Re: replication password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Herb Burnswell wrote:
Noriko,
Thank you for your response.  It looks like there's an issue with directory manager privilege.  When I attempt the command:
ldapsearch -x -D "cn=Directory Manager" -w <pw> -s base -b "" "objectclass=*"
ldap_bind: No such object (32)


How can I confirm directory manager user?
What value does this config attribute has?
# grep -i nsslapd-rootdn /etc/dirsrv/slapd-YOUR_ID/dse.ldif

Thanks,
--noriko


        
Thanks again for your help,
Herb

        

        

        
Hello,

This password is base64 encoded and folded at the ~80th column. (So, 
please do not remove the last '=')
userPassword:: 
e1NTSEF9dGljWTdhcTlFSVRoYmRrZHhYcWxWN2dLZnhSMVpFeEJWd0xOeEE9PQ==

If you decode it, it looks like this:

    {SSHA}ticY7aq9EIThbdkdxXqlV7gKfxR1ZExBVwLNxA==

It is SSHA hashed.

I think you have a directory manager privilege.  If so, you could reset 
the password by ldapmodify command?
ldapmodify ... << EOF
dn: cn=replicationManager,cn=config
changetype: modify
replace: userPassword
userPassword: <new_password>
EOF

Herb Burnswell wrote:
> All,
>
> I am taking over a newly installed 389-ds environment:
>
> 389-admin-1.1.29-1.el6.x86_64
> 389-admin-console-1.1.8-1.el6.noarch
> 389-admin-console-doc-1.1.8-1.el6.noarch
> 389-adminutil-1.1.15-1.el6.x86_64
> 389-console-1.1.7-1.el6.noarch
> 389-ds-1.2.2-1.el6.noarch
> 389-ds-base-1.2.11.15-32.el6_5.x86_64
> 389-ds-base-libs-1.2.11.15-32.el6_5.x86_64
> 389-ds-console-1.2.6-1.el6.noarch
> 389-ds-console-doc-1.2.6-1.el6.noarch
> 389-dsgw-1.1.10-1.el6.x86_64
>
> I have two systems that I will use as Multiple Masters.  The problem 
> is when creating a replication agreement on each side, replication 
> fails with:
>
> 49 LDAP error invalid credentials
>
> So, I need to reset the replication manager user password.  When I 
> look at the dse.ldif file I see:
>
> dn: cn=replicationManager,cn=config
> objectClass: inetorgperson
> objectClass: person
> objectClass: top
> objectClass: organizationalPerson
> cn: replicationManager
> sn: RM
> passwordExpirationTime: 20380119031407Z
> nsIdleTimeout: 0
> userPassword:: 
> e1NTSEF9dGljWTdhcTlFSVRoYmRrZHhYcWxWN2dLZnhSMVpFeEJWd0xOeEE9PQ=
>  =
> creatorsName: cn=administrators
> modifiersName: cn=administrators
> createTimestamp: 20131025040123Z
> modifyTimestamp: 20131025040123Z
>
>
> This looks odd to me regarding the userPassword and it having an 
> 'extra line' after it.  If I move the '=' sign back to the same above 
> line and bounce dirsrv it goes back to the above.
>
> In any event, how can I reset this password?   Any assistance is 
> greatly appreciated.
>
> Thanks in advance,
>
> Herb


--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux