On Tue, 11 Nov 2014, Janelle wrote:
In this case it is the exact password and it worked in the first line
but not in the second.
Now to make things even more strange -- I have 8 replicas -- and 3 of
them show this problem, the others do not -- WOW..
cn=config subtree is not replicated in FreeIPA, thus if you have
different passwords for Directory Manager (they are stored in
cn=config), this must be a problem local to a replica, not a replication
issue.
Perhaps some script or a person changed the directory manager's
password?
For the record, the password is stored in nsslapd-rootpw attribute of
cn=config:
dn: cn=config
nsslapd-rootdn: cn=Directory Manager
nsslapd-rootpw: {SSHA}some-hash-value
You can check the content of /etc/dirsrv/slapd-INSTANCE/dse.ldif
directly. Do not change the file while directory server is running as
your changes will be overridden.
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project