Thanks again for all your help, I think I just figured it out. The dbswitch.conf file was owned by root when it should have been owned by nobody. Ian Ian Marks wrote: > I really appreciate your help!! > > adm.conf > ldapHost: cac.example.com > ldapPort: 389 > sie: cn=admin-serv-cac, cn=Fedora Administration Server, cn=Server > Group, cn=cac.example.com, ou=example.com, o=NetscapeRoot > siepid: xxxxxxxx > isie: cn=Fedora Administration Server, cn=Server Group, > cn=cac.example.com, ou=example.com, o=NetscapeRoot > port: 1389 > ldapStart: slapd-cac/start-slapd > > > dbswitch.conf > > directory default ldap://cac.example.com:389/o%3DNetscapeRoot > > > Richard Megginson wrote: >> Ian Marks wrote: >>> Here is the last few lines from the error log after enabling debug. >>> >>> >>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): >>> populate_tasks_from_server(): Added task entry >>> [cn=htmladmin,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora >>> administration server,cn=server >>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:htmladmin:] >>> for user [LocalSuper] >>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): >>> populate_tasks_from_server(): Added task entry >>> [cn=statpingserv,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora >>> administration server,cn=server >>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:statpingserv:] >>> for user [LocalSuper] >>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): >>> populate_tasks_from_server(): Added task entry >>> [cn=viewdata,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora >>> administration server,cn=server >>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewdata:] >>> for user [LocalSuper] >>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): >>> populate_tasks_from_server(): Added task entry >>> [cn=viewlog,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora >>> administration server,cn=server >>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewlog:] for >>> user [LocalSuper] >>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): >>> populate_tasks_from_server(): Added task entry >>> [cn=monreplication,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora >>> administration server,cn=server >>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:monreplication:] >>> for user [LocalSuper] >>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): >>> populate_tasks_from_server(): Added task entry >>> [cn=repl-monitor-cgi.pl,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora >>> administration server,cn=server >>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:repl-monitor-cgi.pl:] >>> for user [LocalSuper] >>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): >>> populate_tasks_from_server(): Added task entry >>> [cn=sync-task-sie-data,cn=commands,cn=admin-serv-cac,cn=fedora >>> administration server,cn=server >>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for >>> user [LocalSuper] >>> [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): >>> populate_tasks_from_server(): Added task entry >>> [cn=change-sie-password,cn=commands,cn=admin-serv-cac,cn=fedora >>> administration server,cn=server >>> group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for >>> user [LocalSuper] >>> [Wed Aug 09 19:22:22 2006] [crit] host_ip_init(): PSET failure: >>> Failed to create PSET handle (pset error = ) >> Hm - just pset? The other ldap stuff is working fine. Please post >> your admin-serv/config/adm.conf and shared/config/dbswitch.conf - be >> sure to obscure any sensitive information first. >>> >>> >>> Ian >>> >>> Richard Megginson wrote: >>>> Ian Marks wrote: >>>>> I have the following ssl packages installed. >>>>> rpm -qa |grep ssl >>>>> openssl-0.9.7a-43.8 >>>>> mod_ssl-2.0.52-22.ent.centos4 >>>>> openssl-devel-0.9.7a-43.8 >>>>> xmlsec1-openssl-1.2.6-3 >>>>> >>>>> The directory server is running and appears to be working >>>>> correctly. Several other hosts are able to authenticate via pam >>>>> against this DS server. Here is the output of "sh -xv >>>>> start-admin", minus the copyright stuff: >>>>> >>>>> SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT >>>>> + SERVER_ROOT=/opt/fedora-ds >>>>> + export SERVER_ROOT >>>>> NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT >>>>> + NETSITE_ROOT=/opt/fedora-ds >>>>> + export NETSITE_ROOT >>>>> ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT >>>>> + ADMSERV_ROOT=/opt/fedora-ds/admin-serv >>>>> + export ADMSERV_ROOT >>>>> >>>>> unset PASSWORD_PIPE >>>>> + unset PASSWORD_PIPE >>>>> >>>>> LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export >>>>> LD_LIBRARY_PATH >>>>> + LD_LIBRARY_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib: >>>>> + export LD_LIBRARY_PATH >>>>> LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib; >>>>> export LIBPATH >>>>> + >>>>> LIBPATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:::/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib >>>>> >>>>> + export LIBPATH >>>>> SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH >>>>> + SHLIB_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:: >>>>> + export SHLIB_PATH >>>>> >>>>> NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME >>>>> + NS_SERVER_HOME=/opt/fedora-ds >>>>> + export NS_SERVER_HOME >>>>> PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH >>>>> + >>>>> PATH=/opt/fedora-ds/bin/admin/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin >>>>> >>>>> + export PATH >>>>> >>>>> HTTPD=/usr/sbin//httpd.worker >>>>> + HTTPD=/usr/sbin//httpd.worker >>>>> >>>>> # see if httpd is linked with the openldap libraries - we need to >>>>> override them >>>>> OS=`uname -s` >>>>> uname -s >>>>> ++ uname -s >>>>> + OS=Linux >>>>> if [ $OS = "Linux" ]; then >>>>> hasol=0 >>>>> >>>>> /usr/bin/ldd $HTTPD 2>&1 | grep libldap > /dev/null 2>&1 && >>>>> hasol=1 >>>>> >>>>> if [ $hasol -eq 1 ] ; then >>>>> LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so >>>>> ${SERVER_ROOT}/bin/admin/lib/libldap50.so" >>>>> export LD_PRELOAD >>>>> fi >>>>> fi >>>>> + '[' Linux = Linux ']' >>>>> + hasol=0 >>>>> + /usr/bin/ldd /usr/sbin//httpd.worker >>>>> + grep libldap >>>>> + hasol=1 >>>>> + '[' 1 -eq 1 ']' >>>>> + LD_PRELOAD='/opt/fedora-ds/bin/admin/lib/libssl3.so >>>>> /opt/fedora-ds/bin/admin/lib/libldap50.so' >>>>> + export LD_PRELOAD >>>>> >>>>> $HTTPD -k start -d $ADMSERV_ROOT -f >>>>> $ADMSERV_ROOT/config/httpd.conf "$@" >>>>> + /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f >>>>> /opt/fedora-ds/admin-serv/config/httpd.conf >>>> So it correctly detects that httpd is linked against openldap and >>>> does the LD_PRELOAD. Next, try turning up the debug level. First, >>>> edit admin-serv/config/httpd.conf and change LogLevel to debug. >>>> Then, do start-admin -e debug. There should be a bunch of stuff in >>>> admin-serv/logs/error >>>>> >>>>> >>>>> >>>>> >>>>> Richard Megginson wrote: >>>>>> Ian Marks wrote: >>>>>>> Does anyone have a good idea where I can start troubleshooting >>>>>>> the error below. I get the error when I attempt to start the >>>>>>> admin server. I also posted an error from the htttpd logs which >>>>>>> could be related. I'm running Centos 4.3 with FDS 1.0.2. >>>>>>> >>>>>>> /opt/fedora-ds/admin-serv/logs/error >>>>>>> [Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure: >>>>>>> Failed to create PSET handle (pset error = ) >>>>>>> Configuration Failed >>>>>> 1) The directory server must be up and running before attempting >>>>>> to start the admin server >>>>>> 2) If the DS is running, what is the output of doing sh -xv >>>>>> start-admin? >>>>>>> >>>>>>> /var/log/httpd/error_log >>>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP >>>>>>> LDAP SDK >>>>>>> [Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support unavailable >>>>>>> >>>>>>> Thanks, >>>>>>> Ian >>>>>>> >>>>>>> -- >>>>>>> Fedora-directory-users mailing list >>>>>>> Fedora-directory-users at redhat.com >>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>>>> ------------------------------------------------------------------------ >>>>>> >>>>>> >>>>>> -- >>>>>> Fedora-directory-users mailing list >>>>>> Fedora-directory-users at redhat.com >>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>>>> >>>>> >>>>> -- >>>>> Fedora-directory-users mailing list >>>>> Fedora-directory-users at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> ------------------------------------------------------------------------ >>>> >>>> >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> ------------------------------------------------------------------------ >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
