[prev in list] [next in list] [prev in thread] [next in thread]
List: fedora-directory-users
Subject: =?utf-8?q?=5B389-users=5D?= Re: Configuring the 389-ds-base on Fedora 30
From: William Brown <wbrown () suse ! de>
Date: 2019-09-24 23:15:54
Message-ID: A2B01B4E-2F4D-4490-B04E-D17E540993E6 () suse ! de
[Download RAW message or body]
> On 25 Sep 2019, at 02:51, rtbell@granitemountain.com <rtbell@GRANITEMOUNTAIN.COM> \
> wrote:
> William,
>
> I started over from scratch and began to follow exactly the path I had charted out \
> with the inclusion of where the blanks and empty lines were to be in the various \
> command lines.
> It Worked!!!
>
> Thanks for your help and insights. That was what enabled me to get to this point.
Great to hear it! Happy to have helped :)
If you have any further questions, please let us know.
>
> Bob
>
> -----Original Message-----
> From: William Brown [mailto:wbrown@suse.de]
> Sent: Monday, September 23, 2019 20:58
> To: 389-users@lists.fedoraproject.org
> Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30
>
> Okay, so you need to create the domain objects then. I'm not sure your ldapadd file \
> is correct though, I think you need a blank line between the two entries?
> > On 24 Sep 2019, at 12:55, rtbell@GRANITEMOUNTAIN.COM wrote:
> >
> > William,
> >
> > The result was the same except that the base was <dc=granitemountain,
> > dc=com> with scope subtree instead of <dc=granitemountain,> with scope
> > subtree
> >
> > Bob
> >
> > -----Original Message-----
> > From: William Brown [mailto:wbrown@suse.de]
> > Sent: Monday, September 23, 2019 20:43
> > To: 389-users@lists.fedoraproject.org
> > Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30
> >
> > You need to quote it because else the shell thinks it's two arguments?
> >
> > > On 24 Sep 2019, at 12:31, rtbell@granitemountain.com \
> > > <rtbell@GRANITEMOUNTAIN.COM> wrote:
> > > William -
> > >
> > > I did it with this command:
> > > ldapsearch -b dc=granitemountain, dc=com -h $HOSTNAME -x -D
> > > 'cn=Directory Manager' -W
> > >
> > > The results were:
> > > # extended LDIF
> > > #
> > > # LDAPv3
> > > # base <dc=granitemountain,> with scope subtree # filter: dc=com #
> > > requesting: ALL #
> > >
> > > # search: results
> > > search: 2
> > > result: 32 No such object
> > >
> > > # numResponses: 1
> > >
> > > I am not sure what the ',' is doing in the base definition
> > > [<dc=granitemountain,>]
> > >
> > >
> > > Bob
> > >
> > > -----Original Message-----
> > > From: William Brown [mailto:wbrown@suse.de]
> > > Sent: Monday, September 23, 2019 19:37
> > > To: 389-users@lists.fedoraproject.org
> > > Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30
> > >
> > > Can you do an ldapsearch -b dc=granitemountain, dc=com -h ... -x -D ... -W and \
> > > see what exists already?
> > > > On 24 Sep 2019, at 10:39, rtbell@granitemountain.com \
> > > > <rtbell@GRANITEMOUNTAIN.COM> wrote:
> > > > William,
> > > >
> > > > I was trying it as you suggested. It now gets past the password issue. \
> > > > However, I am not hitting another roadblock.
> > > > The original entries in the file I created are:
> > > > dn: dc=granitemountain, dc=com
> > > > objectClass: domain
> > > > dc: granitemountain
> > > > dn: dc=pki, dc=granitemountain, dc=com
> > > > objectClass: domain
> > > > dc: pki
> > > >
> > > > When I created the file (without the leading tabs of course) I then used the \
> > > > command: ldapadd -f /tmp/ldapadd-file -h $HOSTNAME -x -D 'cn=Directory \
> > > > Manager'
> > > > -W as you suggested.
> > > >
> > > > That got me past the password issue. Now however, it created the
> > > > first record (for the granitemountain domain) but it now issues a new error.
> > > > The transcript is
> > > >
> > > > Adding new entry "dc=pki", dc=granitemountain, dc=com"
> > > > Ldap_add: No such object (32)
> > > >
> > > > Any thoughts?
> > > >
> > > > Bob
> > > >
> > > > -----Original Message-----
> > > > From: William Brown [mailto:wbrown@suse.de]
> > > > Sent: Monday, September 23, 2019 18:20
> > > > To: 389-users@lists.fedoraproject.org
> > > > Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30
> > > >
> > > > Can you try the -f /file/of/changes rather than redirecting into the command? \
> > > >
> > > > > On 24 Sep 2019, at 10:16, rtbell@GRANITEMOUNTAIN.COM wrote:
> > > > >
> > > > > William, thanks for responding. In the original command string I used -w \
> > > > > redhat123 instead of -W which causes a prompt for the password. In both \
> > > > > cases, I got the same error.
> > > > > -----Original Message-----
> > > > > From: William Brown [mailto:wbrown@suse.de]
> > > > > Sent: Monday, September 23, 2019 18:12
> > > > > To: 389-users@lists.fedoraproject.org
> > > > > Subject: [389-users] Re: Configuring the 389-ds-base on Fedora 30
> > > > >
> > > > >
> > > > >
> > > > > > On 24 Sep 2019, at 09:46, rtbell@granitemountain.com \
> > > > > > <rtbell@GRANITEMOUNTAIN.COM> wrote:
> > > > > > I have hit a roadblock and would appreciate any help I can get. I am \
> > > > > > running in a VM Workstation virtualization platform on a Windows 10 host \
> > > > > > machine.
> > > > > > I created a LAMP version of Fedora 30 using mariadb instead of mysql. I \
> > > > > > changed the host name to cn-poc-pki.granitemountain.com rebooted the \
> > > > > > system and verified that the host name was correct. I added \
> > > > > > cn-poc-pki.granitemountain.com to the hosts table and rebooted again. I \
> > > > > > then used dnf install 389-ds-base to retrieve the 389-ds subsystem. I \
> > > > > > used dscreate create-template ds.tmp to create a template. I used vim to \
> > > > > > update the fields in the template file I am attaching the template file. \
> > > > > > When I try to assert an ldapadd –h $HOSTNAME –x –D \
> > > > > > "cn=DirectoryManager" –W <<EOF with a number of additional parameters, \
> > > > > > I get an ldap_bind: Invalid credentials (49) error message. Obviously I \
> > > > > > have misconfigured something but I have been unable to discover what it \
> > > > > > might be. Could some of you experts please look at my configuration and \
> > > > > > tell me what I screwed up, please?
> > > > >
> > > > > Hey there,
> > > > >
> > > > > I wonder if you try something like:
> > > > >
> > > > > ldapadd -f /path/to/file/of/changes -h $HOSTNAME -x -D
> > > > > 'cn=Directory Manager' -W
> > > > >
> > > > > If that works.
> > > > >
> > > > > I think that -W prompts, so right now you are echoing your changes as the \
> > > > > password perhaps.
> > > > > Hope that helps
> > > > >
> > > > > >
> > > > > > Bob Bell
> > > > > >
> > > > > > Granite Mountain Security Consultancy, LLC.
> > > > > > 90 W 500 South, #404
> > > > > > Bountiful UT 84010
> > > > > >
> > > > > > 801-971-4200 (cell)
> > > > > > rtbell@granitemountain.com
> > > > > >
> > > > > > "Beware the engineers of society, I say, who would make everyone
> > > > > > in all the world equal.
> > > > > > Opportunity should be equal, must be equal, but achievement must
> > > > > > remain individual."
