On 7/18/19 1:53 PM, Leonard wrote:
Trying to use "admin"{SUBJECT_DN=CN=LDAPSERVER, SUBJECT={CN=LDAPSERVER}, SERIAL=3572, AFTERDATE=Tue Jan 02 12:01:36 2029, ISSUER={CN=389 DS}, SIGNATURE=SHA256withRSA, BEFOREDATE=Wed Jan 02 12:01:36 2019, KEYTYPE=RSA, REASONS={}, VERSION=3, ISSUER_DN=CN=389 DS} https://LDAPSERVER:9830/[0:0] open> Ready https://LDAPSERVER:9830/[0:0] accept> https://LDAPSERVER:9830/admin-serv/authenticate https://LDAPSERVER:9830/[0:0] send> GET \ https://LDAPSERVER:9830/[0:0] send> /admin-serv/authenticate \ https://LDAPSERVER:9830/[0:0] send> HTTP/1.0 https://LDAPSERVER:9830/[0:0] send> Host: LDAPSERVER:9830 https://LDAPSERVER:9830/[0:0] send> Connection: Keep-Alive https://LDAPSERVER:9830/[0:0] send> User-Agent: 389-Management-Console/1.1.17 https://LDAPSERVER:9830/[0:0] send> Accept-Language: en https://LDAPSERVER:9830/[0:0] send> Authorization: Basic \ https://LDAPSERVER:9830/[0:0] send> <REDACTED> \ https://LDAPSERVER:9830/[0:0] send> https://LDAPSERVER:9830/[0:0] send> https://LDAPSERVER:9830/[0:0] recv> HTTP/1.1 200 OK https://LDAPSERVER:9830/[0:0] recv> Date: Thu, 18 Jul 2019 17:44:35 GMT https://LDAPSERVER:9830/[0:0] recv> Server: Apache/2.2 HttpChannel.invoke: admin version = 2.2 https://LDAPSERVER:9830/[0:0] recv> Admin-Server: 389-Administrator/1.1.38 HttpChannel.invoke: admin version = 1.1.38 https://LDAPSERVER:9830/[0:0] recv> Content-Length: 314 https://LDAPSERVER:9830/[0:0] recv> Connection: close https://LDAPSERVER:9830/[0:0] recv> Content-Type: text/html https://LDAPSERVER:9830/[0:0] recv> https://LDAPSERVER:9830/[0:0] recv> Reading 314 bytes... https://LDAPSERVER:9830/[0:0] recv> 314 bytes read Console.replyHandler: adminVersion = 1.1.38 Trying to use "uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" CommManager> New CommRecord (https://LDAPSERVER:9830/admin-serv/authenticate) CREATE JSS SSLSocket https://LDAPSERVER:9830/[1:0] open> Ready https://LDAPSERVER:9830/[1:0] accept> https://LDAPSERVER:9830/admin-serv/authenticate https://LDAPSERVER:9830/[1:0] send> GET \ https://LDAPSERVER:9830/[1:0] send> /admin-serv/authenticate \ https://LDAPSERVER:9830/[1:0] send> HTTP/1.0 https://LDAPSERVER:9830/[1:0] send> Host: LDAPSERVER:9830 https://LDAPSERVER:9830/[1:0] send> Connection: Keep-Alive https://LDAPSERVER:9830/[1:0] send> User-Agent: 389-Management-Console/1.1.17 https://LDAPSERVER:9830/[1:0] send> Accept-Language: en https://LDAPSERVER:9830/[1:0] send> Authorization: Basic \ https://LDAPSERVER:9830/[1:0] send> <REDACTED> \ https://LDAPSERVER:9830/[1:0] send> https://LDAPSERVER:9830/[1:0] send> https://LDAPSERVER:9830/[1:0] recv> HTTP/1.1 401 Authorization Required https://LDAPSERVER:9830/[1:0] error> HttpException: Response: HTTP/1.1 401 Authorization Required Status: 401 URL: https://LDAPSERVER:9830/admin-serv/authenticate https://LDAPSERVER:9830/[1:0] close i/o stream https://LDAPSERVER:9830/[1:0] close socket https://LDAPSERVER:9830/[1:0] close> Closed I am not seeing a bind attempt in the access log when specifying the full DN.
Are you sure? I forgot to mention that there is log buffering. You have to wait 30 seconds before the action is actually written to disk for the access log. Also what is in the Admin Server access and error logs? /var/log/dirsrv/admin-serv/
Also, have you tried logging in as "cn=directory manager"?
_______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
-- 389 Directory Server Development Team _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
