Re: [389-users] Announcing 389 Directory Server 1.2.6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Aaron Hagopian wrote:
> After upgrading, although it's possible it broke on one of the RCs 
> since I do not usually run the admin server on my development 
> environment, when I try to connect using the 389-console I get an 
> error 32, cannot connect to the directory server....
>
> When I look through the admin-serv logs i see:
>
>     [Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1]
>     admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1
>     [Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1]
>     admserv_host_ip_check: host [localhost.localdomain] did not match
>     pattern [*.barf.hra.local] -will scan aliases
>     [Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1]
>     admserv_host_ip_check: host alias [localhost] did not match
>     pattern [*.barf.hra.local]
>     [Tue Sep 14 08:53:43 2010] [crit] buildUGInfo(): unable to
>     initialize TLS connection to LDAP host barfolomew.hra.local port
>     389: 4
>     [Tue Sep 14 08:53:43 2010] [notice] [client 127.0.0.1]
>     admserv_check_authz(): passing [/admin-serv/authenticate] to the
>     userauth handler
>     [Tue Sep 14 08:53:43 2010] [crit] buildUGInfo(): unable to
>     initialize TLS connection to LDAP host barfolomew.hra.local port
>     389: 4
>
> Now I see what the problem is about the cert name but I never told the 
> admin server to use TLS to connect to the LDAP server and when I was 
> running 1.2.5 I never had this problem.  I do run my server on SSL as 
> well on port 636.  Is it trying start TLS because it can?
No.  Not sure what changed.  Take a look at the directory server access 
log from around this time.  Let's see what the admin server is looking 
for.  Also check /etc/dirsrv/admin-serv/adm.conf and local.conf for any 
tls/ssl/ldaps settings.
> Anyway to disable that since I do not feel like generating a new cert 
> to match my administrative domain I put in when I setup the DS.
http://directory.fedoraproject.org/wiki/Howto:SSL#Console_SSL_Information
or
http://directory.fedoraproject.org/wiki/Howto:SSL#Admin_Server_SSL_Information
>
>
>
> [root@barfolomew admin-serv]# rpm -qi 389-ds-base
> Name        : 389-ds-base                  Relocations: (not relocatable)
> Version     : 1.2.6                             Vendor: Fedora Project
> Release     : 1.fc13                        Build Date: Thu 26 Aug 
> 2010 04:34:30 PM CDT
> Install Date: Mon 13 Sep 2010 09:19:02 AM CDT      Build Host: 
> x86-20.phx2.fedoraproject.org <http://x86-20.phx2.fedoraproject.org>
> Group       : System Environment/Daemons    Source RPM: 
> 389-ds-base-1.2.6-1.fc13.src.rpm
> Size        : 6043179                          License: GPLv2 with 
> exceptions
> Signature   : RSA/SHA256, Thu 26 Aug 2010 08:43:14 PM CDT, Key ID 
> 7edc6ad6e8e40fde
> Packager    : Fedora Project
> URL         : http://port389.org/
> Summary     : 389 Directory Server (base)
> Description :
> 389 Directory Server is an LDAPv3 compliant server.  The base package 
> includes
> the LDAP server and command line utilities for server administration.
>
> [root@barfolomew admin-serv]# rpm -qi 389-admin
> Name        : 389-admin                    Relocations: (not relocatable)
> Version     : 1.1.11                            Vendor: Fedora Project
> Release     : 1.fc13                        Build Date: Thu 26 Aug 
> 2010 04:53:40 PM CDT
> Install Date: Mon 13 Sep 2010 09:19:35 AM CDT      Build Host: 
> x86-20.phx2.fedoraproject.org <http://x86-20.phx2.fedoraproject.org>
> Group       : System Environment/Daemons    Source RPM: 
> 389-admin-1.1.11-1.fc13.src.rpm
> Size        : 1510119                          License: GPLv2 and ASL 2.0
> Signature   : RSA/SHA256, Thu 26 Aug 2010 08:49:10 PM CDT, Key ID 
> 7edc6ad6e8e40fde
> Packager    : Fedora Project
> URL         : http://port389.org/
> Summary     : 389 Administration Server (admin)
> Description :
> 389 Administration Server is an HTTP agent that provides management 
> features
> for 389 Directory Server.  It provides some management web apps that can
> be used through a web browser.  It provides the authentication, access 
> control,
> and CGI utilities used by the console.
>
>
>
>
> On Mon, Sep 13, 2010 at 2:03 PM, Rich Megginson <rmeggins@xxxxxxxxxx 
> <mailto:rmeggins@xxxxxxxxxx>> wrote:
>
>     The 389 team is pleased to announce the availability of version 1.2.6.
>     This release is essentially the same as 1.2.6 RC7.
>
>     * Release Notes - http://port389.org/wiki/Release_Notes
>     * Install_Guide - http://port389.org/wiki/Install_Guide
>     * Download - http://port389.org/wiki/Download
>
>     === New features ===
>     * Upgrade_to_New_DN_Format
>     http://directory.fedoraproject.org/wiki/Upgrade_to_New_DN_Format
>     ** in order to make sure DN valued attributes can be searched
>     correctly,
>     an upgrade will automatically fix these values in the database
>
>     * Replication_Session_Hooks
>     http://directory.fedoraproject.org/wiki/Replication_Session_Hooks
>     ** API for plugins to intercept replication session at various points
>
>     * Managed Entries -
>     http://directory.fedoraproject.org/wiki/Managed_Entry_Design
>     ** Used, for example, to automatically create the user's group entry
>     when adding a user entry
>
>     * Subtree Rename and Entry Move (modifyDN with newSuperior)
>     ** https://bugzilla.redhat.com/show_bug.cgi?id=429005
>     ** ability to rename a node that has children
>     ** ability to move a node, with or without children, to another
>     parent node
>
>     * Security Enhancements
>     ** SELinux Policy
>     http://directory.fedoraproject.org/wiki/SELinux_Policy
>     *** https://bugzilla.redhat.com/show_bug.cgi?id=442228
>
>     * Matching rules
>     ** support for all RFC 4517 matching rules (except the
>     FirstComponent ones)
>
>     === Bugs Fixed ===
>     This release contains many, many bug fixes.  The complete list of bugs
>     fixed is found at the link below.  Note that bugs marked as MODIFIED
>     have been fixed but are still in testing.
>     * Tracking bug for 1.2.6 release -
>     https://bugzilla.redhat.com/showdependencytree.cgi?id=543590&hide_resolved=0
>     <https://bugzilla.redhat.com/showdependencytree.cgi?id=543590&hide_resolved=0>
>
>
>     --
>     389 users mailing list
>     389-users@xxxxxxxxxxxxxxxxxxxxxxx
>     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>     https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
> ------------------------------------------------------------------------
>
> --
> 389 users mailing list
> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users


[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux