logs archiveBotHelp.net / Freenode / #389 / 2015 / July / 22 / 1
YamakasY
anyone around ?
nhosoi_
YamakasY: what is the bind method?
YamakasY: ldappasswd requires some security level. so, please try over SSL or SASL.
(if not yet...)
YamakasY
nhosoi_: just a sec
nhosoi_: ldappasswd -h localhost -ZZ -p 7389 -x -D "cn=Directory Manager" -W -T /root/dm_password uid=admin,ou=people,o=ipaca
should work
nhosoi_
i think so...
YamakasY
but it doesn't accept my password
but for a simple search it does
and I reset it the 389 way
nhosoi_
what is logged in the access log?
49?
YamakasY
nhosoi_: of pki or my instance ?
nhosoi_
oh, ds access log...
YamakasY
I see this ldap_bind: Invalid credentials (49)
nhosoi_
/var/log/dirsrv/slapd-YOURID/access
YamakasY
checking log now
nhosoi_
ok...
YamakasY
slapi_ldap_bind - Error: could not perform interactive bind for id [] mech [GSSAPI]: error -1 (Can't contact LDAP server)
huh weird
oh that can be
puppet run
nhosoi_
so, if you use '-ZZ -p 7389 -x -D "cn=Directory Manager" -W' with other ldap commands, it works?
like ldapsearch?
YamakasY
notjing logged so far, let me check
nhosoi_: yes that works
nhosoi_
hmmm... odd...
YamakasY
yap
nhosoi_
but why mech [GSSAPI]? I thought you are binding with startTLS...
i'm confused...
YamakasY
yeah no, that was a puppet run, sorry
by bad
but odd huh
nhosoi_
indeed.
YamakasY
I wonder how to solve it
nhosoi_
so, the command line itself fails or the server rejects the request?
the server, right?
YamakasY
commandline fails
nah
server rejects
the od thing is, I can use my old password on that command
but not on the search
nhosoi_
rejects with 49?
YamakasY
yap
maybe change the PKI one too ?
nhosoi_
YamakasY: I tried it myself and it worked fine...
ldappasswd -ZZ -h MYFQDN -p 389 -D 'cn=directory manager' -w DIRMGR_PASSWORD -s "newnewpassword" "uid=admin,ou=people,o=ipaca"
This command line was successful.
and the password of "uid=admin,ou=people,o=ipaca" is now newnewpassword ....
YamakasY
nhosoi_: on that command I get:
Result: No such object (32)
Additional info: No such Entry exists.
nhosoi_
that's about 'cn=directory manager' or "uid=admin,ou=people,o=ipaca"...
either does not exist in your DS?
YamakasY
I changed it and on my old password ir works
but not on my new ldap password
and nothing get's changed
at least, I get no reply back
and no error
both exist
this is dogtag 9, not 10
nhosoi_
sorry, not sure about dogtag...
Babalu_aye
saludos
chateando y buscando sopore n espaƱol