On 12/08/2011 04:17 PM, Brian High wrote:
Thanks, Rich. I was able to reproduce, even after
removing the nsNumGroups.
Here is how I did it. The server is running an updated RHEL5 64
bit server with the latest 389 Directory Server from "epel".
(398-ds-base 1.2.9.9)
From a Fedora 16 Live CD session (as my
desktop client), I loaded mgmt console through ssh tunnel:
$ ssh -X root@192.168.1.16 "389-console -D 9 -f /tmp/console.log"
Ah ha - this may explain the crashes - ssh -X + java apps == trouble
Logged into Management Console and went to Server Group ->
Directory Server -> Directory [tab]
The selected the entry for the dn which holds my site's info.
Then right clicked and chose "Set access permissions", clicked
"Enable anonymous access", pressed "Edit" button, clicked
"Targets" tab.
The first time I did this, the application crashed immediately and
I was returned to my local shell prompt, showing this:
[...]
Corrupted MAC on input.
Disconnecting: Packet corrupt
This looks like a message from ssh, not the console. In fact the
console doesn't show any exceptions or errors.
Where the [...] is also contained in the console.log.
The second time I tried this, I was able to get the "Targets" to
show okay, but after a couple seconds of scrolling the list, the
application crashed again. Only if I click "Edit manually" can I
work with the Targets items.
Here is the log output (sanitized). [Sorry for the long log (1869
lines).]
java.util.prefs.userRoot=/root/.389-console
<snip>
TableSorter.checkModel: table size was changed - need
to reallocate indexes
TableSorter.reallocateIndexes: getRowCount=404
No console errors - only ssh errors.
If you can reproduce this problem without using ssh -X let us know.
On Wed, 7 Dec 2011, Rich Megginson wrote:
On 12/07/2011 06:07 PM, Brian High wrote:
I think I found something...
I was looking at:
http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Mana
ging_Access_Control-Access_Control_Usage_Examples.html
And went to check on the ACI permissions for my main
search base. I see an "All
Users" entry under Users and the correct three boxes are
checked on the rights
tab. But when clicking on the "Targets" tab, I get a
popup error message saying
"The targetattr list contains unknown attributes or
unsupported syntax." Then
when I click OK and try to scroll the list, the console
crashes.
Please run 389-console -D 9 -f console.log and reproduce the
crash. Then remove any sensitive
information from console.log and send it to the list.
I see some Bugzilla entries related to ACI lists, such as
this one:
https://bugzilla.redhat.com/show_bug.cgi?id=733103
So, I will look those over and see if I might find one
that matches my situation.
--Brian
On Wed, 7 Dec 2011, Brian High wrote:
Jeremy,
Thanks for the suggestion.
I have found that setting this to "off" or "on" (and
restarting
dirsrv) makes no difference.
Any other ideas?
--Brian
On Thu, 8 Dec 2011, Jeremy A. Mates wrote:
El día 7 de diciembre de 2011 22:35, Brian
High
<high@xxxxxx> escribió:
Hi 389-users,
Perhaps you can help solve a mystery for
me.
nsslapd-allow-unauthenticated-binds: on
perhaps?
Jeremy
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Brian High
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
|
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
