posInitAdminserver.sh does not complete Admin server initialization

This document (7008567) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux
SUSE Linux Enterprise Point of Service
SUSE Linux Enterprise Server 11

Situation

The posInitAdminserver.sh script does not complete when executed to initialize the SLEPOS 11 Admin server.

The last message seen on the terminal screen is the following:

Importing LDAP directory information...

The script terminates without completing the initialization. 

Resolution

The posInitAdminserver.sh script always tries to access LDAP as localhost which does not match the host name specified in server.crt certificate.

Bug fixes were made in the posInitAdminserver.sh script and in the adminserver.conf.template to resolve the problem.

Apply the current SLEPOS 11 patches in the channel and do the following to fix this issue:

posInitAdminserver.sh --regenerate


Additional Information

Debug can be added to the script for diagnostic purposes. 
  • Make a copy of the original /usr/sbin/posInitAdminserver.sh script.
  • Add -x at the beginning of the script like this:
          #!/bin/bash -x
  • Save the script.
  • Run the script and enter the default requested data for the initialization.
The last messages seen in the debug output is the following:

+ ldapadd -x -c -H ldaps://localhost -D cn=<admin name>,o=<organization name>,c=<country name> -w<admin password> -f /tmp/tmp.<random string>
+ '[' 255 -ne 0 ']'
+ ERROR=3
+ err_exit ' ldapadd -x -c -H ldaps://localhost -D "cn=<admin name>,o=<organization name>,c=<country name>" -w"<admin password>" -f "/tmp/tmp.<random string>"'
+ err ldapadd -x -c -H ldaps://localhost -D '"cn=<admin name>,o=<organization name>,c=<country name>"' -w '"<admin password>"' -f '"/tmp/tmp.<random string>"'
+ case $ERROR in
+ '[' -f '' ']'
+exit 1

If the ldapadd command listed above in the output is manually executed with the -d1 switch for additional ldap debug, the following error message is seen:

TLS: hostname (linux.MyLocation.MyUnit.MyOrg.us) does not match common name in
certificate (linux.).
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7008567
  • Creation Date: 12-May-2011
  • Modified Date:03-Mar-2020
    • SUSE Linux Enterprise Point of Service

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback@suse.com

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center