After upgrading, although it's possible it broke on one of the RCs since I do not usually run the admin server on my development environment, when I try to connect using the 389-console I get an error 32, cannot connect to the directory server.... When I look through the admin-serv logs i see: [Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1] admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1 [Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1] admserv_host_ip_check: host [localhost.localdomain] did not match pattern [*.barf.hra.local] -will scan aliases [Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1] admserv_host_ip_check: host alias [localhost] did not match pattern [*.barf.hra.local] [Tue Sep 14 08:53:43 2010] [crit] buildUGInfo(): unable to initialize TLS connection to LDAP host barfolomew.hra.local port 389: 4 [Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1] admserv_check_authz(): passing [/admin-serv/authenticate] to the userauth handler [Tue Sep 14 08:53:43 2010] [crit] buildUGInfo(): unable to initialize TLS connection to LDAP host barfolomew.hra.local port 389: 4 Now I see what the problem is about the cert name but I never told the admin server to use TLS to connect to the LDAP server and when I was running 1.2.5 I never had this problem. I do run my server on SSL as well on port 636. Is it trying start TLS because it can? Anyway to disable that since I do not feel like generating a new cert to match my administrative domain I put in when I setup the DS. [root at barfolomew admin-serv]# rpm -qi 389-ds-base Name : 389-ds-base Relocations: (not relocatable) Version : 1.2.6 Vendor: Fedora Project Release : 1.fc13 Build Date: Thu 26 Aug 2010 04:34:30 PM CDT Install Date: Mon 13 Sep 2010 09:19:02 AM CDT Build Host: x86-20.phx2.fedoraproject.org Group : System Environment/Daemons Source RPM: 389-ds-base-1.2.6-1.fc13.src.rpm Size : 6043179 License: GPLv2 with exceptions Signature : RSA/SHA256, Thu 26 Aug 2010 08:43:14 PM CDT, Key ID 7edc6ad6e8e40fde Packager : Fedora Project URL : http://port389.org/ Summary : 389 Directory Server (base) Description : 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. [root at barfolomew admin-serv]# rpm -qi 389-admin Name : 389-admin Relocations: (not relocatable) Version : 1.1.11 Vendor: Fedora Project Release : 1.fc13 Build Date: Thu 26 Aug 2010 04:53:40 PM CDT Install Date: Mon 13 Sep 2010 09:19:35 AM CDT Build Host: x86-20.phx2.fedoraproject.org Group : System Environment/Daemons Source RPM: 389-admin-1.1.11-1.fc13.src.rpm Size : 1510119 License: GPLv2 and ASL 2.0 Signature : RSA/SHA256, Thu 26 Aug 2010 08:49:10 PM CDT, Key ID 7edc6ad6e8e40fde Packager : Fedora Project URL : http://port389.org/ Summary : 389 Administration Server (admin) Description : 389 Administration Server is an HTTP agent that provides management features for 389 Directory Server. It provides some management web apps that can be used through a web browser. It provides the authentication, access control, and CGI utilities used by the console. On Mon, Sep 13, 2010 at 2:03 PM, Rich Megginson <rmeggins at redhat.com> wrote: > The 389 team is pleased to announce the availability of version 1.2.6. > This release is essentially the same as 1.2.6 RC7. > > * Release Notes - http://port389.org/wiki/Release_Notes > * Install_Guide - http://port389.org/wiki/Install_Guide > * Download - http://port389.org/wiki/Download > > === New features === > * Upgrade_to_New_DN_Format > http://directory.fedoraproject.org/wiki/Upgrade_to_New_DN_Format > ** in order to make sure DN valued attributes can be searched correctly, > an upgrade will automatically fix these values in the database > > * Replication_Session_Hooks > http://directory.fedoraproject.org/wiki/Replication_Session_Hooks > ** API for plugins to intercept replication session at various points > > * Managed Entries - > http://directory.fedoraproject.org/wiki/Managed_Entry_Design > ** Used, for example, to automatically create the user's group entry > when adding a user entry > > * Subtree Rename and Entry Move (modifyDN with newSuperior) > ** https://bugzilla.redhat.com/show_bug.cgi?id=429005 > ** ability to rename a node that has children > ** ability to move a node, with or without children, to another parent node > > * Security Enhancements > ** SELinux Policy http://directory.fedoraproject.org/wiki/SELinux_Policy > *** https://bugzilla.redhat.com/show_bug.cgi?id=442228 > > * Matching rules > ** support for all RFC 4517 matching rules (except the FirstComponent ones) > > === Bugs Fixed === > This release contains many, many bug fixes. The complete list of bugs > fixed is found at the link below. Note that bugs marked as MODIFIED > have been fixed but are still in testing. > * Tracking bug for 1.2.6 release - > > https://bugzilla.redhat.com/showdependencytree.cgi?id=543590&hide_resolved=0 > > > -- > 389 users mailing list > 389-users at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20100914/10cbf354/attachment.html
