Netscape Directory Server core dumps
Hi,
I have NDS version 5.1 running on Solaris 10. My software is querying the LDAP at around 10-15 requests/sec. The LDAP memory is runnig at around 50M. (I have around 900 entries in the LDAP tree). At some random instance of time, the LDAP memory shoots up from 50M to 3.2 GB when it goes out of memory and then restarts. My software has a LDAP connection pool to it and one of the threads goes OutOfmemory after the error.
The LDAP does a core dump during the process. From the analysis of the core dump, it seems that it is trying to access some memory which is not part of the LDAP process map.
bash-3.00$ mdb core
mdb: failed to initialize /lib/libc_db.so.1: libthread_db call failed unexpectedly
mdb: warning: debugger will only be able to examine raw LWPs
Loading modules: [ libc.so.1 libuutil.so.1 ld.so.1 ]
::stacklibc_psr.so.1`memcpy+0x234(87c00038, 6b646174, 74776f6a, 8, 6b646174, 0)
libslapd.so`slapi_dup_control+0x94(53db678, 2ce38f8, fc93ff2c, 0, 2ce38f8,2ce38f8)
0x2f3b4(7e55c80, 2f30150, 2ce6bb8, 4c7fde8, 2f30150, ffffffff)
0xfef17d18(2f60164, fc940000, 0, 0, fef17c74, 1)
0xff2c8a20(0, 0, 0, 0, 0, 0)
::statusdebugging core file of ns-slapd (32-bit) from XXXXXX
initial argv:XXXXXXXX
threading model: multi-threaded using native lwps
status: process terminated by SIGSEGV (Segmentation Fault)
>
The failure is at address 0xfee8063c.
0xfee8063c::dislibc_psr.so.1`memcpy+0x20c: 0x2480012
libc_psr.so.1`memcpy+0x210: nop
libc_psr.so.1`memcpy+0x214: ldub [%i1], %o2
libc_psr.so.1`memcpy+0x218: stb %o2, [%i0]
libc_psr.so.1`memcpy+0x21c: add %i1, 1, %i1
libc_psr.so.1`memcpy+0x220: subcc %i3, 1, %i3
libc_psr.so.1`memcpy+0x224: 0x184ffffc
libc_psr.so.1`memcpy+0x228: add %i0, 1, %i0
libc_psr.so.1`memcpy+0x22c: ba +0x60 <libc_psr.so.1`memcpy+0x28c>
libc_psr.so.1`memcpy+0x230: nop
libc_psr.so.1`memcpy+0x234: ld [%i1], %o2
libc_psr.so.1`memcpy+0x238: st %o2, [%i0]
libc_psr.so.1`memcpy+0x23c: add %i1, 4, %i1
libc_psr.so.1`memcpy+0x240: subcc %i3, 4, %i3
// Looking for register i1
::regs%g0 = 0x00000000 %l0 = 0x87c00038
%g1 = 0xff37c840 libsh.so`_shi_sysAllocPool+0xd4 %l1 = 0xff16c2bc
%g2 = 0x00000000 %l2 = 0x07970778
%g3 = 0x0000036c %l3 = 0x05410000
%g4 = 0x00000001 %l4 = 0xff165a34
%g5 = 0x87c00038 %l5 = 0x00000000
%g6 = 0x00000000 %l6 = 0x01000000
%g7 = 0xfd06ca00 %l7 = 0x00000004
%o0 = 0x87c00038 %i0 = 0x87c00038
%o1 = 0x74776f72 %i1 = 0x6b646174
%o2 = 0xefe4617c %i2 = 0x74776f6a
%o3 = 0x00000002 %i3 = 0x00000008
%o4 = 0x00000002 %i4 = 0x6b646174
%o5 = 0x053d9c28 %i5 = 0x00000000
%o6 = 0xfc93fe00 %i6 = 0xfc93fe60
%o7 = 0xff0c0c44 libslapd.so`slapi_ch_malloc+0x64 %i7 = 0xff0e8e78
libslapd.so`slapi_dup_control+0x94
%psr = 0xfe401004 impl=0xf ver=0xe icc=nZvc
ec=0 ef=4096 pil=0 s=0 ps=0 et=0 cwp=0x4
%y = 0x00000002
%pc = 0xfee8063c libc_psr.so.1`memcpy+0x234
%npc = 0xfee80640 libc_psr.so.1`memcpy+0x238
%sp = 0xfc93fe00
0x6b646174::dismdb: failed to read instruction at 6b646174: no mapping for address
>
The register "i1"'s content was memory address 0x6b646174 which is not part of process address space.
Has anyone experienced similar problem before? I was trying to find the same in the forum but without any luck. This problem is happening quiet regularly.
Seeems like content of register i1 got missed.. here is the content..
%l2 = 0x07970778
%l3 = 0x05410000
%l4 = 0xff165a34
%l5 = 0x00000000
%l6 = 0x01000000
%l7 = 0x00000004
%i0 = 0x87c00038
%i1 = 0x6b646174
%i2 = 0x74776f6a
%i3 = 0x00000008
%i4 = 0x6b646174
%i5 = 0x00000000
%i6 = 0xfc93fe60
Similar Messages
-
Where to download "netscape directory server 4.11 or later"
Hi, there,
I just want to test some ldap functions on windows 2000. I find some guys said Netscape Directory Server 4.11 is a good choice. Where can I download a evaluation version? I can't find it on Netscape.
Thanks.Just go to www.iplanet.com
-
Unable to use a custom security realm with Netscape Directory Server in WebLogic 7
I have all users and groups stored in a Netscape LDAP server (version 4.1.6 on
Solaris 8), so I want to create a custom security realm in WebLogic 7 (also run
on Solaris 8) which uses my LDAP server as the Authenticator. I tried this by
using the Admin Console and followed exactly the steps in Chapter 3 of the "Managing
WebLogic Security" doc. However, when I rebooted WebLogic and logged into the
Admin Console again and clicked the Users node under my custom realm, I saw this
message in the right-hand pane: "There are no Authentication providers available
that support the creation of Users". Also, I don't see my custom realm in the
dropdown list under mydomain -> Security tab -> General tab -> Default Realm.
What did I do wrong? Also, where does WebLogic store the custom security realm
info? It is definitely not in config.xml.
Thanks,
Eric MaThanks for the info.
I wonder when they will fix it.
Jakub
U¿ytkownik "Eric Ma" <[email protected]> napisa³ w wiadomo¶ci
news:[email protected]..
>
According to BEA Tech Support, a known bug prevents the WLS 7 AdminConsole from
displying users and groups defined in Netscape Directory Server.
Eric Ma
"Jakub Wroniszewski" <[email protected]> wrote:
I have the same problem.
Any new ideas?
Rgds,
Jakub
U¿ytkownik "Eric Ma" <[email protected]> napisa³ w wiadomo¶ci
news:[email protected]..
Now I doubt my custom security realm is actually using the NetscapeDirectory Server
as the authenticator. Unlike in WebLogic 6.1 Admin Console, whereclicking on
the Users node displays all users in the LDAP server, in WebLogic 7I keep
getting
the message "There are no Authentication providers available that
support
the
creation of Users." Any suggestions?
"Eric Ma" <[email protected]> wrote:
Never mind. I tried again by following the steps outlined at
http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.deve
l
oper.interest.security&item=8463&utag=
and it seemed to have worked for me.
"Eric Ma" <[email protected]> wrote:
I have all users and groups stored in a Netscape LDAP server (version
4.1.6 on
Solaris 8), so I want to create a custom security realm in WebLogic7
(also run
on Solaris 8) which uses my LDAP server as the Authenticator. I
tried
this by
using the Admin Console and followed exactly the steps in Chapter3
of
the "Managing
WebLogic Security" doc. However, when I rebooted WebLogic and logged
into the
Admin Console again and clicked the Users node under my custom realm,
I saw this
message in the right-hand pane: "There are no Authentication
providers
available
that support the creation of Users". Also, I don't see my customrealm
in the
dropdown list under mydomain -> Security tab -> General tab ->
Default
Realm.
What did I do wrong? Also, where does WebLogic store the customsecurity
realm
info? It is definitely not in config.xml.
Thanks,
Eric Ma -
Migrating Netscape Directory Server 4.1 to a new server
Hi,
In the current production environment, we are using Netscape Directory Server 4.1 as the authentication with Siebel CRM system. The server hardware is old and there is a need to refresh the server. As Netscape Directory Server is the only supported/ certified LDAP with embedded functionalities in Siebel Financial Services 6.0.2.300, we are planning to upgrade only the server hardware and migrate all the user information from old server and the new one, with Netscape Directory Server 4.1 remained.
I have studied the Netscape Directory Server 4.1 Deployment Guide and gone through the migration procedures, looks like the procedures are only applicable for migrating Netscape Directory Server to a newer version. There are no specific procedures mentioned for migrating Netscape Directory Server to the new server hardware with the same directory server version.
I am seeking for detailed procedures of migrating Netscape Directory Server 4.1 to a new server hardware with the same directory server. Anyone has done this migration before? I thank you in advance for your valuable feedback.
Sincerely,
JulieLuckily, I have the technical documentation in hand, which contains all the configuration of the current server. So I need to use "db2ldif" to export the data. I am currently testing on the migration by following these steps:
1. Install the new server.
2. Stop the Netscape Directory Server and Netscape Administration Server services in old server.
3. Copy the slapd-<server_name> folder from old server to a temp location of new server.
4. Take the old server offline.
5. Configure new server to have the exact configuration as the old server.
6. Backup the existing slapd-<server_name> folder in new server, copy the slapd-<server_name> folder from the temp location to C:\Netscape\Server4 directory of new server.
7. Start the Netscape Directory Server and Netscape Administration Server services in new server.
Will try out your suggested method. Thank you so much for your feedback.
Regards,
Julie -
I have weblogic server 5.1.0 with the sp8 running on Windows NT server 4.0.
The weblogic server is configured to use LDAP realm (Netscape directory
server 4.12).
When I try to run weblogic server and I am getting the following errors:
The WebLogic Server did not start up properly.
Exception raised: java.lang.reflect.InvocationTargetException
java.lang.reflect.InvocationTargetException: java.lang.ExceptionInInitialize
or: weblogic.security.ldaprealm.LDAPRealmException: cannot connect to ldapse
without a principal to authenticate as
at weblogic.security.ldaprealm.LDAPDelegate.setupProperties(LDAPDele
.java, Compiled Code)
at weblogic.security.ldaprealm.LDAPDelegate.<clinit>(LDAPDelegate.ja
83)
at weblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:34)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:78)
at weblogic.security.acl.Realm.getRealm(Realm.java:56)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1756)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:827)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
java.lang.ExceptionInInitializerError: weblogic.security.ldaprealm.LDAPRealm
ption: cannot connect to ldapserver without a principal to authenticate as
at weblogic.security.ldaprealm.LDAPDelegate.setupProperties(LDAPDele
.java, Compiled Code)
at weblogic.security.ldaprealm.LDAPDelegate.<clinit>(LDAPDelegate.ja
83)
at weblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:34)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:78)
at weblogic.security.acl.Realm.getRealm(Realm.java:56)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1756)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:827)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
And here is the my ldaprealm.properties file
netscape.server.host=localhost
netscape.server.port=389
netscape.server.ssl=false
netscape.server.principal=uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot
netscape.server.credential=password
netscape.user.dn=ou=People, o=towers.com
netscape.user.filter=(&(uid=%u)(objectclass=person))
netscape.group.dn=ou=Groups, o=towers.com
netscape.group.filter=(&(cn=%g)(objectclass=groupofuniquenames))
netscape.membership.filter=(&(uniquemember=%M)(objectclass=groupofuniquename
s))
By looking at the error message, it seems like the "server.principal" and
"server.credential" info is not correct.
But I was able to use the same Netscape Directory server with Welogic 5.1.0
with sp4, although the ldaprealm.properties file has somewhat different
format.
Did anyone have similar problems with sp8?
Thanks in advance for any suggestions.BEA support just gave me the solution.
They told me to uncomment out the line
server.alias=netscape
in the ldaprealm.properties file
And I am able to start weblogic with my NIS
Thanks
"Enrique" <[email protected]> wrote in message
news:[email protected]...
>
Hi,
Have you try to remove the "system" user on the LDAP server?
Regards.
"Honghai Zhang" <[email protected]> wrote:
I have weblogic server 5.1.0 with the sp8 running on Windows NT server
4.0.
The weblogic server is configured to use LDAP realm (Netscape directory
server 4.12).
When I try to run weblogic server and I am getting the following errors:***************************************************************************
The WebLogic Server did not start up properly.
Exception raised: java.lang.reflect.InvocationTargetException
java.lang.reflect.InvocationTargetException:
java.lang.ExceptionInInitialize
or: weblogic.security.ldaprealm.LDAPRealmException: cannot connect toldapse
without a principal to authenticate as
atweblogic.security.ldaprealm.LDAPDelegate.setupProperties(LDAPDele
..java, Compiled Code)
atweblogic.security.ldaprealm.LDAPDelegate.<clinit>(LDAPDelegate.ja
83)
atweblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:34)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:78)
at weblogic.security.acl.Realm.getRealm(Realm.java:56)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1756)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:827)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
java.lang.ExceptionInInitializerError:weblogic.security.ldaprealm.LDAPRealm
ption: cannot connect to ldapserver without a principal to authenticate
as
atweblogic.security.ldaprealm.LDAPDelegate.setupProperties(LDAPDele
..java, Compiled Code)
atweblogic.security.ldaprealm.LDAPDelegate.<clinit>(LDAPDelegate.ja
83)
atweblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:34)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:78)
at weblogic.security.acl.Realm.getRealm(Realm.java:56)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1756)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:827)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)***************************************************************************
And here is the my ldaprealm.properties file////////////////////////////////////////////////////////////////////////////
netscape.server.host=localhost
netscape.server.port=389
netscape.server.ssl=false
netscape.server.principal=uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot
netscape.server.credential=password
netscape.user.dn=ou=People, o=towers.com
netscape.user.filter=(&(uid=%u)(objectclass=person))
netscape.group.dn=ou=Groups, o=towers.com
netscape.group.filter=(&(cn=%g)(objectclass=groupofuniquenames))
netscape.membership.filter=(&(uniquemember=%M)(objectclass=groupofuniquename
s))////////////////////////////////////////////////////////////////////////////
By looking at the error message, it seems like the "server.principal" and
"server.credential" info is not correct.
