Admin 4: Console cannot connect. How do I change access restrictions?
After I configure Netscape Server 4 products, such as Messaging Server 4 and
Directory Server 4, if I try to use Console to connect to the server, I receive
the following error message:
<P>
Can't login because of an incorrect userid, incorrect password, directory
problem.
Http Exception:
Response: Http/1.1 500 Server Error Status 500
url: http:/hostname:6666/admin-serv/authenticate
<P>
In some cases, you will receive the above error the first time you try to
connect to the Server 4 product using Console but you will be able to
successfully connect on subsequent attempts.
<P>
Unix clients:
<P>
The access restrictions apply to the system that is the source for the
connection to the server, not to the host system that displays the Console
window. You may be able to use the display features of X Windows to access
Console by using the following steps:
<P>
<OL>
<LI>Telnet from the Unix system with X Windows to the server.
<P>
<LI>Start Console from the command line.
<P>
In most cases, Console will find the source host and open the Console window on
your display automatically.
<P>
<LI>If the above step does not work, you may need to set the display
manually.
</OL>
<P>
After you have started Console, you will be able to configure the access
restrictions via the Console Configuration tab.
<P>
However, if neither of the above scenarios apply, then you will need to change
the configuration values nsadminaccesshosts
and nsadminaccessaddresses
on the Configuration Directory
Server. Normally, you can configure these values from Console. However,
if you cannot connect to the Admin Server through Console, this becomes a
chicken-and-egg problem. The following steps detail the procedure for
changing the access restrictions using ldapmodify
.
<P>
<OL>
<LI>Find the dn, or
distiguished name, of the Admin Server configuration using ldapsearch
.
<P>
Enter the following line:
<P>
$ ./ldapsearch -D "cn=Directory Manager" -w manager_password -b o=NetscapeRoot
"nsadminaccessaddresses=*"
<P>
<LI>Use ldapmodify to
change the value for nsadminaccessaddresses
.
<P>
Enter the following line:
<P>
$ ./ldapmodify -D "cn=Directory Manager" -w manager_password
dn: cn=configuration, cn=admin-serv-sunstorm, cn=Netscape Administration
Server, cn=Server Group, cn=sunstorm.mcom.com, ou=mcom.com, o=NetscapeRoot
changetype: modify
replace: nsadminaccessaddresses
nsadminaccessaddresses: (205.217.249.45|205.217.249.*)
<P>
Output:
<P>
modifying entry cn=configuration, cn=admin-serv-sunstorm, cn=Netscape
Administration Server, cn=Server Group, cn=sunstorm.mcom.com, ou=mcom.com,
o=NetscapeRoot
<P>
<LI>Use ldapmodify to
change the value for nsadminaccesshosts
.
<P>
Enter the following line:
<P>
dn: cn=configuration, cn=admin-serv-sunstorm, cn=Netscape Administration Server,
cn=Server Group, cn=sunstorm.mcom.com, ou=mcom.com, o=NetscapeRoot
changetype: modify
replace: nsadminaccesshosts
nsadminaccesshosts: (cmd.mcom.com|sunstorm.mcom.com)
<P>
Output:
<P>
modifying entry cn=configuration, cn=admin-serv-sunstorm, cn=Netscape
Administration Server, cn=Server Group, cn=sunstorm.mcom.com, ou=mcom.com,
o=NetscapeRoot
<P>
^D (control-D to exit)
<P>
<LI>Stop and start the Admin Server.
</OL>
<P>
One approach for changing the access restrictions is to first set the IP
address restriction to allow you to access the Admin Server with your Console.
Then, once you can access the server with your Console, you can fully configure
the access restrictions.
<P>
For more information on configuring the network settings for the Admin Server
via Console, see the document <I>Managing Servers with Netscape Console:
Administration Server Configuration</I> at
<A HREF="http://home.netscape.com/eng/server/console/4.1/Help/9_as2.htm#1023985"&g t;
http://home.netscape.com/eng/server/console/4.1/Help/9_as2.htm#1023985</A> ;.
<P>
<B>Notes:</B>
<P>
<UL>
<LI>The values for nsadminaccesshosts
and nsadminaccessaddresses
are visible in the
local.conf file. However, you
cannot configure these values by editing this file. These values will appear
as follows:
<P>
configuration.nsadminaccesshosts:
configuration.nsadminaccessaddresses:
<P>
For more information on the local.conf
file, please see the article
"Explanation of local.conf" 3886.
<P>
<LI>System administrators of SuiteSpot3 server products will notice that the
default access restrictions are the same for Admin Server 3 and Admin Server 4.
However, the access restrictions cannot be changed by editing the
ns-admin.conf file.
</UL>
