On 03/31/2012 02:20 AM, Maurizio Marini wrote:
On Fri, 30 Mar 2012 14:45:28 -0600
Rich Megginson<rmeggins@xxxxxxxxxx> wrote:
Hello Richard
Is there any dsgw log to diagnose better the issue?
ls -al /var/run/dirsrv/dsgw
empty
ls -al /var/run/dirsrv/dsgw/cookies
empty
But they exist? I wanted to see the ownership and permissions on these
directories. If you ran setup-ds-admin.pl and chose the defaults, these
directories should be owned by nobody:nobody and should be mode 0700
(-rwx------)
the admin server logs are in /var/log/dirsrv/admin-serv
there is nothing newer than 1 day ago
if i enter a wrong password, i get an error on
/var/log/dirsrv/slapd-ds/access
and using credentials i am able to exec ldap search
[code]
ldapsearch -x -b "ou=People,dc=xx,dc=it" -D "uid=xxx,ou=People,dc=xxx,dc=it" -w xxx "(objectClass=person)" uid
# extended LDIF
#
# LDAPv3
# base<ou=People,dc=xxx,dc=it> with scope subtree
# filter: (objectClass=person)
# requesting: uid
#
# udiprova, People, xxx.it
dn: uid=udiprova,ou=People,dc=xxx,dc=it
uid: udiprova
# bpb001, People, xxx.it
dn: uid=bpb001,ou=People,dc=xxx,dc=it
uid: bpb001
# xxx, People, xxx.it
dn: uid=xxx,ou=People,dc=xxx,dc=it
uid: xxx
# search result
search: 2
result: 0 Success
# numResponses: 4
# numEntries: 3
[/code]
the issue is *after* authentication, the authentication with ldap is ok,
but after that, something into dsgw goes wrong
maybe there is something wrong in dsgw.conf:
[code]
baseurl ldap://localhost:389/ou%3DPeople,dc%3Dxxx,dc%3Dit
dirmgr "cn=Directory Manager"
location-suffix dc=xxx, dc=it
This should not have a space in it - it should be dc=xxx,dc=it - if
there are spaces in the values, then quote it like this:
location-suffix "dc=xxx, dc=it"
securitypath /etc/dirsrv/dsgw
htmldir /usr/share/dirsrv/dsgw/html/
configdir /usr/share/dirsrv/dsgw/config/
gwnametrans /dsgw/
authlifetime 7200
template group groupOfNames
template ntgroup groupOfUniqueNames ntGroup
template groupun groupOfUniqueNames
template org organization
template dc domain
template orgunit organizationalUnit
template ntperson person inetOrgPerson nTUser
template orgperson person inetOrgPerson
template person person
template country country
location country "Italy" "c=IT#"
Does this really have a "#" in it?
location org "This Organization" ""
location dc "This Domaincomponent" ""
location groups "Groups" "ou=Groups"
location people "People" "ou=People"
location special "Special Users" "ou=Special Users"
charset UTF-8
include "/usr/share/dirsrv/dsgw/config/dsgw-l10n.confMaurizio Marini<maumar@xxxxxxx>"
Does this really have the string "Maurizio Marini <maumar@xxxxxxx>" in it?
[/code]
sadly, without a specific dsgw log, i cannot diagnose anything
there is no trace in any log of what is doing dsgw ;(
at this point, a dsgw specific log can be an RFE and as such it should filed on bugzilla
isn't it?
Trac - https://fedorahosted.org/389
thnx for your attention
regards
-m
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
