[Fedora-directory-users] Missing tasks directory

Richard Megginson rmeggins at redhat.com
Fri Oct 12 13:43:59 UTC 2007 

Martin Eckel wrote:
> Am Do 11.10.2007 22:15 schrieb Richard Megginson <rmeggins at redhat.com>:
>
> > Martin Eckel wrote:
> > > Am Di 09.10.2007 17:47 schrieb Richard Megginson 
> <rmeggins at redhat.com>:
> > >
> > > > Martin Eckel wrote:
> > > > > Hi,
> > > > >
> > > > > I have installed fedora-ds-1.0.4-1 on a FC6 Linux. I am able 
> to run
> > > > > the startconsole, but when I open the Admin Server window and 
> select
> > > > > any item than an error message appears that it trys to access to
> > > > > /admin-serv/tasks/Configuration/ServerSetup. But the tasks 
> directory
> > > > > don't exist. I would expect that is was created by the rpm-package
> > > > > while installation but it isn't.
> > > > > I started the rpm-installation with the --nodeps argument (what I
> > > > > would like to avoid, I assume that could be the reason) because it
> > > > > says that no httpd is available, but an apache is already
> > > installed as
> > > > > source-package on this system. I have created a symbolic link 
> before
> > > > > to the httpd-file in /usr/sbin but that don't help.
> > > > > Anyone knows, why no tasks directory and its subfolders was 
> created
> > > > > after the installation ?
> > > > That URL path is not the actual path in the file system. The way the
> > > > admin server works is that it maps that URL to a LDAP entry 
> somewhere
> > > > under o=NetscapeRoot in the configuration directory server. It does
> > > > this so it can apply fine grained access control to each task 
> based on
> > > > Fedora DS ACIs, rather than on httpd access control.
> > > >
> > > > It's going to be tricky to install properly without an httpd.worker
> > > > package available for setup.
> > >
> > > My Apache is compiled as worker version.
> > >
> > > > >
> > > > > Excuse me for my bad English and many Thanks in advance
> > > > > Martin
> > > > >
> > > 
> ------------------------------------------------------------------------
> > > > >
> > > > > --
> > > > > Fedora-directory-users mailing list
> > > > > Fedora-directory-users at redhat.com
> > > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> > > > >
> > > >
> > >
> > > Thank you for your answer, Richard. I am still working on the same
> > > problem. I have checked my ldap structure into the Directory Server
> > > startconsole. There exists an "admin-serv-ldap" element into the
> > > NetscapeRoot Directory. I have called my servername "ldap" while the
> > > installation setup,so it should be correct. But if I click on any
> > > button into the Admin Server console window, the error-message shows
> > > that it trys to access to "admin-serv" directory.
> > Check the admin server access and error logs 
> /opt/fedora-ds/admin-serv/logs
> > > Also a mysterious thing is that if I click on a button into the
> > > Directory Server window, i.e. "Manage Certificates" than only an 
> empty
> > > box is appearing.
> > Check the admin server access and error logs?
> > > Is there any configuration file where this access path is defined ?
> > Not exactly. It's really very simple - the admin server converts the
> > path /admin-serv/Tasks/Name into an ldap entry - it first looks for the
> > admin server entry cn=admin-serv-ldap, then looks for cn=Name,cn=Tasks
> > under that entry.
> > >
> > > Regards,
> > > Martin
> > >
> > >
> > > 
> ------------------------------------------------------------------------
> > >
> > > --
> > > Fedora-directory-users mailing list
> > > Fedora-directory-users at redhat.com
> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> > >
> >
>
> This is a part of the admin-serv/logs/error file:
> [Fri Oct 12 14:37:02 2007] [notice] [client 217.24.204.116] 
> admserv_host_ip_check: ap_get_remote_host could not resolve 217.24.204.116
> [Fri Oct 12 14:37:02 2007] [warn] [client 217.24.204.116] 
> admserv_host_ip_check: failed to get host by ip addr [217.24.204.116] 
> - check your host and DNS configuration
> [Fri Oct 12 14:37:10 2007] [notice] [client 217.24.204.116] 
> admserv_host_ip_check: ap_get_remote_host could not resolve 217.24.204.116
> [Fri Oct 12 14:37:10 2007] [warn] [client 217.24.204.116] 
> admserv_host_ip_check: failed to get host by ip addr [217.24.204.116] 
> - check your host and DNS configuration
> [Fri Oct 12 14:37:10 2007] [error] [client 217.24.204.116] 
> (104)Connection reset by peer: ap_content_length_filter: 
> apr_bucket_read() failed
>
>
> And this will always repeated in the access file if I do something 
> into the Admin Server:
> 217.24.204.110 - admin [12/Oct/2007:14:36:54 +0200] "GET 
> /admin-serv/authenticate HTTP/1.0" 200 369
> 217.24.204.116 - uid=admin, ou=Administrators, ou=TopologyManagement, 
> o=NetscapeRoot [12/Oct/2007:14:37:00 +0200] "GET 
> /admin-serv/tasks/operation/StatusPing HTTP/1.0" 200 19
> 217.24.204.116 - uid=admin, ou=Administrators, ou=TopologyManagement, 
> o=NetscapeRoot [12/Oct/2007:14:37:02 +0200] "GET 
> /admin-serv/tasks/operation/StatusPing HTTP/1.0" 200 19
> 217.24.204.116 - uid=admin, ou=Administrators, ou=TopologyManagement, 
> o=NetscapeRoot [12/Oct/2007:14:37:10 +0200] "POST 
> /admin-serv/tasks/Configuration/ServerSetup HTTP/1.0" 20
> 0 58
>
> Could it be, that reverse DNS mapping is required for a correct 
> functionality of the Admin Server ?
It is if you want to restrict access by host name.  But you can disable 
this and just restrict access by IP address.  See 
http://directory.fedoraproject.org/wiki/Howto:AdminServerLDAPMgmt - 
please read the whole page then especially the section "How to set the 
hosts/IP addresses allowed to access the Admin Server"
> The URL of my ldap server has a valid entry in a DNS server ald I can 
> do a ping on it. In the error log is nothing else than the DNS errors
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20071012/9718d497/attachment.bin>

More information about the Fedora-directory-users mailing list