But I was able to use the same Netscape Directory server with Welogic5.1.0
with sp4, although the ldaprealm.properties file has somewhat different
format.
Did anyone have similar problems with sp8?
Thanks in advance for any suggestions. -
Weblogic Integration with Netscape Directory Server - Help URGENT
Prashant,
Yes, I did. Did you copy the ldaprealm.properties to the same place as where
your weblogic.properties is located by default. The original sample file is
located in examples/....directory. After your changes are made copy the file
to c:/weblogic directory.
Hope this helps.
-Sunil .K
Prashanth <[email protected]> wrote in message
news:[email protected]...
Hi,
Can anyone who's tried using the LDAPRealm to talk to Netscape Directory
Server 4.1tell me exactly what are the steps that one needs to follow toset
this up:
1. Changes in the ldaprealm.properties file
2. Changes in the weblogic.properties file
3. Changes on NDS side, if any
Erorr I am getting:
Thu Jun 29 10:24:53 EDT 2000:<I> <System Props> weblogic.class.path =
d:\weblogi
c\lib\weblogic510sp3.jar;d:\weblogic\license;d:\weblogic\classes;d:\weblogic
\mys
erver\serverclasses;d:\weblogic\lib\weblogicaux.jar
Thu Jun 29 10:24:53 EDT 2000:<I> <System Props> weblogic.system.home =
d:\weblog
ic
Thu Jun 29 10:24:53 EDT 2000:<I> <WebLogicServer> Loaded License :
D:/weblogic/l
icense/WebLogicLicense.xml
Thu Jun 29 10:24:53 EDT 2000:<I> <WebLogicServer> Server loading from
weblogic.c
lass.path. EJB redeployment enabled.
java.io.FileNotFoundException: ldaprealm.properties (The system cannotfind
the
file specified)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java, Compiled
Code)
at
weblogic.security.internal.RealmProperties.getProperties(RealmPropert
ies.java:37)
at
weblogic.security.internal.RealmProperties.<init>(RealmProperties.jav
a:20)
at
weblogic.security.ldaprealm.LDAPDelegate.configureProps(LDAPDelegate.
java:78)
at
weblogic.security.ldaprealm.LDAPDelegate.<init>(LDAPDelegate.java:198
at weblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:35)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:79)
at weblogic.security.acl.Realm.getRealm(Realm.java:57)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1744)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:825)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
at weblogic.NTServiceHelper.run(NTServiceHelper.java:19)
at java.lang.Thread.run(Thread.java:479)
--------------- nested within: ------------------
weblogic.security.ldaprealm.LDAPException: ldaprealm.properties notfound -
with
nested exception:
[java.io.FileNotFoundException: ldaprealm.properties (The system cannot
find> the> file specified)
at
weblogic.security.ldaprealm.LDAPDelegate.configureProps(LDAPDelegate.
java:82)
at
weblogic.security.ldaprealm.LDAPDelegate.<init>(LDAPDelegate.java:198
at weblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:35)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:79)
at weblogic.security.acl.Realm.getRealm(Realm.java:57)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1744)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:825)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
at weblogic.NTServiceHelper.run(NTServiceHelper.java:19)
at java.lang.Thread.run(Thread.java:479)
The WebLogic Server did not start up properly.
