Re: [CentOS] openldap migration script fails...
good advise. i've got just two questions: 1. since it's just being used for authentication, could I just migrate passwd, shadow and group? 2. would the command be: slapadd < myfile.ldif? thanks a lot! steve Craig White wrote: On Thu, 2007-07-19 at 15:26 -0500, Steve Strong wrote: OK, now this is getting better. the openldap server seems to function OK, but running the migration scripts results in a duplicate entry error while "migrate_all_offline.sh" is processing /etc/services. the duplicate entry is "echo" and when i looked at the file their are two entries, one for tcp and one for udp. shouldn't these migration scripts be able to hangke this? anyhow, when the script terminates in tells me where there is an .ldif file. does any one know how to use that file as an input to another app after i edit out all of the duplicate entries??? or is there a better way to get around this? I always found it best to run the migrate scripts into files which I can edit and then slapadd when I had them all done. -- Steve Strong Math and Computer Science Washington High School 2205 Forest Dr. SE Cedar Rapids, IA 52403 http://crwash.org mailto:[EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] openldap migration script fails...
OK, now this is getting better. the openldap server seems to function OK, but running the migration scripts results in a duplicate entry error while "migrate_all_offline.sh" is processing /etc/services. the duplicate entry is "echo" and when i looked at the file their are two entries, one for tcp and one for udp. shouldn't these migration scripts be able to hangke this? anyhow, when the script terminates in tells me where there is an .ldif file. does any one know how to use that file as an input to another app after i edit out all of the duplicate entries??? or is there a better way to get around this? thanks! steve > nice! thanks, BUT now migrating the file stuff (passwd, shadow, etc) > proceeds wonderfully, but when it finishes and tries to restart slapd, > it says it can't find the server. > steve > > joseph tacuyan wrote: >> >> >> On 7/19/07, *Steve Strong* <[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>> wrote: >> >> ... with this error message: >> >> Preparing LDAP database... >> => bdb_tool_entry_put: id2entry_add failed: DB_KEYEXIST: Key/data >> pair >> already exists (-30996) >> => bdb_tool_entry_put: txn_aborted! DB_KEYEXIST: Key/data pair >> already >> exists (-30996) >> slapadd: could not add entry dn="dc=washcslab,dc=org" (line=5): >> txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996) >> Migration failed: saving failed LDIF to /tmp/nis.ldif.Gi3667 >> >> ok, so this is the second (or fourth) time i've done this, but is >> there >> a way to delete the existing key??? >> >> any help would be greatly appreciated! >> steve >> >> -- >> Steve Strong >> Math and Computer Science >> Washington High School >> 2205 Forest Dr. SE >> Cedar Rapids, IA 52403 >> http://crwash.org >> mailto: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> >> >> ___ >> CentOS mailing list >> CentOS@centos.org <mailto:CentOS@centos.org> >> http://lists.centos.org/mailman/listinfo/centos >> >> >> Yes, via ldapdelete. >> >> >> ___ >> CentOS mailing list >> CentOS@centos.org >> http://lists.centos.org/mailman/listinfo/centos >> > > > -- > Steve Strong > Math and Computer Science > Washington High School > 2205 Forest Dr. SE > Cedar Rapids, IA 52403 > http://crwash.org > mailto:[EMAIL PROTECTED] > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Steve Strong Math an Computer Science Washington High School 2205 Forest Dr. SE Cedar Rapids, IA 52402 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] openldap migration script fails...
nice! thanks, BUT now migrating the file stuff (passwd, shadow, etc) proceeds wonderfully, but when it finishes and tries to restart slapd, it says it can't find the server. steve joseph tacuyan wrote: On 7/19/07, *Steve Strong* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: ... with this error message: Preparing LDAP database... => bdb_tool_entry_put: id2entry_add failed: DB_KEYEXIST: Key/data pair already exists (-30996) => bdb_tool_entry_put: txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996) slapadd: could not add entry dn="dc=washcslab,dc=org" (line=5): txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996) Migration failed: saving failed LDIF to /tmp/nis.ldif.Gi3667 ok, so this is the second (or fourth) time i've done this, but is there a way to delete the existing key??? any help would be greatly appreciated! steve -- Steve Strong Math and Computer Science Washington High School 2205 Forest Dr. SE Cedar Rapids, IA 52403 http://crwash.org mailto: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ___ CentOS mailing list CentOS@centos.org <mailto:CentOS@centos.org> http://lists.centos.org/mailman/listinfo/centos Yes, via ldapdelete. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Steve Strong Math and Computer Science Washington High School 2205 Forest Dr. SE Cedar Rapids, IA 52403 http://crwash.org mailto:[EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] openldap migration script fails...
... with this error message: Preparing LDAP database... => bdb_tool_entry_put: id2entry_add failed: DB_KEYEXIST: Key/data pair already exists (-30996) => bdb_tool_entry_put: txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996) slapadd: could not add entry dn="dc=washcslab,dc=org" (line=5): txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996) Migration failed: saving failed LDIF to /tmp/nis.ldif.Gi3667 ok, so this is the second (or fourth) time i've done this, but is there a way to delete the existing key??? any help would be greatly appreciated! steve -- Steve Strong Math and Computer Science Washington High School 2205 Forest Dr. SE Cedar Rapids, IA 52403 http://crwash.org mailto:[EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NIS problems after installation
Paul Heinlein wrote: On Mon, 16 Jul 2007, Steve Strong wrote: so, i just installed CentOS on our server and set up NIS using the same configuration as on our other server, but the clients' ypbind services complain that although they can find the correct server, the server does not respond to requests. to debug this, i've: *pinged the server using its ip and it's name *ssh'ed to the server using it's ip and name *ftp'd to the server using its ip and name *used dig to get the server's address from itself (dig @stretch stretch.washcslab.org *checked to see that nfs and ypserv are running *checked to see if stretch could bind to it's own nis server and all of these were successful. so, I also: * run ypserv (on the server) and ypbind (on the server) both in debug mode and gotten no errors * run ypserv (on the server) and ypbind (on the CLIENT) both in debug mode and gotten no errors any help with this really gnarly bug would be greatly appreciated! steve Is ypserv compiled against libwrap? Does there need to be a hosts.allow entry? Is SELinux enabled? Does /var/log/audit/audit.log show anything? Is iptables in use? Does an exception need to be made? Can you attach strace to ypserv and see anything of significance? ypserv: i didn't compile it, i used the rpm that is standard with an installation --- selinux: disabled (which i hate) iptables: how do i go about making an exception -- this seems like the problem, since there is no report of an attempt to connect to ypserv by a client in the debug output of a call to start ypserv -- Steve Strong Math and Computer Science Washington High School 2205 Forest Dr. SE Cedar Rapids, IA 52403 http://crwash.org mailto:[EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NIS problems after installation
Clint Dilks wrote: Steve Strong wrote: so, i just installed CentOS on our server and set up NIS using the same configuration as on our other server, but the clients' ypbind services complain that although they can find the correct server, the server does not respond to requests. to debug this, i've: *pinged the server using its ip and it's name *ssh'ed to the server using it's ip and name *ftp'd to the server using its ip and name *used dig to get the server's address from itself (dig @stretch stretch.washcslab.org *checked to see that nfs and ypserv are running *checked to see if stretch could bind to it's own nis server and all of these were successful. so, I also: * run ypserv (on the server) and ypbind (on the server) both in debug mode and gotten no errors * run ypserv (on the server) and ypbind (on the CLIENT) both in debug mode and gotten no errors any help with this really gnarly bug would be greatly appreciated! steve Hi, Are you running with Security Enhanced Linux Enabled or Disabled ? If so try disabling it at least temporarily. Some people will say set to permissive mode rather than disable, but specifically for NIS I have seen different behaviour between permissive and disabled. If this works others may be able to assist you with getting SE Linux worknig with NIS. Are you running a Firewall ? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos i'm running a firewall, but selinux is disabled. what should i look for in the firewall? steve -- Steve Strong Math and Computer Science Washington High School 2205 Forest Dr. SE Cedar Rapids, IA 52403 http://crwash.org mailto:[EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] NIS problems after installation
so, i just installed CentOS on our server and set up NIS using the same configuration as on our other server, but the clients' ypbind services complain that although they can find the correct server, the server does not respond to requests. to debug this, i've: *pinged the server using its ip and it's name *ssh'ed to the server using it's ip and name *ftp'd to the server using its ip and name *used dig to get the server's address from itself (dig @stretch stretch.washcslab.org *checked to see that nfs and ypserv are running *checked to see if stretch could bind to it's own nis server and all of these were successful. so, I also: * run ypserv (on the server) and ypbind (on the server) both in debug mode and gotten no errors * run ypserv (on the server) and ypbind (on the CLIENT) both in debug mode and gotten no errors any help with this really gnarly bug would be greatly appreciated! steve -- Steve Strong Math and Computer Science Washington High School 2205 Forest Dr. SE Cedar Rapids, IA 52403 http://crwash.org mailto:[EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos