El 18/05/18 a las 16:09, Mark Reynolds escribió:
>
> On 05/18/2018 03:01 PM, None via FreeIPA-users wrote:
>> hi!
>>
>> I'm new to FreeIPA, I inherited a FreeIPA infrastructure, and I'm
>> trying to have a Nagios check for the replication status (without
>> indicating a password). I found this article:
>>
<
https://danieljamesscott.org/11-articles/application-guides/26-freeipa-re...;.
>>
>> It's exactly what I want to do
>>
>> but, when I try to do the ldapmodify thing with
>> grant_anonymous_replication_view.ldif (only changing
>> cn="dc=example,dc=com" according to my installation), I get:
>>
>> $ ldapmodify -x -D "cn=directory manager" -W -f
>> grant_anonymous_replication_view.ldif -h ipa.mydomain.com.ar
>> Enter LDAP Password:
>>
>>
>> and it doesn't accept admin or directory manager password (?)
> Do you get an invalid credentials error (49), or?
that's right, I get:
ldap_bind: Invalid credentials (49)
>> do I have to make other changes to the ldif?
> No
>> or, what is the password I need?
> Only you would know, if you don't know it then you can always reset the
> directory manager password:
>
>
http://www.port389.org/docs/389ds/howto/howto-resetdirmgrpassword.html
I do have admin and directory manager password, I tried with both, and
I got the same result (?)
Sounds like you don't have the correct password if
you are getting error
49. The only other thing it could be is that the "cn=directory manager"
account is not setup as "cn=directory manager" in your setup. You can
confirm by grepping for "nsslapd-rootdn" from
/etc/dirsrv/slapd-YOUR_INSTANCE/dse.ldif. If it is set to "cn=directory
manager', then you have the wrong password and you should reset it.
Otherwise you have the wrong DN. It's one or the other.
Regards,
Mark