[Freeipa-users] probems installin freeipa v2

Steven Jones Steven.Jones at vuw.ac.nz
Wed Sep 22 01:25:34 UTC 2010 

This time I copied the output from the ldapsearch command

"dn: cn=ipa_pwd_extop,cn=plugins,cn=config"

and it worked...

?

So, section 4.4

ipa-replica-manage add --winsync --binddn cn=administrator,cn=users,dc=example,dc=com \
--bindpw password --cacert /path/to/certfile.cer adserver.example.com -v

This appears to be wrong?

It should be,

ipa-replica-manage add --winsync --binddn cn=administrator,cn=users,dc=example,dc=com \
--cacert /path/to/certfile.cer adserver.example.com --passsync <domain admin password>   -v

?

regards

Steven Jones Technical Specialist Linux/Vmware
Tele 64 4 463 6272
Victoria University
Kelburn
New Zealand


-----Original Message-----
From: Steven Jones 
Sent: Wednesday, 22 September 2010 10:49 a.m.
To: Steven Jones; Freeipa-users at redhat.com
Subject: RE: [Freeipa-users] probems installin freeipa v2

Hi,

I backed out the snapshot and restarted....now I get,

====================
# extended LDIF
#
# LDAPv3
# base <cn=ipa_pwd_extop,cn=plugins,cn=config> with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#

# ipa_pwd_extop, plugins, config
dn: cn=ipa_pwd_extop,cn=plugins,cn=config
objectClass: top
objectClass: nsSlapdPlugin
objectClass: extensibleObject
cn: ipa_pwd_extop
nsslapd-pluginPath: libipa_pwd_extop
nsslapd-pluginInitfunc: ipapwd_init
nsslapd-pluginType: extendedop
nsslapd-pluginEnabled: on
nsslapd-pluginId: IPA Password Manager
nsslapd-pluginVersion: FreeIPA/1.0
nsslapd-pluginVendor: FreeIPA project
nsslapd-pluginDescription: IPA Password Extended Operation plugin
nsslapd-plugin-depends-on-type: database
nsslapd-realmtree: dc=vuw,dc=ac,dc=nz

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
===============================

I tried again, this line seems to be the issue,

dn: cn=ipa_pwd_extop,cn=plugins,cn=config

So I simply follow the guide and input each line one by one? hitting enter at the end of each line?

My impression is its like I am doing something wrong because the instruction is so un-clear....really the manuals are written by ppl that know how to do this syntax well....so you are maybe over looking my simple mis-understanding of how to enter these commands correctly.

regards

Steven Jones Technical Specialist Linux/Vmware
Tele 64 4 463 6272
Victoria University
Kelburn
New Zealand


-----Original Message-----
From: freeipa-users-bounces at redhat.com [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Steven Jones
Sent: Wednesday, 22 September 2010 10:18 a.m.
To: Freeipa-users at redhat.com
Subject: Re: [Freeipa-users] probems installin freeipa v2

Hi,

This is Fedora 13 with the yum repo setup as per your web site...

389-ds-base-1.2.6-1.fc13.x86_64
ipa-server-1.2.2-4.fc13.x86_64

Your ldapsearch command gives me,

ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

um......

So the LDAP server is dead?

regards

Steven Jones Technical Specialist Linux/Vmware
Tele 64 4 463 6272
Victoria University
Kelburn
New Zealand


-----Original Message-----
From: Rob Crittenden [mailto:rcritten at redhat.com] 
Sent: Wednesday, 22 September 2010 10:02 a.m.
To: Steven Jones
Cc: Freeipa-users at redhat.com
Subject: Re: [Freeipa-users] probems installin freeipa v2

Steven Jones wrote:
> Hi,
>
> Since there seems to be no explanation why I cant update via ldapmodify,

It wasn't entirely clear what version of IPA you were using. You filed a 
doc bug against v1 and asked other basic questions, I assumed you had 
the version wrong. I figured this would come back up once you were able 
to kinit and get to the GUI.

> Can I install "some" the 389 gui parts to allow me to do this via its GUI?

This is strongly discouraged.

>
> If so how?
>
> And/Or how can I get a look at the attributes to figure out what's wrong with the commands? something like you have changed ver2 from ver1 and the doc hasnt been corrected?

It works for me in the IPA v2 git head. What does your entry look like now?

$ ldapsearch -x -D 'cn=directory manager' -W -s base -b 
'cn=ipa_pwd_extop,cn=plugins,cn=config'

And more importantly, what is the rpm version of the IPA server you are 
using? The version of 389-ds-base might be handy too.

rob

>
> regards
>
> Steven Jones Technical Specialist Linux/Vmware
> Tele 64 4 463 6272
> Victoria University
> Kelburn
> New Zealand
>
>
> -----Original Message-----
> From: freeipa-users-bounces at redhat.com [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Steven Jones
> Sent: Tuesday, 21 September 2010 12:58 p.m.
> To: Freeipa-users at redhat.com
> Subject: [Freeipa-users] probems installin freeipa v2
>
> Section 4.3 of the manual....
>
> Running the command,
>
> ldapmodify -x -D "cn=Directory Manager" -W
> Enter LDAP Password: *******
> dn: cn=ipa_pwd_extop,cn=plugins,cn=config
> changetype: modify
> add: passSyncManagersDNs
> passSyncManagersDNs: uid=admin,cn=users,cn=accounts,dc=vuw,dc=ac,dc=nz
>
>
> ldapmodify: wrong attributeType at line 4, entry "cn=ipa_pwd_extop,cn=plugins,cn=config
>
> I cannot figure out what is wrong here?
>
> regards
>
> Steven Jones Technical Specialist Linux/Vmware
> Tele 64 4 463 6272
> Victoria University
> Kelburn
> New Zealand
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


_______________________________________________
Freeipa-users mailing list
Freeipa-users at redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

More information about the Freeipa-users mailing list