Re: Unable to login to admin console after upgrade

"Leonard " <leonard.lawton@xxxxxxxxxxxxx> · Thu, 18 Jul 2019 17:53:59 -0000

Trying to use "admin"

{SUBJECT_DN=CN=LDAPSERVER, SUBJECT={CN=LDAPSERVER}, SERIAL=3572, AFTERDATE=Tue Jan 02 12:01:36 2029, ISSUER={CN=389 DS}, SIGNATURE=SHA256withRSA, BEFOREDATE=Wed Jan 02 12:01:36 2019, KEYTYPE=RSA, REASONS={}, VERSION=3, ISSUER_DN=CN=389 DS}
https://LDAPSERVER:9830/[0:0] open> Ready
https://LDAPSERVER:9830/[0:0] accept> https://LDAPSERVER:9830/admin-serv/authenticate
https://LDAPSERVER:9830/[0:0] send> GET  \
https://LDAPSERVER:9830/[0:0] send> /admin-serv/authenticate \
https://LDAPSERVER:9830/[0:0] send>  HTTP/1.0
https://LDAPSERVER:9830/[0:0] send> Host: LDAPSERVER:9830
https://LDAPSERVER:9830/[0:0] send> Connection: Keep-Alive
https://LDAPSERVER:9830/[0:0] send> User-Agent: 389-Management-Console/1.1.17
https://LDAPSERVER:9830/[0:0] send> Accept-Language: en
https://LDAPSERVER:9830/[0:0] send> Authorization: Basic  \
https://LDAPSERVER:9830/[0:0] send> <REDACTED> \
https://LDAPSERVER:9830/[0:0] send> 
https://LDAPSERVER:9830/[0:0] send> 
https://LDAPSERVER:9830/[0:0] recv> HTTP/1.1 200 OK
https://LDAPSERVER:9830/[0:0] recv> Date: Thu, 18 Jul 2019 17:44:35 GMT
https://LDAPSERVER:9830/[0:0] recv> Server: Apache/2.2
HttpChannel.invoke: admin version = 2.2
https://LDAPSERVER:9830/[0:0] recv> Admin-Server: 389-Administrator/1.1.38
HttpChannel.invoke: admin version = 1.1.38
https://LDAPSERVER:9830/[0:0] recv> Content-Length: 314
https://LDAPSERVER:9830/[0:0] recv> Connection: close
https://LDAPSERVER:9830/[0:0] recv> Content-Type: text/html
https://LDAPSERVER:9830/[0:0] recv> 
https://LDAPSERVER:9830/[0:0] recv> Reading 314 bytes...
https://LDAPSERVER:9830/[0:0] recv> 314 bytes read
Console.replyHandler: adminVersion = 1.1.38

Trying to use "uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot"

CommManager> New CommRecord (https://LDAPSERVER:9830/admin-serv/authenticate)
CREATE JSS SSLSocket
https://LDAPSERVER:9830/[1:0] open> Ready
https://LDAPSERVER:9830/[1:0] accept> https://LDAPSERVER:9830/admin-serv/authenticate
https://LDAPSERVER:9830/[1:0] send> GET  \
https://LDAPSERVER:9830/[1:0] send> /admin-serv/authenticate \
https://LDAPSERVER:9830/[1:0] send>  HTTP/1.0
https://LDAPSERVER:9830/[1:0] send> Host: LDAPSERVER:9830
https://LDAPSERVER:9830/[1:0] send> Connection: Keep-Alive
https://LDAPSERVER:9830/[1:0] send> User-Agent: 389-Management-Console/1.1.17
https://LDAPSERVER:9830/[1:0] send> Accept-Language: en
https://LDAPSERVER:9830/[1:0] send> Authorization: Basic  \
https://LDAPSERVER:9830/[1:0] send> <REDACTED> \
https://LDAPSERVER:9830/[1:0] send> 
https://LDAPSERVER:9830/[1:0] send> 
https://LDAPSERVER:9830/[1:0] recv> HTTP/1.1 401 Authorization Required
https://LDAPSERVER:9830/[1:0] error> HttpException:
Response: HTTP/1.1 401 Authorization Required
Status:   401
URL:      https://LDAPSERVER:9830/admin-serv/authenticate
https://LDAPSERVER:9830/[1:0] close i/o stream
https://LDAPSERVER:9830/[1:0] close socket
https://LDAPSERVER:9830/[1:0] close> Closed

I am not seeing a bind attempt in the access log when specifying the full DN.
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx