Gerrard Geldenhuis wrote: > Hi > If I set > nsslapd-allow-anonymous-access: off > I am not able to login to the 389-console. I can remedy this by checking the checkbox "Use SSL in Console" in the Encryption tab on the Directory Server console. This seems a strange solution to the problem. Why would disabing anonymous access break console access and why would enabling "Use SSL in Console" fix it? > When you first log in to the console, and you type in your ID, the directory server has no credentials, and has to perform an anonymous search for uid=youruid to find your BIND DN. This is the same as when you log in to the operating system - pam has to do a search like uid=youruserid as anonymous to find your BIND DN. Not sure why selecting Use SSL in Console would fix that. You can use 389-console -D 9 -f console.log to get detailed logging. > I get another interesting error as well with the "Use SSL in Console" checkbox checked. > Login to Management Console > Open Directory Console > Click on Configuration tab > Click on Encryption tab > > I get "An error has occured" > Could not open file(null). File does not exist or filename is invalid. > > After I click on OK, I can proceed to the Encryption tab. Is this a bug or me not configuring something. The error message is not very helpfull. > I think you have to install the CA cert in the admin server cert db before you can do Use SSL in Console. > Regards > > ________________________________________________________________________ > In order to protect our email recipients, Betfair Group use SkyScan from > MessageLabs to scan all Incoming and Outgoing mail for viruses. > > ________________________________________________________________________ > -- > 389 users mailing list > 389-users at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users >
