Hi Eric,
The console has given me a few headaches in the past but so has my own mistakes... :)
Obvious things that can be wrong include:
Firewall issues
Is the admin server running, that may sound obvious but you will be surprised the number
of times it has caught me.
If you have anonymous access disabled and ssl only access then the console will not work
without doing some extra things. There is a bug related to this were the internals still
try to use anonymous which will fail for obvious reasons because you have disallowed it.
Please feel free to contact me via msn or yahoo as per the private email or alternatively
if you can give a complete listing of what settings you have set and configured that might
help to shed light on the problem.
Can you access 9830 with curl locally on the box? have a look in the admin server's
logs for why you are getting 401 errors.
Regards
-----Original Message-----
From: 389-users-bounces(a)lists.fedoraproject.org [mailto:389-users-
bounces(a)lists.fedoraproject.org] On Behalf Of Eric Donkersloot
Sent: 29 November 2010 09:51
To: General discussion list for the 389 Directory server project.
Subject: Re: [389-users] New 389 ds install - cannot logon to adm console
Hi Gerrard,
Unfortunately it doesn't. I tried to login as the admin user using the fqdn.
The debug console output gives me:
389-Management-Console/1.1.5 B2010.123.2251
CommManager> New CommRecord
(
http://bla.blablabla.bla:9830/admin-serv/authenticate)
http://bla.blablabla.bla:9830/[0:0] open> Ready
http://bla.blablabla.bla:9830/[0:0] accept>
http://bla.blablabla.bla:9830/admin-serv/authenticate
http://bla.blablabla.bla:9830/[0:0] send> GET \
http://bla.blablabla.bla:9830/[0:0] send> /admin-serv/authenticate \
http://bla.blablabla.bla:9830/[0:0] send> HTTP/1.0
http://bla.blablabla.bla:9830/[0:0] send> Host: bla.blablabla.bla:9830
http://bla.blablabla.bla:9830/[0:0] send> Connection: Keep-Alive
http://bla.blablabla.bla:9830/[0:0] send> User-Agent:
389-Management-Console/1.1.5
http://bla.blablabla.bla:9830/[0:0] send> Accept-Language: en
http://bla.blablabla.bla:9830/[0:0] send> Authorization: Basic \
http://bla.blablabla.bla:9830/[0:0] send> YWRtaW46U1VSRm5ldDIwMTA= \
http://bla.blablabla.bla:9830/[0:0] send>
http://bla.blablabla.bla:9830/[0:0]
send>
http://bla.blablabla.bla:9830/[0:0] recv> HTTP/1.1 401 Authorization
Required
http://bla.blablabla.bla:9830/[0:0] error> HttpException:
Response: HTTP/1.1 401 Authorization Required
Status: 401
URL:
http://bla.blablabla.bla:9830/admin-serv/authenticate
http://<our>.<testserver>.<suffix>:9830/[0:0] close> Closed
/var/log/dirsrv/admin-serv/error:
[Mon Nov 29 10:48:07 2010] [crit] openLDAPConnection(): util_ldap_init
failed for ldap://:389 [Mon Nov 29 10:48:07 2010] [warn] Unable to open
initial LDAPConnection to populate LocalAdmin tasks into cache.
[Mon Nov 29 10:48:08 2010] [notice] Apache/2.2.17 (Unix) configured --
resuming normal operations [Mon Nov 29 10:48:08 2010] [crit]
openLDAPConnection(): util_ldap_init failed for ldap://:389 [Mon Nov 29
10:48:08 2010] [warn] Unable to open initial LDAPConnection to populate
LocalAdmin tasks into cache.
[Mon Nov 29 10:48:51 2010] [notice] [client xxx.xx.xxx.xx]
admserv_host_ip_check: Unauthorized host ip=xxx.xx.xxx.xx, connection
rejected
Kind regards,
Eric
Gerrard Geldenhuis wrote:
> Hi Eric, As a start always use the fqdn of the host rather than
> 127.0.0.1 when connecting via the console. Secondly, 389-console has a
> debug flag available that you can use while connecting that will shed
> additional light on any other problems that may be causing issues.
>
> Regards
--
Eric Donkersloot
SURFnet
Radboudkwartier 273
3511 CK Utrecht
M +31 6 4115 4547
eric.donkersloot(a)surfnet.nl
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________