posInitAdminserver.sh does not complete Admin server initialization
This document (7008567) is provided subject to the disclaimer at the end of this document.
Environment
SUSE Linux
SUSE Linux Enterprise Point of Service
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Point of Service
SUSE Linux Enterprise Server 11
Situation
The posInitAdminserver.sh script does not complete when executed to
initialize the SLEPOS 11 Admin server.
The last message seen on the terminal screen is the following:
Importing LDAP directory information...
The script terminates without completing the initialization.
The last message seen on the terminal screen is the following:
Importing LDAP directory information...
The script terminates without completing the initialization.
Resolution
The posInitAdminserver.sh script always tries to access LDAP as
localhost which does not match the host name specified in
server.crt certificate.
Bug fixes were made in the posInitAdminserver.sh script and in the adminserver.conf.template to resolve the problem.
Apply the current SLEPOS 11 patches in the channel and do the following to fix this issue:
posInitAdminserver.sh --regenerate
Bug fixes were made in the posInitAdminserver.sh script and in the adminserver.conf.template to resolve the problem.
Apply the current SLEPOS 11 patches in the channel and do the following to fix this issue:
posInitAdminserver.sh --regenerate
Additional Information
Debug can be added to the script for diagnostic purposes.
+ ldapadd -x -c -H ldaps://localhost -D cn=<admin name>,o=<organization name>,c=<country name> -w<admin password> -f /tmp/tmp.<random string>
+ '[' 255 -ne 0 ']'
+ ERROR=3
+ err_exit ' ldapadd -x -c -H ldaps://localhost -D "cn=<admin name>,o=<organization name>,c=<country name>" -w"<admin password>" -f "/tmp/tmp.<random string>"'
+ err ldapadd -x -c -H ldaps://localhost -D '"cn=<admin name>,o=<organization name>,c=<country name>"' -w '"<admin password>"' -f '"/tmp/tmp.<random string>"'
+ case $ERROR in
+ '[' -f '' ']'
+exit 1
If the ldapadd command listed above in the output is manually executed with the -d1 switch for additional ldap debug, the following error message is seen:
TLS: hostname (linux.MyLocation.MyUnit.MyOrg.us) does not match common name in
certificate (linux.).
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
- Make a copy of the original /usr/sbin/posInitAdminserver.sh script.
- Add -x at the beginning of the script like this:
- Save the script.
- Run the script and enter the default requested data for the initialization.
+ ldapadd -x -c -H ldaps://localhost -D cn=<admin name>,o=<organization name>,c=<country name> -w<admin password> -f /tmp/tmp.<random string>
+ '[' 255 -ne 0 ']'
+ ERROR=3
+ err_exit ' ldapadd -x -c -H ldaps://localhost -D "cn=<admin name>,o=<organization name>,c=<country name>" -w"<admin password>" -f "/tmp/tmp.<random string>"'
+ err ldapadd -x -c -H ldaps://localhost -D '"cn=<admin name>,o=<organization name>,c=<country name>"' -w '"<admin password>"' -f '"/tmp/tmp.<random string>"'
+ case $ERROR in
+ '[' -f '' ']'
+exit 1
If the ldapadd command listed above in the output is manually executed with the -d1 switch for additional ldap debug, the following error message is seen:
TLS: hostname (linux.MyLocation.MyUnit.MyOrg.us) does not match common name in
certificate (linux.).
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7008567
- Creation Date: 12-May-2011
- Modified Date:03-Mar-2020
-
- SUSE Linux Enterprise Point of Service
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
