Thanks, Mark. When executing the ldapsearch that you suggested, I am
getting an error message: ldap_sasl_interactive_bind_s: Unknown
authentication method (-6) additional info: SASL(-4): no mechanism
available:
We have been replicating o=netscaperoot - I am not sure how up to date the
replicas are, considering the trouble that we are having with the config db
right now...
Cassandra Reed
978-762-4222
EDP Systems Analyst III
North Shore Community College
1 Ferncroft Road, Danvers MA 01923
On Thu, Aug 30, 2018 at 3:20 PM Mark Reynolds <mreynolds(a)redhat.com> wrote:
On 08/30/2018 03:07 PM, Cassandra Reed wrote:
Hi Mark,
You are correct, it does appear that the o=netscaperoot suffix was
removed.
No, I think it's still there. Try this search:
# ldapsearch -D "cn=directory manager" -W -b o=netscapeoot
objectclass=* dn
Maybe try restarting the admin server:
# restart-ds-admin
Are you replicating o=netscaperoot by any chance?
Mark
Below is a bit of the access log file during the launch of the console.
We have two other servers that this Master was replicating to, is it
possible to export the netscaperoot from one of those other two servers and
import to the Master? What would this require and would it be service
impacting at all? (Reboot of the server/etc.) One of the servers hasn't
been replicating in some time, would an older version of netscaperoot have
any impact on the userroot directory?
[30/Aug/2018:14:28:03 -0400] conn=1035324 fd=79 slot=79 connection from
127.0.0.1 to 127.0.0.1
[30/Aug/2018:14:28:03 -0400] conn=1035324 op=0 BIND dn="cn=Directory
Manager" method=128 version=3
[30/Aug/2018:14:28:03 -0400] conn=1035324 op=0 RESULT err=0 tag=97
nentries=0 etime=0 dn="cn=directory manager"
[30/Aug/2018:14:28:03 -0400] conn=1035324 op=1 SRCH
base="cn=user,cn=DefaultObjectClassesContainer,ou=1.1,ou=admin,ou=Global
Preferences,ou=northshore.edu,o=NetscapeRoot" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[30/Aug/2018:14:28:03 -0400] conn=1035324 op=1 RESULT err=32 tag=101
nentries=0 etime=0
[30/Aug/2018:14:28:03 -0400] conn=1035324 op=2 SRCH
base="cn=group,cn=DefaultObjectClassesContainer,ou=1.1,ou=admin,ou=Global
Preferences,ou=northshore.edu,o=NetscapeRoot" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[30/Aug/2018:14:28:03 -0400] conn=1035324 op=2 RESULT err=32 tag=101
nentries=0 etime=0
[30/Aug/2018:14:28:03 -0400] conn=1035324 op=3 SRCH
base="cn=OU,cn=DefaultObjectClassesContainer,ou=1.1,ou=admin,ou=Global
Preferences,ou=northshore.edu,o=NetscapeRoot" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[30/Aug/2018:14:28:03 -0400] conn=1035324 op=3 RESULT err=32 tag=101
nentries=0 etime=0
[30/Aug/2018:14:28:03 -0400] conn=1035324 op=4 SRCH
base="cn=ResourceEditorExtension,ou=1.1,ou=admin,ou=Global Preferences,ou=
northshore.edu,o=NetscapeRoot" scope=1
filter="(objectClass=nsAdminResourceEditorExtension)" attrs=ALL
[30/Aug/2018:14:28:03 -0400] conn=1035324 op=4 RESULT err=32 tag=101
nentries=0 etime=0
Thank you,
-Cassie
Cassandra Reed
978-762-4222
EDP Systems Analyst III
North Shore Community College
1 Ferncroft Road, Danvers MA 01923
On Thu, Aug 30, 2018 at 9:44 AM Mark Reynolds <mreynolds(a)redhat.com>
wrote:
> Are you logging in as Directory Manager?
>
> If you are, perhaps the o=netscaperoot suffix was removed from DS? You
> need to look at the access log in this case and what it's doing when you
> log in.
>
> Mark
>
>