host name. But you can disable this and just restrict access by IP address. See http://directory.fedoraproject.org/wiki/Howto:AdminServerLDAPMgmt - please read the whole page then especially the section "How to set the hosts/IP addresses allowed to access the Admin Server"> The URL of my ldap server has a valid entry in a DNS server ald I can > do a ping on it. In the error log is nothing else than the DNS errors > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >