Hi Mark, I've created our /root/.dsrc file. I'm still getting the same error: Error: Can't contact LDAP server - error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed (self signed certificate in certificate chain) As for the version, our system is up to date. Maybe 389-ds-base-1.4.3.22-1 isn't in the CentOS repos, yet?
The build was done two weeks ago, it should be available on centos 8:
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-MODULAR-2021-5e13f174a7
Try this out. If it still fails, can you confirm that the
settings you used in .dsrc match the server on that machine? Your
.dsrc. probaly should not reference "slapd-localhost" but whatever
instance name was ued during server setup.
The last option is just to use ldapi instead of ldaps. To use ldapi you can remove the "uri" from the .dsrc because the tool use LDAPI by default, or change "uri" to use "ldapi:// ..."
An example can be seen here:
https://www.port389.org/docs/389ds/howto/howto-install-389.html#setting-up-directory-manager-credentials
uri = ldapi://%2fvar%2frun%2fslapd-YOUR_INSTANCE.socketHTH,
Mark
-Bryan On Mon, Apr 05, 2021 at 12:18:00PM -0400, Mark Reynolds wrote:On 4/5/21 12:06 PM, Mark Reynolds wrote:On 4/5/21 10:55 AM, Bryan K. Walton wrote:On Mon, Apr 05, 2021 at 10:42:45AM -0400, Mark Reynolds wrote:Hi Bryan, What version of 389-ds-base is installed?Results of "rpm -qi 389-ds-base" Version : 1.4.3.17 Release : 1.module_el8+10764+2b5f8656 Install Date: Mon 01 Feb 2021 09:33:07 AM CST Source RPM : 389-ds-base-1.4.3.17-1.module_el8+10764+2b5f8656.src.rpmDid you see my other comments from my previous email about the .dsrc file?And, I strongly suggest upgrading to: 389-ds-base-1.4.3.22-1 I think there are other bugs in 1.4.3.17 that might prevent the .dsrc from working correctly. Mark-Bryan-- 389 Directory Server Development Team_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
-- 389 Directory Server Development Team
_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
