Okay, so you need to create the domain objects then. I'm not sure your ldapadd file is correct though, I think you need a blank line between the two entries? > On 24 Sep 2019, at 12:55, rtbell@xxxxxxxxxxxxxxxxxxx wrote: > > William, > > The result was the same except that the base was <dc=granitemountain, dc=com> with scope subtree instead of <dc=granitemountain,> with scope subtree > > Bob > > -----Original Message----- > From: William Brown [mailto:wbrown@xxxxxxx] > Sent: Monday, September 23, 2019 20:43 > To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx > Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30 > > You need to quote it because else the shell thinks it's two arguments? > >> On 24 Sep 2019, at 12:31, rtbell@xxxxxxxxxxxxxxxxxxx <rtbell@xxxxxxxxxxxxxxxxxxx> wrote: >> >> William - >> >> I did it with this command: >> ldapsearch -b dc=granitemountain, dc=com -h $HOSTNAME -x -D >> 'cn=Directory Manager' -W >> >> The results were: >> # extended LDIF >> # >> # LDAPv3 >> # base <dc=granitemountain,> with scope subtree # filter: dc=com # >> requesting: ALL # >> >> # search: results >> search: 2 >> result: 32 No such object >> >> # numResponses: 1 >> >> I am not sure what the ',' is doing in the base definition >> [<dc=granitemountain,>] >> >> >> Bob >> >> -----Original Message----- >> From: William Brown [mailto:wbrown@xxxxxxx] >> Sent: Monday, September 23, 2019 19:37 >> To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx >> Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30 >> >> Can you do an ldapsearch -b dc=granitemountain, dc=com -h ... -x -D ... -W and see what exists already? >> >>> On 24 Sep 2019, at 10:39, rtbell@xxxxxxxxxxxxxxxxxxx <rtbell@xxxxxxxxxxxxxxxxxxx> wrote: >>> >>> William, >>> >>> I was trying it as you suggested. It now gets past the password issue. However, I am not hitting another roadblock. >>> >>> The original entries in the file I created are: >>> dn: dc=granitemountain, dc=com >>> objectClass: domain >>> dc: granitemountain >>> dn: dc=pki, dc=granitemountain, dc=com >>> objectClass: domain >>> dc: pki >>> >>> When I created the file (without the leading tabs of course) I then used the command: >>> ldapadd -f /tmp/ldapadd-file -h $HOSTNAME -x -D 'cn=Directory Manager' >>> -W as you suggested. >>> >>> That got me past the password issue. Now however, it created the >>> first record (for the granitemountain domain) but it now issues a new error. >>> The transcript is >>> >>> Adding new entry "dc=pki", dc=granitemountain, dc=com" >>> Ldap_add: No such object (32) >>> >>> Any thoughts? >>> >>> Bob >>> >>> -----Original Message----- >>> From: William Brown [mailto:wbrown@xxxxxxx] >>> Sent: Monday, September 23, 2019 18:20 >>> To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>> Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30 >>> >>> Can you try the -f /file/of/changes rather than redirecting into the command? >>> >>>> On 24 Sep 2019, at 10:16, rtbell@xxxxxxxxxxxxxxxxxxx wrote: >>>> >>>> William, thanks for responding. In the original command string I used -w redhat123 instead of -W which causes a prompt for the password. In both cases, I got the same error. >>>> >>>> -----Original Message----- >>>> From: William Brown [mailto:wbrown@xxxxxxx] >>>> Sent: Monday, September 23, 2019 18:12 >>>> To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>> Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30 >>>> >>>> >>>> >>>>> On 24 Sep 2019, at 09:46, rtbell@xxxxxxxxxxxxxxxxxxx <rtbell@xxxxxxxxxxxxxxxxxxx> wrote: >>>>> >>>>> I have hit a roadblock and would appreciate any help I can get. I am running in a VM Workstation virtualization platform on a Windows 10 host machine. >>>>> >>>>> I created a LAMP version of Fedora 30 using mariadb instead of mysql. I changed the host name to cn-poc-pki.granitemountain.com rebooted the system and verified that the host name was correct. I added cn-poc-pki.granitemountain.com to the hosts table and rebooted again. I then used dnf install 389-ds-base to retrieve the 389-ds subsystem. I used dscreate create-template ds.tmp to create a template. I used vim to update the fields in the template file I am attaching the template file. >>>>> >>>>> When I try to assert an ldapadd –h $HOSTNAME –x –D “cn=DirectoryManager” –W <<EOF with a number of additional parameters, I get an ldap_bind: Invalid credentials (49) error message. Obviously I have misconfigured something but I have been unable to discover what it might be. Could some of you experts please look at my configuration and tell me what I screwed up, please? >>>> >>>> Hey there, >>>> >>>> I wonder if you try something like: >>>> >>>> ldapadd -f /path/to/file/of/changes -h $HOSTNAME -x -D 'cn=Directory >>>> Manager' -W >>>> >>>> If that works. >>>> >>>> I think that -W prompts, so right now you are echoing your changes as the password perhaps. >>>> >>>> Hope that helps >>>> >>>>> >>>>> Bob Bell >>>>> >>>>> Granite Mountain Security Consultancy, LLC. >>>>> 90 W 500 South, #404 >>>>> Bountiful UT 84010 >>>>> >>>>> 801-971-4200 (cell) >>>>> rtbell@xxxxxxxxxxxxxxxxxxx >>>>> >>>>> "Beware the engineers of society, I say, who would make everyone in >>>>> all the world equal. >>>>> Opportunity should be equal, must be equal, but achievement must >>>>> remain individual.” >>>>> ---Drizzt Do’Urden >>>>> >>>>> >>>>> >>>>> <ds.tmp>_______________________________________________ >>>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>>>> unsubscribe send an email to >>>>> 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>>> Fedora Code of Conduct: >>>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>> List Guidelines: >>>>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>> List Archives: >>>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedor >>>>> a >>>>> p >>>>> r >>>>> oject.org >>>> >>>> — >>>> Sincerely, >>>> >>>> William Brown >>>> >>>> Senior Software Engineer, 389 Directory Server SUSE Labs >>>> _______________________________________________ >>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>>> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>> Fedora Code of Conduct: >>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>> List Guidelines: >>>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>>> List Archives: >>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedora >>>> p r oject.org _______________________________________________ >>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>>> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>> Fedora Code of Conduct: >>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>> List Guidelines: >>>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>>> List Archives: >>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedora >>>> p >>>> r >>>> oject.org >>> >>> — >>> Sincerely, >>> >>> William Brown >>> >>> Senior Software Engineer, 389 Directory Server SUSE Labs >>> _______________________________________________ >>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>> Fedora Code of Conduct: >>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>> List Guidelines: >>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>> List Archives: >>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorap >>> r oject.org _______________________________________________ >>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>> Fedora Code of Conduct: >>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>> List Guidelines: >>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>> List Archives: >>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorap >>> r >>> oject.org >> >> — >> Sincerely, >> >> William Brown >> >> Senior Software Engineer, 389 Directory Server SUSE Labs >> _______________________________________________ >> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: >> https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr >> oject.org _______________________________________________ >> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: >> https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr >> oject.org > > — > Sincerely, > > William Brown > > Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx — Sincerely, William Brown Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
