DS6 on RH ES 3
Trying to install DS6 on RH ES 3. Install runs smoothly until attempting to import ldif file. At that point I get "unable to bind securely" & "import operation falied".
From the log access log :
fd=13 slot=13 LDAP connection from 127.0.0.1:33506 to 127.0.0.1
[11/Apr/2007:15:53:28 -0500] conn=8 op=0 msgId=1 - EXT oid="1.3.6.1.4.1.1466.20037"
[11/Apr/2007:15:53:28 -0500] conn=8 op=0 msgId=1 - RESULT err=0 tag=120 nentries=0 etime=0, Start TLS request accepted.Server willing to negotiate SSL.
[11/Apr/2007:15:53:29 -0500] conn=8 op=-1 msgId=-1 - SSL 128-bit RC4
[11/Apr/2007:15:53:32 -0500] conn=8 op=1 msgId=2 - BIND dn="cn=admin,cn=Administrators,cn=dscc" method=128 version=3
[11/Apr/2007:15:53:32 -0500] conn=8 op=1 msgId=2 - RESULT err=32 tag=97 nentries=0 etime=4
[11/Apr/2007:15:53:32 -0500] conn=8 op=2 msgId=0 - RESULT err=80 tag=120 nentries=0 etime=0
[11/Apr/2007:15:53:32 -0500] conn=8 op=-1 msgId=-1 - closing from 127.0.0.1:33506 - A1 - Client aborted connection -
[11/Apr/2007:15:53:32 -0500] conn=8 op=-1 msgId=-1 - closed.
Is the problem associated with the self-signed cert that comes with the install?
Any suggestions/pointers to get me unstuck would be appreciated.
Message was edited by:
dan_roehl
[1317 byte] By [
dan_roehla] at [2007-11-27 1:23:07]
# 2
command used is:
dsconf import /path/to/ldif dc=my,dc=suffix
dc=my,dc=suffix was created using command:
dsconf create-suffix -h localhost -p myPort dc=my,dc=suffix
This command appeared to exit normally. However any command that I issue to the server via dsadm or dsconf now results in an "unable to bind securely" error.
However, if I run:
ldapsearch -h localhost -p 1391 -b "dc=ercot,dc=com" -x
I get;
# search result
search: 2
result: 32 No such object
So I guess the create-suffix did not create the suffix. However attempting to do that results in "unable to bind securely"....
I literally followed the install docs to the letter.
Message was edited by:
dan_roehl
# 3
I understand the frustration.
Have you tried to recreate the suffix ?
Does it complain that the suffix already exists or does it proceed with no error message.
Could you have another instance running on another port, hence the confusion maybe ?
Once you create the suffix with
dsconf create-suffix
check with
dsconf list-suffixes to see what you have on your instance.
then import using an admin user.
Acutally, if you are on the local host, I would suggest that you use the dsadm import /path/to/your/instance /path/to/your/fiile.ldif dc=ercot,dc=com
command to avoid going over protocol. It should be faster and hopefully save you some headache.
# 7
Yes this one is sneaky, but very powerful. In http://docs.sun.com/app/docs/doc/819-0993/6n3co69js?a=view, you see
"LDAP_ADMIN_USER
Directory administrator DN
To administer all servers registered with Directory Service Control Center, set this environment variable to cn=admin,cn=Administrators,cn=dscc."
This DN only works when you set up Directory Service Control Center, which enables cn=admin,cn=Administrators,cn=dscc.
Did you install using zips rather than packages by any chance? (In that case, you'd never get the cn=dscc stuff.)
Otherwise, on Directory Server, you get cn=admin,cn=Administrators,cn=config when you setup the server instance.
