Touch!
I check the error logs i mentioned before and they go back to October 4th, but they
don't indicate to me the change created the problem. My inclination is that some
change occurred that change a key. So how do I track that back?
I tested this on my 389 DS server.
ldapsearch [-x] -D "cn=directory manager" -W -b
"cn=admin-serv-zigzag,cn=389 Administration Server,cn=Server
Group,cn=zigzag.ccbox.com,ou=ccbox.com,o=NetscapeRoot"
The result was:
# search result
search: 2
result: 0 Success
# numResponses: 31
# numEntries: 30
Then I tested this:
ldapsearch -H
ldaps://zigzag.ccbox.com [-x] -D "cn=directory manager" -W
"cn=admin-serv-zigzag,cn=389 Administration Server,cn=Server
Group,cn=zigzag.ccbox.com,ou=ccbox.com,o=NetscapeRoot"
The result was:
# search result
search: 2
result: 0 Success
# numResponses: 222
# numEntries: 221
Why do I get the populate error? Does the two tests above provide any indication? I also
ran these tests from another linux system and received the same results. The error I am
seeing at restarting the Admin server doesn't seem to make sense if I am searching
correctly. I think it should have the records it needs to repopulate the server.
Also, I think I found an old admin server backup that was taken before any of these
problems surfaced. Anyone have a link that would walk me through the restore process? Is
this a good idea?
slapd-zigzag_2015-05-28:
total 10308
drwx------ 4 root root 4096 Jun 11 2015 .
drwxr-x--- 347 root root 20480 Apr 20 00:13 ..
-rw------- 1 root root 49 Jun 11 2015 DBVERSION
-rw------- 1 root root 20577 Jun 11 2015 dse_index.ldif
-rw------- 1 root root 893 Jun 11 2015 dse_instance.ldif
-rw------- 1 root root 10485760 Jun 11 2015 log.0000000001
drwx------ 2 root root 4096 Jun 11 2015 NetscapeRoot
drwx------ 2 root root 4096 Jun 11 2015 userRoot
My assumption is the NetscapeRoot folder contains fix I need to take me back to before
whatever change occurred to the admin server. Is this correct?
[root: NetscapeRoot]# ls -la
total 380
drwx------ 2 root root 4096 Jun 11 2015 .
drwx------ 4 root root 4096 Jun 11 2015 ..
-rw------- 1 root root 16384 Jun 11 2015 aci.db4
-rw------- 1 root root 32768 Jun 11 2015 ancestorid.db4
-rw------- 1 root root 49152 Jun 11 2015 cn.db4
-rw------- 1 root root 49 Jun 11 2015 DBVERSION
-rw------- 1 root root 49152 Jun 11 2015 entryrdn.db4
-rw------- 1 root root 16384 Jun 11 2015 givenName.db4
-rw------- 1 root root 98304 Jun 11 2015 id2entry.db4
-rw------- 1 root root 16384 Jun 11 2015 nsuniqueid.db4
-rw------- 1 root root 16384 Jun 11 2015 numsubordinates.db4
-rw------- 1 root root 16384 Jun 11 2015 objectclass.db4
-rw------- 1 root root 16384 Jun 11 2015 parentid.db4
-rw------- 1 root root 16384 Jun 11 2015 sn.db4
-rw------- 1 root root 16384 Jun 11 2015 uid.db4
-rw------- 1 root root 16384 Jun 11 2015 uniquemember.db4
Thanks,
Job Cacka
From: Job Cacka <cacka2it(a)yahoo.com>
To: "389-users(a)lists.fedoraproject.org"
<389-users(a)lists.fedoraproject.org>
Sent: Tuesday, April 19, 2016 11:24 AM
Subject: Re: Admin-server connection
I scheduled a reboot of the system during downtime last night. At startup I again got
these messages in the error log.
[Tue Apr 19 04:05:37 2016] [crit] populate_tasks_from_server(): Unable to search
[cn=admin-serv-zigzag,cn=389 Administration Server,cn=Server
Group,cn=zigzag.ccbox.com,ou=ccbox.com,o=NetscapeRoot] for LDAPConnection
[zigzag.ccbox.com:636]
We made some changes back in October 2015, but I don't remember what they were for.
TLS maybe?In:/etc/dirsrv/admin-serv/we changed:cert8.dbconsole.confkey3.dblocal.conf
I am going to check now to see if the errors are related to those changes, if my log files
go back far enough.
Any help is appreciated.
Thanks,
Job Cacka
From: Job Cacka <cacka2it(a)yahoo.com>
To: "389-users(a)lists.fedoraproject.org"
<389-users(a)lists.fedoraproject.org>
Sent: Monday, April 18, 2016 4:34 PM
Subject: Admin-server connection
Recently, I was researching samba connections, and noticed that the Linux 'Domain
Users' group was displaying as the Unix GID number instead of the name. I went to
login to the admin-server express from
'https://zigzag.ccbox.com:9830/dist/download' and that page loads but when I click
on the link I get.
"
Internal Server Error
The server encountered an internal error ormisconfiguration and was unable to completeyour
request.Please contact the server administrator, [no address given] and inform them of the
time the error occurred,and anything you might have done that may havecaused the
error.More information about this error may be availablein the server error log.ADDRESS:
Apache/2.2 Server at
zigzag.ccbox.com Port 9830
"
So I went over to the 389 Management Console on my Windows box and I enter cn=Directory
Manager the password and
https://zigzag.ccbox.com:9830 and I get a message saying the URL
is not correct or the server is not running. For kicks and giggles I tried it with http
instead of https and it gives an error that says,"Cannot logon because of an
incorrect User ID, Incorrect password, or Directory problem.
java.io.InterruptedIOExceptio: HTTP response timeout"Which indicates to me that the
correct protocol should be https:
To further verify this I ran the following command at the Linux CLI on the server and a
server that communicates with it.
ldapsearch -H
ldaps://zigzag.ccbox.com [-x] -b o=netscaperoot -D "cn=directory
manager" -W "objectclass=nsAdminConfig"
This returns 129 responses, but I don't know if they are valid or make sense. They
look like they are unique to my system.
Here is a pastbin of some error logs I noticed after I restarted the admin server with
stop-ds-admin and start-ds-admin.
#357156 • Fedora Project Pastebin
|
|
|
| | |
|
|
|
| |
#357156 • Fedora Project Pastebin
Fedora Sticky Notes is a feature-rich, yet lightweight paste utility | |
|
|
Job Cacka