[Freeipa-devel] rawhide's ipa-server-install fails to configure directory server

Rich Megginson rmeggins at redhat.com
Mon Mar 31 15:52:54 UTC 2008 

Perry N. Myers wrote:
> Jim Meyering wrote:
>> Please wait until the prompt is returned.
>> Configuring ntpd
>>   [1/4]: stopping ntpd
>>   [2/4]: writing configuration
>>   [3/4]: configuring ntpd to start on boot
>>   [4/4]: starting ntpd
>> done configuring ntpd.
>> Configuring directory server:
>>   [1/16]: creating directory server user
>>   [2/16]: creating directory server instance
>>   [3/16]: adding default schema
>>   [4/16]: enabling memberof plugin
>> root        : CRITICAL Failed to load memberof-conf.ldif: Command
>> '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx 
>> -f /usr/share/ipa/memberof-conf.ldif' returned non-zero exit status 49
>>   [5/16]: enabling referential integrity plugin
>> root        : CRITICAL Failed to load referint-conf.ldif: Command
>> '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx 
>> -f /usr/share/ipa/referint-conf.ldif' returned non-zero exit status 49
>>   [6/16]: enabling distributed numeric assignment plugin
>> root        : CRITICAL Failed to load dna-conf.ldif: Command 
>> '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx 
>> -f /usr/share/ipa/dna-conf.ldif' returned non-zero exit status 49
>>   [7/16]: configuring uniqueness plugin
>> root        : CRITICAL Failed to load unique-attributes.ldif: Command 
>> '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx 
>> -f /dev/shm/tmp4dWkvF' returned non-zero exit status 49
>>   [8/16]: creating indices
>> root        : CRITICAL Failed to load indices.ldif: Command 
>> '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx 
>> -f /usr/share/ipa/indices.ldif' returned non-zero exit status 49
>>   [9/16]: configuring ssl for ds instance
>> Unexpected error - see ipaserver-install.log for details:
>>  {'desc': 'Invalid credentials'}
>>
>> --------------------------
>> When I ran that ldapmodify command manually, it did this:
>>
>>   root at iota# ldapmodify -h 127.0.0.1 -xv -D 'cn=Directory Manager' \
>>     -w xxx -f /usr/share/ipa/memberof-conf.ldif
>>   ldap_initialize( ldap://127.0.0.1 )
>>   ldap_bind: Invalid credentials (49)
>>   [Exit 49]
>
> This problem still exists in rawhide and as far as I can tell it is 
> not ipa related.  The problem is actually with the fedora directory 
> server.
>
> What I've discovered is that if you run ns-slapd with the -d flag 
> (runs the server in the foreground) things work fine.  If you run the 
> server without the -d flag, you get the Invalid credentials messages 
> even with the correct CN and password.
>
> I've been able to reproduce this in fedora-ds-base-1.1.0.1-3.fc9.x86_64.
>
> If anyone has any ideas let me know...  I did some searching to see if 
> there is an existing bug for this and I didn't see one.
Can you install a standalone Fedora DS?  Does setup-ds.pl work?  If so, 
does ldapmodify work?
> Perry
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20080331/a866c042/attachment.bin>

More information about the Freeipa-devel mailing list