Noriko,
It did work, thank you for your help. Replication is now working properly.
One question, I'm used to using cn=Directory Manager as well. Is there any downside to using cn=Administrators for 'root' privileges?
Thanks,
Herb
Ok. Then, did these work for you? $ ldapsearch -x -D "cn=Administrators" -w <pw> -s base -b "" "objectclass=*" $ ldapmodify -x-D "cn=Administrators" -w <pw><< EOF dn: cn=replication Manager,cn=config changetype: modify replace: userPassword userPassword: <new_password> EOF
On Wed, Apr 2, 2014 at 4:31 PM, Herb Burnswell <herbert.burnswell@xxxxxxxxx> wrote:
Noriko,I receive:nsslapd_rootdn: cn=AdministratorsOn Wed, Apr 2, 2014 at 4:02 PM, Herb Burnswell <herbert.burnswell@xxxxxxxxx> wrote:
Noriko,Thank you for your response. It looks like there's an issue with directory manager privilege. When I attempt the command:ldapsearch -x -D "cn=Directory Manager" -w <pw> -s base -b "" "objectclass=*"ldap_bind: No such object (32)
How can I confirm directory manager user?Thanks again for your help,HerbHello, This password is base64 encoded and folded at the ~80th column. (So, please do not remove the last '=') userPassword:: e1NTSEF9dGljWTdhcTlFSVRoYmRrZHhYcWxWN2dLZnhSMVpFeEJWd0xOeEE9PQ== If you decode it, it looks like this: {SSHA}ticY7aq9EIThbdkdxXqlV7gKfxR1ZExBVwLNxA== It is SSHA hashed. I think you have a directory manager privilege. If so, you could reset the password by ldapmodify command? ldapmodify ... << EOF dn: cn=replicationManager,cn=config changetype: modify replace: userPassword userPassword: <new_password> EOF Herb Burnswell wrote: > All,> > I am taking over a newly installed 389-ds environment: > > 389-admin-1.1.29-1.el6.x86_64 > 389-admin-console-1.1.8-1.el6.noarch > 389-admin-console-doc-1.1.8-1.el6.noarch > 389-adminutil-1.1.15-1.el6.x86_64 > 389-console-1.1.7-1.el6.noarch > 389-ds-1.2.2-1.el6.noarch > 389-ds-base-1.2.11.15-32.el6_5.x86_64 > 389-ds-base-libs-1.2.11.15-32.el6_5.x86_64 > 389-ds-console-1.2.6-1.el6.noarch > 389-ds-console-doc-1.2.6-1.el6.noarch > 389-dsgw-1.1.10-1.el6.x86_64 > > I have two systems that I will use as Multiple Masters. The problem > is when creating a replication agreement on each side, replication > fails with: > > 49 LDAP error invalid credentials > > So, I need to reset the replication manager user password. When I > look at the dse.ldif file I see: > > dn: cn=replicationManager,cn=config > objectClass: inetorgperson > objectClass: person > objectClass: top > objectClass: organizationalPerson > cn: replicationManager > sn: RM > passwordExpirationTime: 20380119031407Z > nsIdleTimeout: 0 > userPassword:: > e1NTSEF9dGljWTdhcTlFSVRoYmRrZHhYcWxWN2dLZnhSMVpFeEJWd0xOeEE9PQ= > = > creatorsName: cn=administrators > modifiersName: cn=administrators > createTimestamp: 20131025040123Z > modifyTimestamp: 20131025040123Z > > > This looks odd to me regarding the userPassword and it having an > 'extra line' after it. If I move the '=' sign back to the same above > line and bounce dirsrv it goes back to the above. > > In any event, how can I reset this password? Any assistance is > greatly appreciated. > > Thanks in advance, > > Herb
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