> > > > > > ---Drizzt Do'Urden
> > > > > >
> > > > > >
> > > > > >
> > > > > > <ds.tmp>_______________________________________________
> > > > > > 389-users mailing list -- 389-users@lists.fedoraproject.org To
> > > > > > unsubscribe send an email to
> > > > > > 389-users-leave@lists.fedoraproject.org
> > > > > > Fedora Code of Conduct:
> > > > > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > > > > List Guidelines:
> > > > > > https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > > > > List Archives:
> > > > > > https://lists.fedoraproject.org/archives/list/389-users@lists.fedo
> > > > > > r
> > > > > > a
> > > > > > p
> > > > > > r
> > > > > > oject.org
> > > > >
> > > > > —
> > > > > Sincerely,
> > > > >
> > > > > William Brown
> > > > >
> > > > > Senior Software Engineer, 389 Directory Server SUSE Labs
> > > > > _______________________________________________
> > > > > 389-users mailing list -- 389-users@lists.fedoraproject.org To
> > > > > unsubscribe send an email to
> > > > > 389-users-leave@lists.fedoraproject.org
> > > > > Fedora Code of Conduct:
> > > > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > > > List Guidelines:
> > > > > https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > > > List Archives:
> > > > > https://lists.fedoraproject.org/archives/list/389-users@lists.fedor
> > > > > a p r oject.org _______________________________________________
> > > > > 389-users mailing list -- 389-users@lists.fedoraproject.org To
> > > > > unsubscribe send an email to
> > > > > 389-users-leave@lists.fedoraproject.org
> > > > > Fedora Code of Conduct:
> > > > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > > > List Guidelines:
> > > > > https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > > > List Archives:
> > > > > https://lists.fedoraproject.org/archives/list/389-users@lists.fedor
> > > > > a
> > > > > p
> > > > > r
> > > > > oject.org
> > > >
> > > > —
> > > > Sincerely,
> > > >
> > > > William Brown
> > > >
> > > > Senior Software Engineer, 389 Directory Server SUSE Labs
> > > > _______________________________________________
> > > > 389-users mailing list -- 389-users@lists.fedoraproject.org To
> > > > unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> > > > Fedora Code of Conduct:
> > > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > > List Guidelines:
> > > > https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > > List Archives:
> > > > https://lists.fedoraproject.org/archives/list/389-users@lists.fedora
> > > > p r oject.org _______________________________________________
> > > > 389-users mailing list -- 389-users@lists.fedoraproject.org To
> > > > unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> > > > Fedora Code of Conduct:
> > > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > > List Guidelines:
> > > > https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > > List Archives:
> > > > https://lists.fedoraproject.org/archives/list/389-users@lists.fedora
> > > > p
> > > > r
> > > > oject.org
> > >
> > > —
> > > Sincerely,
> > >
> > > William Brown
> > >
> > > Senior Software Engineer, 389 Directory Server SUSE Labs
> > > _______________________________________________
> > > 389-users mailing list -- 389-users@lists.fedoraproject.org To
> > > unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> > > Fedora Code of Conduct:
> > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > List Guidelines:
> > > https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > List Archives:
> > > https://lists.fedoraproject.org/archives/list/389-users@lists.fedorap
> > > r oject.org _______________________________________________
> > > 389-users mailing list -- 389-users@lists.fedoraproject.org To
> > > unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> > > Fedora Code of Conduct:
> > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > List Guidelines:
> > > https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > List Archives:
> > > https://lists.fedoraproject.org/archives/list/389-users@lists.fedorap
> > > r
> > > oject.org
> >
> > —
> > Sincerely,
> >
> > William Brown
> >
> > Senior Software Engineer, 389 Directory Server SUSE Labs
> > _______________________________________________
> > 389-users mailing list -- 389-users@lists.fedoraproject.org To
> > unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> > Fedora Code of Conduct:
> > https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > List Guidelines:
> > https://fedoraproject.org/wiki/Mailing_list_guidelines
> > List Archives:
> > https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr
> > oject.org _______________________________________________
> > 389-users mailing list -- 389-users@lists.fedoraproject.org To
> > unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> > Fedora Code of Conduct:
> > https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > List Guidelines:
> > https://fedoraproject.org/wiki/Mailing_list_guidelines
> > List Archives:
> > https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr
> > oject.org
>
> —
> Sincerely,
>
> William Brown
>
> Senior Software Engineer, 389 Directory Server SUSE Labs \
> _______________________________________________ 389-users mailing list -- \
> 389-users@lists.fedoraproject.org To unsubscribe send an email to \
> 389-users-leave@lists.fedoraproject.org Fedora Code of Conduct: \
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: \
> https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: \
> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org \
> _______________________________________________ 389-users mailing list -- \
> 389-users@lists.fedoraproject.org To unsubscribe send an email to \
> 389-users-leave@lists.fedoraproject.org Fedora Code of Conduct: \
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: \
> https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: \
> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic