8><----- This is the real problem I think - looks like you've told the console/admin server to use SSL to connect to the directory server, but you haven't specified to use port 636 8><----- Im not aware I did.... 8><----- http://directory.fedoraproject.org/wiki/Howto:SSL#Console_SSL_Information see also the configuration directory ldap url - ldapurl in /etc/dirsrv/admin-serv/adm.conf 8><----- Ok, I fixed the latter by editing the adm.conf to point at 636....however I now have a SSL error... ============ [root at vuwunicooimm001 admin-serv]# ldapsearch -x -D "cn=ldapadmin" -w XXXXXXX -b o=netscaperoot "(&(nsServerID=slapd-vuwunicooimm001))" ldap_bind: Can't contact LDAP server (-1) additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ============ Ive tried using this syntax but with no joy... ldapmodify -x -D "cn=directory manager" -w password dn: dn of your server instance entry changetype: modify replace: nsServerSecurity nsServerSecurity: on so my command is, ldapmodify -x -D "cn=lpdapadmin" -w password XXXXXXX dn:vuwunicooimm001.vuw.ac.nz changetype: modify replace: nsServerSecurity nsServerSecurity on which fails...... Doing a, [root at vuwunicooimm001 admin-serv]# certutil -d . -L =============== Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI VUW CA cert CT,, ============== So I dont know if cutting and pasting the errors work, anyway, attempting to restart the console I get, [cid:image001.png at 01CB1448.03A1B040] So I put in the details, [cid:image002.png at 01CB1448.58B30840] Which fails, error log for adminserv.... ========================== [Fri Jun 25 09:19:22 2010] [notice] [client 127.0.0.1] admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1 [Fri Jun 25 09:19:22 2010] [notice] [client 127.0.0.1] admserv_host_ip_check: host [localhost.localdomain] did not match pattern [*.vuw.ac.nz] -will scan aliases [Fri Jun 25 09:19:22 2010] [notice] [client 127.0.0.1] admserv_host_ip_check: host alias [localhost] did not match pattern [*.vuw.ac.nz] [Fri Jun 25 09:19:22 2010] [debug] mod_admserv/mod_admserv.c(2762): admserv_check_user_id [Fri Jun 25 09:19:22 2010] [debug] mod_admserv/mod_admserv.c(1910): [25584] cache entry not found for user [ldapadmin] [Fri Jun 25 09:19:22 2010] [debug] mod_admserv/mod_admserv.c(1918): [25584] user [ldapadmin] not cached - reason user not in cache [Fri Jun 25 09:19:22 2010] [crit] buildUGInfo(): unable to initialize TLS connection to LDAP host vuwunicooimm001.vuw.ac.nz port 636: 4 [Fri Jun 25 09:19:22 2010] [notice] [client 127.0.0.1] admserv_check_authz(): passing [/admin-serv/authenticate] to the userauth handler [Fri Jun 25 09:19:22 2010] [crit] buildUGInfo(): unable to initialize TLS connection to LDAP host vuwunicooimm001.vuw.ac.nz port 636: 4 [Fri Jun 25 09:19:22 2010] [debug] mod_admserv/mod_admserv.c(2609): userauth, bind (null) ========================= regards -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20100625/44f6a53d/attachment-0001.html -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 12639 bytes Desc: image001.png Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20100625/44f6a53d/attachment-0002.png -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.png Type: image/png Size: 20025 bytes Desc: image002.png Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20100625/44f6a53d/attachment-0003.png
