New 389 ds install - cannot logon to adm console

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Eric,
The console has given me a few headaches in the past but so has my own mistakes... :)

Obvious things that can be wrong include:
Firewall issues
Is the admin server running, that may sound obvious but you will be surprised the number of times it has caught me.
If you have anonymous access disabled and ssl only access then the console will not work without doing some extra things. There is a bug related to this were the internals still try to use anonymous which will fail for obvious reasons because you have disallowed it.

Please feel free to contact me via msn or yahoo as per the private email or alternatively if you can give a complete listing of what settings you have set and configured that might help to shed light on the problem.

Can you access 9830 with curl locally on the box? have a look in the admin server's logs for why you are getting 401 errors.

Regards

> -----Original Message-----
> From: 389-users-bounces at lists.fedoraproject.org [mailto:389-users-
> bounces at lists.fedoraproject.org] On Behalf Of Eric Donkersloot
> Sent: 29 November 2010 09:51
> To: General discussion list for the 389 Directory server project.
> Subject: Re: New 389 ds install - cannot logon to adm console
> 
> Hi Gerrard,
> 
> Unfortunately it doesn't. I tried to login as the admin user using the fqdn.
> The debug console output gives me:
> 
> 389-Management-Console/1.1.5 B2010.123.2251
> CommManager> New CommRecord
> (http://bla.blablabla.bla:9830/admin-serv/authenticate)
> http://bla.blablabla.bla:9830/[0:0] open> Ready
> http://bla.blablabla.bla:9830/[0:0] accept>
> http://bla.blablabla.bla:9830/admin-serv/authenticate
> http://bla.blablabla.bla:9830/[0:0] send> GET  \
> http://bla.blablabla.bla:9830/[0:0] send> /admin-serv/authenticate \
> http://bla.blablabla.bla:9830/[0:0] send>  HTTP/1.0
> http://bla.blablabla.bla:9830/[0:0] send> Host: bla.blablabla.bla:9830
> http://bla.blablabla.bla:9830/[0:0] send> Connection: Keep-Alive
> http://bla.blablabla.bla:9830/[0:0] send> User-Agent:
> 389-Management-Console/1.1.5
> http://bla.blablabla.bla:9830/[0:0] send> Accept-Language: en
> http://bla.blablabla.bla:9830/[0:0] send> Authorization: Basic  \
> http://bla.blablabla.bla:9830/[0:0] send> YWRtaW46U1VSRm5ldDIwMTA= \
> http://bla.blablabla.bla:9830/[0:0] send> http://bla.blablabla.bla:9830/[0:0]
> send> http://bla.blablabla.bla:9830/[0:0] recv> HTTP/1.1 401 Authorization
> Required http://bla.blablabla.bla:9830/[0:0] error> HttpException:
> Response: HTTP/1.1 401 Authorization Required
> Status:   401
> URL:      http://bla.blablabla.bla:9830/admin-serv/authenticate
> http://<our>.<testserver>.<suffix>:9830/[0:0] close> Closed
> 
> /var/log/dirsrv/admin-serv/error:
> 
> [Mon Nov 29 10:48:07 2010] [crit] openLDAPConnection(): util_ldap_init
> failed for ldap://:389 [Mon Nov 29 10:48:07 2010] [warn] Unable to open
> initial LDAPConnection to populate LocalAdmin tasks into cache.
> [Mon Nov 29 10:48:08 2010] [notice] Apache/2.2.17 (Unix) configured --
> resuming normal operations [Mon Nov 29 10:48:08 2010] [crit]
> openLDAPConnection(): util_ldap_init failed for ldap://:389 [Mon Nov 29
> 10:48:08 2010] [warn] Unable to open initial LDAPConnection to populate
> LocalAdmin tasks into cache.
> [Mon Nov 29 10:48:51 2010] [notice] [client xxx.xx.xxx.xx]
> admserv_host_ip_check: Unauthorized host ip=xxx.xx.xxx.xx, connection
> rejected
> 
> Kind regards,
> 
> Eric
> 
> Gerrard Geldenhuis wrote:
> > Hi Eric, As a start always use the fqdn of the host rather than
> > 127.0.0.1 when connecting via the console. Secondly, 389-console has a
> > debug flag available that you can use while connecting that will shed
> > additional light on any other problems that may be causing issues.
> >
> > Regards
> 
> --
> Eric Donkersloot
> 
> SURFnet
> Radboudkwartier 273
> 3511 CK Utrecht
> M +31 6 4115 4547
> eric.donkersloot at surfnet.nl
> 
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users

________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from 
MessageLabs to scan all Incoming and Outgoing mail for viruses.

________________________________________________________________________
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux