FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 04-14-2010, 09:45 AM
Daniel Maher
 
Default DNA plugin woes on a fresh centos-DS 8.1 install (now with a disastrous crash condition!)

On 04/13/2010 06:40 PM, Nathan Kinder wrote:


> can be used for the uidNumber and gidNumber attributes. These fields
> will not be auto-populated in the Console when you are adding an entry.

Thank you for the clarification !

> You enabled the plug-in, but a configuration entry is necessary for DNA
> to know what you want it to do.

That makes sense.

> masters, which you may or may not want. Are you using multi-master
> replication, and if so, do you need to automatically transfer ranges

No - single-master (to keep things simple).

> I'd like to see the DNA config entry you are attempting to add. You
> should also check the Directory Server errors log sicne it should say
> why the DNA config entry you are trying to add is invalid. Look for
> lines containing "dna_parse_config_entry".

The DNA config was exactly that as specified in the Red Hat
documentation, edited only to satisfy my local environment :

dn: cn=Account UIDs,cn=Distributed Numeric Assignment
Plugin,cn=plugins,cn=config
objectClass: top
objectClass: extensibleObject
cn: Account UIDs
dnatype: uidNumber
dnafilter: (objectclass=posixAccount)
dnascope: ou=People, dc=<dc>,dc=<dc>
dnanextvalue: 1
dnaMaxValue: 1300
dnasharedcfgdn: cn=Account UIDs,ou=Ranges,dc=<dc>,dc=<dc>
dnathreshold: 100
dnaRangeRequestTimeout: 60
dnaMagicRegen: magic

The related error log entry :

[13/Apr/2010:15:15:05 +0000] dna-plugin - dna_parse_config_entry: Unable
to locate shared configuration entry (cn=Account
UIDs,ou=Ranges,dc=<dc>,dc=<dc>)

access log :

[14/Apr/2010:09:16:28 +0000] conn=40 fd=66 slot=66 connection from
127.0.0.1 to 127.0.0.1
[14/Apr/2010:09:16:28 +0000] conn=40 op=0 BIND dn="cn=Directory Manager"
method=128 version=3
[14/Apr/2010:09:16:28 +0000] conn=40 op=0 RESULT err=0 tag=97 nentries=0
etime=0 dn="cn=directory manager"
[14/Apr/2010:09:16:28 +0000] conn=40 op=1 ADD dn="cn=Account
UIDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config"
[14/Apr/2010:09:16:28 +0000] conn=40 op=1 RESULT err=53 tag=105
nentries=0 etime=0
[14/Apr/2010:09:16:28 +0000] conn=40 op=2 UNBIND
[14/Apr/2010:09:16:28 +0000] conn=40 op=2 fd=66 closed - U1

As you mentioned, the likely culprit was the fact that the Red Hat entry
contains fields which are not present in my actual configuration. This
is entirely logical, and i should have picked up on that.

> exhausting any of the ranges. For a single master setup, you would just
> want to use a config entry like this:
>
> dn: cn=Account UIDs,cn=Distributed Numeric Assignment
> Plugin,cn=plugins,cn=config
> objectClass: top
> objectClass: extensibleObject
> cn: Account UIDs
> dnatype: uidNumber
> dnafilter: (objectclass=posixAccount)
> dnascope: ou=people, dc=example,dc=com
> dnaNextValue: 501

That looks quite sensible. After editing the dnascope and dnaNextValue
fields for my environment, i was successfully able to add this config entry.

adding new entry cn=Account UIDs,cn=Distributed Numeric Assignment
Plugin,cn=plugins,cn=config
modify complete

When i use the console to add a new user, it expects there to be a value
in three fields : UID Number, GID Number, and Home Directory. The
console will not create the entry if those fields are empty. If i
manually add numerical values into the UID or GID field, slapd crashes
instantly - and i do mean instantly, as there are no log entries at all.

The error log :
[14/Apr/2010:09:22:57 +0000] - CentOS-Directory/8.1.0 B2009.134.1334
starting up
[14/Apr/2010:09:22:57 +0000] - slapd started. Listening on All
Interfaces port 389 for LDAP requests
[14/Apr/2010:09:29:16 +0000] - CentOS-Directory/8.1.0 B2009.134.1334
starting up
[14/Apr/2010:09:29:16 +0000] - Detected Disorderly Shutdown last time
Directory Server was running, recovering database.
[14/Apr/2010:09:29:16 +0000] - slapd started. Listening on All
Interfaces port 389 for LDAP requests

At ~ 09:28, i attempted to add the user entry as described above. At ~
09:29 i manually restarted the dirsrv service. As you can see, there
are no long entries related to the interaction or the crash. The access
log is silent on this event as well.

Ths console states only the generic Cannot connect to the LDAP server
error message.

I can repeat this error condition consistently. Should i file a bug
report ?


--
Daniel Maher <dma + 389users AT witbe DOT net>
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 09:54 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org