I have a problem when setting up LDAP/OD on our 10.3 server.
I started the LDAP server through Server Admin by promoting the server from stand alone to directory master. It created an LDAP server, that was listed in the Workgroup Manager under /LDAPv3/<its IP address> instead of /LDAPv3/127.0.0.1/. Because of this during creation the admin user is not copied to the db (it can't find the db on 127.0.0.1) and some attributes are not set either. Kerberos failes too, because of this. See the slapconfig.log at /Library/Logs/:
2005-06-23 17:15:05 +0200 - slapconfig -setstandalone
2005-06-28 12:01:47 +0200 - slapconfig -createldapmaster
2005-06-28 12:01:47 +0200 - Creating password server slot
2005-06-28 12:01:54 +0200 - copying admin user failed with error -14002
2005-06-28 12:01:55 +0200 - Configuring Kerberos server, realm is OSXSERVER.AXEL.NU
2005-06-28 12:01:55 +0200 - kdcsetup command output:
Contacting the Directory Server
dsOpenDirNode failed with error of type -14002
Unable to find the directory node at /LDAPv3/127.0.0.1 error = -14002
Failed to configure error = 2
2005-06-28 12:01:55 +0200 - kdcsetup command failed with status 2
2005-06-28 12:01:55 +0200 - sso_util command output:
DoConfigure: argc = 13
Creating the service list
Creating the service principals
kadmin: Cannot contact any KDC for requested realm while initializing kadmin interface
"resetting' the LDAP server by returning to stand alone mode and back did not solve the problem.
The LDAP server on <my IP address> is functioning normally when you access it through an LDAP browser such as jxplorer... but showing an empty db.
I cannot find out why the LDAP server is showing on <my IP address> but I know it should have been 127.0.0.1.
A clean install on a test rig shows no problems, and the LDAP server there duly shows up on 127.0.0.1. I can't find differences between these machines that migth cause this behaviour.
any help would be appreciated
I started the LDAP server through Server Admin by promoting the server from stand alone to directory master. It created an LDAP server, that was listed in the Workgroup Manager under /LDAPv3/<its IP address> instead of /LDAPv3/127.0.0.1/. Because of this during creation the admin user is not copied to the db (it can't find the db on 127.0.0.1) and some attributes are not set either. Kerberos failes too, because of this. See the slapconfig.log at /Library/Logs/:
2005-06-23 17:15:05 +0200 - slapconfig -setstandalone
2005-06-28 12:01:47 +0200 - slapconfig -createldapmaster
2005-06-28 12:01:47 +0200 - Creating password server slot
2005-06-28 12:01:54 +0200 - copying admin user failed with error -14002
2005-06-28 12:01:55 +0200 - Configuring Kerberos server, realm is OSXSERVER.AXEL.NU
2005-06-28 12:01:55 +0200 - kdcsetup command output:
Contacting the Directory Server
dsOpenDirNode failed with error of type -14002
Unable to find the directory node at /LDAPv3/127.0.0.1 error = -14002
Failed to configure error = 2
2005-06-28 12:01:55 +0200 - kdcsetup command failed with status 2
2005-06-28 12:01:55 +0200 - sso_util command output:
DoConfigure: argc = 13
Creating the service list
Creating the service principals
kadmin: Cannot contact any KDC for requested realm while initializing kadmin interface
"resetting' the LDAP server by returning to stand alone mode and back did not solve the problem.
The LDAP server on <my IP address> is functioning normally when you access it through an LDAP browser such as jxplorer... but showing an empty db.
I cannot find out why the LDAP server is showing on <my IP address> but I know it should have been 127.0.0.1.
A clean install on a test rig shows no problems, and the LDAP server there duly shows up on 127.0.0.1. I can't find differences between these machines that migth cause this behaviour.
any help would be appreciated