[Freeipa-devel] rawhide's ipa-server-install fails to configure directory server
Perry N. Myers
pmyers at redhat.com
Sat Mar 29 10:08:20 UTC 2008
Jim Meyering wrote:
> Please wait until the prompt is returned.
> Configuring ntpd
> [1/4]: stopping ntpd
> [2/4]: writing configuration
> [3/4]: configuring ntpd to start on boot
> [4/4]: starting ntpd
> done configuring ntpd.
> Configuring directory server:
> [1/16]: creating directory server user
> [2/16]: creating directory server instance
> [3/16]: adding default schema
> [4/16]: enabling memberof plugin
> root : CRITICAL Failed to load memberof-conf.ldif: Command
> '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx -f /usr/share/ipa/memberof-conf.ldif' returned non-zero exit status 49
> [5/16]: enabling referential integrity plugin
> root : CRITICAL Failed to load referint-conf.ldif: Command
> '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx -f /usr/share/ipa/referint-conf.ldif' returned non-zero exit status 49
> [6/16]: enabling distributed numeric assignment plugin
> root : CRITICAL Failed to load dna-conf.ldif: Command '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx -f /usr/share/ipa/dna-conf.ldif' returned non-zero exit status 49
> [7/16]: configuring uniqueness plugin
> root : CRITICAL Failed to load unique-attributes.ldif: Command '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx -f /dev/shm/tmp4dWkvF' returned non-zero exit status 49
> [8/16]: creating indices
> root : CRITICAL Failed to load indices.ldif: Command '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx -f /usr/share/ipa/indices.ldif' returned non-zero exit status 49
> [9/16]: configuring ssl for ds instance
> Unexpected error - see ipaserver-install.log for details:
> {'desc': 'Invalid credentials'}
>
> --------------------------
> When I ran that ldapmodify command manually, it did this:
>
> root at iota# ldapmodify -h 127.0.0.1 -xv -D 'cn=Directory Manager' \
> -w xxx -f /usr/share/ipa/memberof-conf.ldif
> ldap_initialize( ldap://127.0.0.1 )
> ldap_bind: Invalid credentials (49)
> [Exit 49]
This problem still exists in rawhide and as far as I can tell it is not
ipa related. The problem is actually with the fedora directory server.
What I've discovered is that if you run ns-slapd with the -d flag (runs
the server in the foreground) things work fine. If you run the server
without the -d flag, you get the Invalid credentials messages even with
the correct CN and password.
I've been able to reproduce this in fedora-ds-base-1.1.0.1-3.fc9.x86_64.
If anyone has any ideas let me know... I did some searching to see if
there is an existing bug for this and I didn't see one.
Perry
More information about the Freeipa-devel
mailing list