Hi Eric, The console has given me a few headaches in the past but so has my own mistakes... :) Obvious things that can be wrong include: Firewall issues Is the admin server running, that may sound obvious but you will be surprised the number of times it has caught me. If you have anonymous access disabled and ssl only access then the console will not work without doing some extra things. There is a bug related to this were the internals still try to use anonymous which will fail for obvious reasons because you have disallowed it. Please feel free to contact me via msn or yahoo as per the private email or alternatively if you can give a complete listing of what settings you have set and configured that might help to shed light on the problem. Can you access 9830 with curl locally on the box? have a look in the admin server's logs for why you are getting 401 errors. Regards > -----Original Message----- > From: 389-users-bounces@xxxxxxxxxxxxxxxxxxxxxxx [mailto:389-users- > bounces@xxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Eric Donkersloot > Sent: 29 November 2010 09:51 > To: General discussion list for the 389 Directory server project. > Subject: Re: [389-users] New 389 ds install - cannot logon to adm console > > Hi Gerrard, > > Unfortunately it doesn't. I tried to login as the admin user using the fqdn. > The debug console output gives me: > > 389-Management-Console/1.1.5 B2010.123.2251 > CommManager> New CommRecord > (http://bla.blablabla.bla:9830/admin-serv/authenticate) > http://bla.blablabla.bla:9830/[0:0] open> Ready > http://bla.blablabla.bla:9830/[0:0] accept> > http://bla.blablabla.bla:9830/admin-serv/authenticate > http://bla.blablabla.bla:9830/[0:0] send> GET \ > http://bla.blablabla.bla:9830/[0:0] send> /admin-serv/authenticate \ > http://bla.blablabla.bla:9830/[0:0] send> HTTP/1.0 > http://bla.blablabla.bla:9830/[0:0] send> Host: bla.blablabla.bla:9830 > http://bla.blablabla.bla:9830/[0:0] send> Connection: Keep-Alive > http://bla.blablabla.bla:9830/[0:0] send> User-Agent: > 389-Management-Console/1.1.5 > http://bla.blablabla.bla:9830/[0:0] send> Accept-Language: en > http://bla.blablabla.bla:9830/[0:0] send> Authorization: Basic \ > http://bla.blablabla.bla:9830/[0:0] send> YWRtaW46U1VSRm5ldDIwMTA= \ > http://bla.blablabla.bla:9830/[0:0] send> http://bla.blablabla.bla:9830/[0:0] > send> http://bla.blablabla.bla:9830/[0:0] recv> HTTP/1.1 401 Authorization > Required http://bla.blablabla.bla:9830/[0:0] error> HttpException: > Response: HTTP/1.1 401 Authorization Required > Status: 401 > URL: http://bla.blablabla.bla:9830/admin-serv/authenticate > http://<our>.<testserver>.<suffix>:9830/[0:0] close> Closed > > /var/log/dirsrv/admin-serv/error: > > [Mon Nov 29 10:48:07 2010] [crit] openLDAPConnection(): util_ldap_init > failed for ldap://:389 [Mon Nov 29 10:48:07 2010] [warn] Unable to open > initial LDAPConnection to populate LocalAdmin tasks into cache. > [Mon Nov 29 10:48:08 2010] [notice] Apache/2.2.17 (Unix) configured -- > resuming normal operations [Mon Nov 29 10:48:08 2010] [crit] > openLDAPConnection(): util_ldap_init failed for ldap://:389 [Mon Nov 29 > 10:48:08 2010] [warn] Unable to open initial LDAPConnection to populate > LocalAdmin tasks into cache. > [Mon Nov 29 10:48:51 2010] [notice] [client xxx.xx.xxx.xx] > admserv_host_ip_check: Unauthorized host ip=xxx.xx.xxx.xx, connection > rejected > > Kind regards, > > Eric > > Gerrard Geldenhuis wrote: > > Hi Eric, As a start always use the fqdn of the host rather than > > 127.0.0.1 when connecting via the console. Secondly, 389-console has a > > debug flag available that you can use while connecting that will shed > > additional light on any other problems that may be causing issues. > > > > Regards > > -- > Eric Donkersloot > > SURFnet > Radboudkwartier 273 > 3511 CK Utrecht > M +31 6 4115 4547 > eric.donkersloot@xxxxxxxxxx > > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users ________________________________________________________________________ In order to protect our email recipients, Betfair Group use SkyScan from MessageLabs to scan all Incoming and Outgoing mail for viruses. ________________________________________________________________________ -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
