Re: Admin Server Failure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks again for all your help, I think I just figured it out. The dbswitch.conf file was owned by root when it should have been owned by nobody. 

Ian

Ian Marks wrote:

I really appreciate your help!!

adm.conf
ldapHost:   cac.example.com
ldapPort:   389
sie: cn=admin-serv-cac, cn=Fedora Administration Server, cn=Server Group, cn=cac.example.com, ou=example.com, o=NetscapeRoot 
siepid:   xxxxxxxx
isie: cn=Fedora Administration Server, cn=Server Group, cn=cac.example.com, ou=example.com, o=NetscapeRoot 
port:   1389
ldapStart:   slapd-cac/start-slapd


dbswitch.conf

directory default ldap://cac.example.com:389/o%3DNetscapeRoot


Richard Megginson wrote:

Ian Marks wrote:

Here is the last few lines from the error log after enabling debug.
[Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): populate_tasks_from_server(): Added task entry [cn=htmladmin,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora administration server,cn=server group,cn=cac.example.com,ou=example.com,o=netscaperoot:htmladmin:] for user [LocalSuper] [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): populate_tasks_from_server(): Added task entry [cn=statpingserv,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora administration server,cn=server group,cn=cac.example.com,ou=example.com,o=netscaperoot:statpingserv:] for user [LocalSuper] [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): populate_tasks_from_server(): Added task entry [cn=viewdata,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora administration server,cn=server group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewdata:] for user [LocalSuper] [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): populate_tasks_from_server(): Added task entry [cn=viewlog,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora administration server,cn=server group,cn=cac.example.com,ou=example.com,o=netscaperoot:viewlog:] for user [LocalSuper] [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): populate_tasks_from_server(): Added task entry [cn=monreplication,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora administration server,cn=server group,cn=cac.example.com,ou=example.com,o=netscaperoot:monreplication:] for user [LocalSuper] [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): populate_tasks_from_server(): Added task entry [cn=repl-monitor-cgi.pl,cn=configuration,cn=tasks,cn=admin-serv-cac,cn=fedora administration server,cn=server group,cn=cac.example.com,ou=example.com,o=netscaperoot:repl-monitor-cgi.pl:] for user [LocalSuper] [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): populate_tasks_from_server(): Added task entry [cn=sync-task-sie-data,cn=commands,cn=admin-serv-cac,cn=fedora administration server,cn=server group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for user [LocalSuper] [Wed Aug 09 19:22:22 2006] [debug] mod_admserv.c(1428): populate_tasks_from_server(): Added task entry [cn=change-sie-password,cn=commands,cn=admin-serv-cac,cn=fedora administration server,cn=server group,cn=cac.example.com,ou=example.com,o=netscaperoot:runtime:] for user [LocalSuper] [Wed Aug 09 19:22:22 2006] [crit] host_ip_init(): PSET failure: Failed to create PSET handle (pset error = )
Hm - just pset? The other ldap stuff is working fine. Please post your admin-serv/config/adm.conf and shared/config/dbswitch.conf - be sure to obscure any sensitive information first. 


Ian

Richard Megginson wrote:

Ian Marks wrote:

I have the following ssl packages installed.
rpm -qa |grep ssl
openssl-0.9.7a-43.8
mod_ssl-2.0.52-22.ent.centos4
openssl-devel-0.9.7a-43.8
xmlsec1-openssl-1.2.6-3
The directory server is running and appears to be working correctly. Several other hosts are able to authenticate via pam against this DS server. Here is the output of "sh -xv start-admin", minus the copyright stuff: 

SERVER_ROOT=/opt/fedora-ds ; export SERVER_ROOT
+ SERVER_ROOT=/opt/fedora-ds
+ export SERVER_ROOT
NETSITE_ROOT=$SERVER_ROOT ; export NETSITE_ROOT
+ NETSITE_ROOT=/opt/fedora-ds
+ export NETSITE_ROOT
ADMSERV_ROOT=$SERVER_ROOT/admin-serv ; export ADMSERV_ROOT
+ ADMSERV_ROOT=/opt/fedora-ds/admin-serv
+ export ADMSERV_ROOT

unset PASSWORD_PIPE
+ unset PASSWORD_PIPE
LD_LIBRARY_PATH=${SERVER_ROOT}/bin/admin/lib:${SERVER_ROOT}/lib:${LD_LIBRARY_PATH};export LD_LIBRARY_PATH 
+ LD_LIBRARY_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:
+ export LD_LIBRARY_PATH
LIBPATH=${LD_LIBRARY_PATH}:${LIBPATH}:/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib; export LIBPATH + LIBPATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib:::/usr/threads/lib:/usr/ibmcxx/lib:/usr/lib:/lib 
+ export LIBPATH
SHLIB_PATH=${LD_LIBRARY_PATH}:${SHLIB_PATH}; export SHLIB_PATH
+ SHLIB_PATH=/opt/fedora-ds/bin/admin/lib:/opt/fedora-ds/lib::
+ export SHLIB_PATH

NS_SERVER_HOME=${SERVER_ROOT}; export NS_SERVER_HOME
+ NS_SERVER_HOME=/opt/fedora-ds
+ export NS_SERVER_HOME
PATH=${SERVER_ROOT}/bin/admin/bin:${PATH}; export PATH
+ PATH=/opt/fedora-ds/bin/admin/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin 
+ export PATH

HTTPD=/usr/sbin//httpd.worker
+ HTTPD=/usr/sbin//httpd.worker
# see if httpd is linked with the openldap libraries - we need to override them 
OS=`uname -s`
uname -s
++ uname -s
+ OS=Linux
if [ $OS = "Linux" ]; then
   hasol=0
/usr/bin/ldd $HTTPD 2>&1 | grep libldap > /dev/null 2>&1 && hasol=1 

   if [ $hasol -eq 1 ] ; then
LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so ${SERVER_ROOT}/bin/admin/lib/libldap50.so" 
       export LD_PRELOAD
   fi
fi
+ '[' Linux = Linux ']'
+ hasol=0
+ /usr/bin/ldd /usr/sbin//httpd.worker
+ grep libldap
+ hasol=1
+ '[' 1 -eq 1 ']'
+ LD_PRELOAD='/opt/fedora-ds/bin/admin/lib/libssl3.so /opt/fedora-ds/bin/admin/lib/libldap50.so' 
+ export LD_PRELOAD
$HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf "$@" + /usr/sbin//httpd.worker -k start -d /opt/fedora-ds/admin-serv -f /opt/fedora-ds/admin-serv/config/httpd.conf
So it correctly detects that httpd is linked against openldap and does the LD_PRELOAD. Next, try turning up the debug level. First, edit admin-serv/config/httpd.conf and change LogLevel to debug. Then, do start-admin -e debug. There should be a bunch of stuff in admin-serv/logs/error 




Richard Megginson wrote:

Ian Marks wrote:
Does anyone have a good idea where I can start troubleshooting the error below. I get the error when I attempt to start the admin server. I also posted an error from the htttpd logs which could be related. I'm running Centos 4.3 with FDS 1.0.2. 

/opt/fedora-ds/admin-serv/logs/error
[Wed Aug 09 18:43:34 2006] [crit] host_ip_init(): PSET failure: Failed to create PSET handle (pset error = ) 
Configuration Failed
1) The directory server must be up and running before attempting to start the admin server 2) If the DS is running, what is the output of doing sh -xv start-admin? 

/var/log/httpd/error_log
[Wed Aug 09 14:51:56 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK 
[Wed Aug 09 14:51:56 2006] [notice] LDAP: SSL support unavailable

Thanks,
Ian

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
------------------------------------------------------------------------ 

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users


--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
------------------------------------------------------------------------ 

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users


--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

------------------------------------------------------------------------

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users


--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users



--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux