[Freeipa-devel] [PATCH] 78 Use ldapi: instead of unsecured ldap: in ipa core tools.
Pavel Zuna
pzuna at redhat.com
Tue Feb 15 14:19:50 UTC 2011
On 02/14/2011 04:56 PM, JR Aquino wrote:
> On 2/10/11 2:42 AM, "Pavel Zuna"<pzuna at redhat.com> wrote:
>
>> On 02/08/2011 01:06 PM, Pavel Zuna wrote:
>>> The patch also corrects exception handling in some of the tools.
>>>
>>> Fix #874
>>>
>>> Pavel
>>>
>>
>> Updated patch attached. Forgot to rename an identifier in exception
>> handling.
>>
>> Pavel
>> _______________________________________________
>> Freeipa-devel mailing list
>> Freeipa-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>
> NACK
>
> It looks like LDAPUpdate calls may want to include ldapi=True?
>
> -=-
> # ipa-nis-manage enable
> Directory Manager password:
>
> Enabling plugin
> Traceback (most recent call last):
> File "/usr/sbin/ipa-nis-manage", line 211, in<module>
> sys.exit(main())
> File "/usr/sbin/ipa-nis-manage", line 151, in main
> ld = LDAPUpdate(dm_password=dirman_password, sub_dict={})
> File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py",
> line 101, in __init__
> conn.do_simple_bind(bindpw=self.dm_password)
> File "/usr/lib/python2.7/site-packages/ipaserver/ipaldap.py", line 350,
> in do_simple_bind
> self.simple_bind_s(binddn, bindpw)
> File "/usr/lib/python2.7/site-packages/ipaserver/ipaldap.py", line 204,
> in inner
> return f(*args, **kargs)
> File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 207,
> in simple_bind_s
> return self.result(msgid,all=1,timeout=self.timeout)
> File "/usr/lib/python2.7/site-packages/ipaserver/ipaldap.py", line 181,
> in inner
> objtype, data = f(*args, **kargs)
> File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 436,
> in result
> res_type,res_data,res_msgid = self.result2(msgid,all,timeout)
> File "/usr/lib/python2.7/site-packages/ipaserver/ipaldap.py", line 204,
> in inner
> return f(*args, **kargs)
> File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 440,
> in result2
> res_type, res_data, res_msgid, srv_ctrls =
> self.result3(msgid,all,timeout)
> File "/usr/lib/python2.7/site-packages/ipaserver/ipaldap.py", line 204,
> in inner
> return f(*args, **kargs)
> File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 446,
> in result3
> ldap_result = self._ldap_call(self._l.result3,msgid,all,timeout)
> File "/usr/lib/python2.7/site-packages/ipaserver/ipaldap.py", line 204,
> in inner
> return f(*args, **kargs)
> File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 96,
> in _ldap_call
> result = func(*args,**kwargs)
> ldap.UNWILLING_TO_PERFORM: {'info': 'Minimum SSF not met.', 'desc':
> 'Server is unwilling to perform'}
>
I can't reproduce this. :-/
For me it goes fine:
[root at ipadev tools]# ./ipa-nis-manage enable
Directory Manager password:
Enabling plugin
This setting will not take effect until you restart Directory Server.
The rpcbind service may need to be started.
Pavel
More information about the Freeipa-devel
mailing list