> On 25 Sep 2019, at 02:51, rtbell@xxxxxxxxxxxxxxxxxxx <rtbell@xxxxxxxxxxxxxxxxxxx> wrote: > > William, > > I started over from scratch and began to follow exactly the path I had charted out with the inclusion of where the blanks and empty lines were to be in the various command lines. > > It Worked!!! > > Thanks for your help and insights. That was what enabled me to get to this point. Great to hear it! Happy to have helped :) If you have any further questions, please let us know. > > Bob > > -----Original Message----- > From: William Brown [mailto:wbrown@xxxxxxx] > Sent: Monday, September 23, 2019 20:58 > To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx > Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30 > > Okay, so you need to create the domain objects then. I'm not sure your ldapadd file is correct though, I think you need a blank line between the two entries? > >> On 24 Sep 2019, at 12:55, rtbell@xxxxxxxxxxxxxxxxxxx wrote: >> >> William, >> >> The result was the same except that the base was <dc=granitemountain, >> dc=com> with scope subtree instead of <dc=granitemountain,> with scope >> subtree >> >> Bob >> >> -----Original Message----- >> From: William Brown [mailto:wbrown@xxxxxxx] >> Sent: Monday, September 23, 2019 20:43 >> To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx >> Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30 >> >> You need to quote it because else the shell thinks it's two arguments? >> >>> On 24 Sep 2019, at 12:31, rtbell@xxxxxxxxxxxxxxxxxxx <rtbell@xxxxxxxxxxxxxxxxxxx> wrote: >>> >>> William - >>> >>> I did it with this command: >>> ldapsearch -b dc=granitemountain, dc=com -h $HOSTNAME -x -D >>> 'cn=Directory Manager' -W >>> >>> The results were: >>> # extended LDIF >>> # >>> # LDAPv3 >>> # base <dc=granitemountain,> with scope subtree # filter: dc=com # >>> requesting: ALL # >>> >>> # search: results >>> search: 2 >>> result: 32 No such object >>> >>> # numResponses: 1 >>> >>> I am not sure what the ',' is doing in the base definition >>> [<dc=granitemountain,>] >>> >>> >>> Bob >>> >>> -----Original Message----- >>> From: William Brown [mailto:wbrown@xxxxxxx] >>> Sent: Monday, September 23, 2019 19:37 >>> To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>> Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30 >>> >>> Can you do an ldapsearch -b dc=granitemountain, dc=com -h ... -x -D ... -W and see what exists already? >>> >>>> On 24 Sep 2019, at 10:39, rtbell@xxxxxxxxxxxxxxxxxxx <rtbell@xxxxxxxxxxxxxxxxxxx> wrote: >>>> >>>> William, >>>> >>>> I was trying it as you suggested. It now gets past the password issue. However, I am not hitting another roadblock. >>>> >>>> The original entries in the file I created are: >>>> dn: dc=granitemountain, dc=com >>>> objectClass: domain >>>> dc: granitemountain >>>> dn: dc=pki, dc=granitemountain, dc=com >>>> objectClass: domain >>>> dc: pki >>>> >>>> When I created the file (without the leading tabs of course) I then used the command: >>>> ldapadd -f /tmp/ldapadd-file -h $HOSTNAME -x -D 'cn=Directory Manager' >>>> -W as you suggested. >>>> >>>> That got me past the password issue. Now however, it created the >>>> first record (for the granitemountain domain) but it now issues a new error. >>>> The transcript is >>>> >>>> Adding new entry "dc=pki", dc=granitemountain, dc=com" >>>> Ldap_add: No such object (32) >>>> >>>> Any thoughts? >>>> >>>> Bob >>>> >>>> -----Original Message----- >>>> From: William Brown [mailto:wbrown@xxxxxxx] >>>> Sent: Monday, September 23, 2019 18:20 >>>> To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>> Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30 >>>> >>>> Can you try the -f /file/of/changes rather than redirecting into the command? >>>> >>>>> On 24 Sep 2019, at 10:16, rtbell@xxxxxxxxxxxxxxxxxxx wrote: >>>>> >>>>> William, thanks for responding. In the original command string I used -w redhat123 instead of -W which causes a prompt for the password. In both cases, I got the same error. >>>>> >>>>> -----Original Message----- >>>>> From: William Brown [mailto:wbrown@xxxxxxx] >>>>> Sent: Monday, September 23, 2019 18:12 >>>>> To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>>> Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30 >>>>> >>>>> >>>>> >>>>>> On 24 Sep 2019, at 09:46, rtbell@xxxxxxxxxxxxxxxxxxx <rtbell@xxxxxxxxxxxxxxxxxxx> wrote: >>>>>> >>>>>> I have hit a roadblock and would appreciate any help I can get. I am running in a VM Workstation virtualization platform on a Windows 10 host machine. >>>>>> >>>>>> I created a LAMP version of Fedora 30 using mariadb instead of mysql. I changed the host name to cn-poc-pki.granitemountain.com rebooted the system and verified that the host name was correct. I added cn-poc-pki.granitemountain.com to the hosts table and rebooted again. I then used dnf install 389-ds-base to retrieve the 389-ds subsystem. I used dscreate create-template ds.tmp to create a template. I used vim to update the fields in the template file I am attaching the template file. >>>>>> >>>>>> When I try to assert an ldapadd –h $HOSTNAME –x –D “cn=DirectoryManager” –W <<EOF with a number of additional parameters, I get an ldap_bind: Invalid credentials (49) error message. Obviously I have misconfigured something but I have been unable to discover what it might be. Could some of you experts please look at my configuration and tell me what I screwed up, please? >>>>> >>>>> Hey there, >>>>> >>>>> I wonder if you try something like: >>>>> >>>>> ldapadd -f /path/to/file/of/changes -h $HOSTNAME -x -D >>>>> 'cn=Directory Manager' -W >>>>> >>>>> If that works. >>>>> >>>>> I think that -W prompts, so right now you are echoing your changes as the password perhaps. >>>>> >>>>> Hope that helps >>>>> >>>>>> >>>>>> Bob Bell >>>>>> >>>>>> Granite Mountain Security Consultancy, LLC. >>>>>> 90 W 500 South, #404 >>>>>> Bountiful UT 84010 >>>>>> >>>>>> 801-971-4200 (cell) >>>>>> rtbell@xxxxxxxxxxxxxxxxxxx >>>>>> >>>>>> "Beware the engineers of society, I say, who would make everyone >>>>>> in all the world equal. >>>>>> Opportunity should be equal, must be equal, but achievement must >>>>>> remain individual.” >>>>>> ---Drizzt Do’Urden >>>>>> >>>>>> >>>>>> >>>>>> <ds.tmp>_______________________________________________ >>>>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>>>>> unsubscribe send an email to >>>>>> 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>>>> Fedora Code of Conduct: >>>>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>>> List Guidelines: >>>>>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>>> List Archives: >>>>>> https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxx >>>>>> r >>>>>> a >>>>>> p >>>>>> r >>>>>> oject.org >>>>> >>>>> — >>>>> Sincerely, >>>>> >>>>> William Brown >>>>> >>>>> Senior Software Engineer, 389 Directory Server SUSE Labs >>>>> _______________________________________________ >>>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>>>> unsubscribe send an email to >>>>> 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>>> Fedora Code of Conduct: >>>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>> List Guidelines: >>>>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>> List Archives: >>>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedor >>>>> a p r oject.org _______________________________________________ >>>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>>>> unsubscribe send an email to >>>>> 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>>> Fedora Code of Conduct: >>>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>> List Guidelines: >>>>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>> List Archives: >>>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedor >>>>> a >>>>> p >>>>> r >>>>> oject.org >>>> >>>> — >>>> Sincerely, >>>> >>>> William Brown >>>> >>>> Senior Software Engineer, 389 Directory Server SUSE Labs >>>> _______________________________________________ >>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>>> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>> Fedora Code of Conduct: >>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>> List Guidelines: >>>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>>> List Archives: >>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedora >>>> p r oject.org _______________________________________________ >>>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>>> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>>> Fedora Code of Conduct: >>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>> List Guidelines: >>>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>>> List Archives: >>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedora >>>> p >>>> r >>>> oject.org >>> >>> — >>> Sincerely, >>> >>> William Brown >>> >>> Senior Software Engineer, 389 Directory Server SUSE Labs >>> _______________________________________________ >>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>> Fedora Code of Conduct: >>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>> List Guidelines: >>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>> List Archives: >>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorap >>> r oject.org _______________________________________________ >>> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >>> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >>> Fedora Code of Conduct: >>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>> List Guidelines: >>> https://fedoraproject.org/wiki/Mailing_list_guidelines >>> List Archives: >>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorap >>> r >>> oject.org >> >> — >> Sincerely, >> >> William Brown >> >> Senior Software Engineer, 389 Directory Server SUSE Labs >> _______________________________________________ >> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: >> https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr >> oject.org _______________________________________________ >> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: >> https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr >> oject.org > > — > Sincerely, > > William Brown > > Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx — Sincerely, William Brown Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
