[Freeipa-devel] rawhide's ipa-server-install fails to configure directory server

Rob Crittenden rcritten at redhat.com
Tue Mar 11 01:50:57 UTC 2008 

Jim Meyering wrote:
> Hello,
> 
> I'm a total freeipa newbie and have only just subscribed to this list.
> Sorry if anything here is a FAQ.
> 
> On a rawhide-based system, updated a day or two ago, I ran
> ipa-server-install, and dir-server steps 4..9 each got
> CRITICAL failures, before it bailed out:
> 
>   # rpm -q ipa-server
>   ipa-server-0.99-11.fc9.i386
> 
> Note that I already have a kerberos principal set up,
> and it's not the "MEYERING.NET" I used in this process.
> Does that matter?
> 
> Here's the tail of it's output:
> 
> Please wait until the prompt is returned.
> Configuring ntpd
>   [1/4]: stopping ntpd
>   [2/4]: writing configuration
>   [3/4]: configuring ntpd to start on boot
>   [4/4]: starting ntpd
> done configuring ntpd.
> Configuring directory server:
>   [1/16]: creating directory server user
>   [2/16]: creating directory server instance
>   [3/16]: adding default schema
>   [4/16]: enabling memberof plugin
> root        : CRITICAL Failed to load memberof-conf.ldif: Command
> '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx -f /usr/share/ipa/memberof-conf.ldif' returned non-zero exit status 49
>   [5/16]: enabling referential integrity plugin
> root        : CRITICAL Failed to load referint-conf.ldif: Command
> '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx -f /usr/share/ipa/referint-conf.ldif' returned non-zero exit status 49
>   [6/16]: enabling distributed numeric assignment plugin
> root        : CRITICAL Failed to load dna-conf.ldif: Command '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx -f /usr/share/ipa/dna-conf.ldif' returned non-zero exit status 49
>   [7/16]: configuring uniqueness plugin
> root        : CRITICAL Failed to load unique-attributes.ldif: Command '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx -f /dev/shm/tmp4dWkvF' returned non-zero exit status 49
>   [8/16]: creating indices
> root        : CRITICAL Failed to load indices.ldif: Command '/usr/bin/ldapmodify -h 127.0.0.1 -xv -D cn=Directory Manager -w xxx -f /usr/share/ipa/indices.ldif' returned non-zero exit status 49
>   [9/16]: configuring ssl for ds instance
> Unexpected error - see ipaserver-install.log for details:
>  {'desc': 'Invalid credentials'}

Hmm, very strange. Can you look in 
/var/log/dirsrv/slapd-MEYERING-NET/errors to see if it has anything?

I'm not sure how this could happen. The Directory Server install 
shouldn't have happened if you already had a server running there (like 
openldap) so I'm not sure how it isn't authenticating the directory manager.

rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20080310/f5200d7b/attachment.bin>

More information about the Freeipa-devel mailing list