Exception raised: java.lang.reflect.InvocationTargetException
java.lang.reflect.InvocationTargetException: java.lang.IllegalAccessError:
weblo
gic.security.ldaprealm.LDAPException: ldaprealm.properties not found -with
nest
ed exception:
[java.io.FileNotFoundException: ldaprealm.properties (The system cannot
find> the> file specified)
at weblogic.security.acl.Realm.getRealm(Realm.java:86)
at weblogic.security.acl.Realm.getRealm(Realm.java:57)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1744)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:825)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
at weblogic.NTServiceHelper.run(NTServiceHelper.java:19)
at java.lang.Thread.run(Thread.java:479)
java.lang.IllegalAccessError: weblogic.security.ldaprealm.LDAPException:
ldaprea
lm.properties not found - with nested exception:
[java.io.FileNotFoundException: ldaprealm.properties (The system cannot
find> the> file specified)
at weblogic.security.acl.Realm.getRealm(Realm.java:86)
at weblogic.security.acl.Realm.getRealm(Realm.java:57)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1744)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:825)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
at weblogic.NTServiceHelper.run(NTServiceHelper.java:19)
at java.lang.Thread.run(Thread.java:479)
WebLogic Server terminated with an abnormal condition of 1
Hit return to continue...>>>>>>>>> -
Setup connection factory and topic in Netscape Directory Server
I'm using Netscape Directory Server(NDS) and WLS5.1.
What should I setup in the NDS in order to lookup the connection
factory and topic in WLS?
ThanksMy first suggestion is to find an log on de NDS server (maybe it states a reason for the closing the connection)
Otherwise use Ethereal to examen the trafic between the to machines. Maybe that helps.
Or check if the NDS wants 2-way authentication and is trying to get your certificate as wel. -
Differences between SunONE, iPlanet and Netscape Directory Server
What are the differences between SunONE, iPlanet and Netscape Directory Server?
When I go to docs.sun.com - Products Categories, I saw that they've documentation regarding with SunONE, iPlanet, Netscape Directory Server listed under Directory Server.
I know that they're all different directory server, but is it one newer than other? If I'm not wrong, I assumed that Netscape transformed into iPlanet, and then from iPlanet, it transformed to SunONE. If that is the case, is that mean that all of it's console and how it works should be very similar?
Thanks!That is exactly what I thought.
so when people refer SunONE Directory Server 5.1, then that's mean iPlanet Directory Server 5.1, right?
Because I'm looking at Solaris 9's specification and it mentioned that it bundled with SunONE Directory Server 5.1.
Thanks for answering my question! :) -
Netscape Directory Server 4.x with sun blueprints script - still no luck
I installed the directory server 4.x, ran suns NATIVE ldap script for Solaris 8. I don't think it generated the "Solaris Native" profile. . how can I tell. When I go to ldapclient a client machine, I get the following:
parsing -P option
findDN: begins
findDN: calling __ns_ldap_default_config()
found 2 namingcontexts
findDN: __ns_ldap_list(NULL, "(&(objectclass=nisDomainObject)(nisdomain=carfund.com))"
rootDN[0] dc=carfund,dc=com
found baseDN dc=carfund,dc=com for domain carfund.com
Servers addresses 172.16.100.233
About to configure machine by downloading a profile
save sysinfo
save stat(/etc/nsswitch.conf,
save /usr/sbin/nscd -K
save /usr/bin/pkill -9 nscd
save rename(/etc/nsswitch.conf, /etc/nsswitch.conf.orig)
save stat(/etc/defaultdomain,
save rename(/etc/defaultdomain, /etc/defaultdomain.orig)
save stat(/etc/.rootkey,
No /etc/.rootkey file!
save stat(/var/nis/NIS_COLD_START,
No /var/nis/NIS_COLD_START file!
namelen 11
save stat(/var/yp/binding/carfund.com,
No /var/yp/binding/carfund.com directory!
download save() of systems configuration suceeded.
download ret 2
download p 0xffbef4c4
download p Object not found
The download of the profile failed, recovering system state.
recover stat(/etc/defaultdomain.orig, )
recover stat(/etc/nsswitch.conf.orig, )
recover open(/etc/defaultdomain.orig, )
recover read(/etc/defaultdomain.orig, )
recover old domainname carfund.com
recover stat(/var/ldap/ldap_client_file.orig, )
recover stat(/var/ldap/ldap_client_file.orig, )
recover stat(/var/nis/NIS_COLD_START.orig, )
recover stat(/var/yp/binding/carfund.com.orig, )
recover ldap -1 nis+ -1 yp -1
recover rename(/etc/nsswitch.conf.orig, /etc/nsswitch.conf)
recover rename(/etc/defaultdomain.orig, /etc/defaultdomain)
Any ideas?
Thanks,
Gary Walters
FYI .. I really want to use Directory Server 5.1 on my Solaris 8 machine, but can't seem to get it even close.Followup:
I installed the netscape version of Directory Server and then ran the blueprints script to set it up for native LDAP. I have found a few issues.
1.) I can not log into the console as Directory Manager ... I have to use admin? I think this could be a problem because when it goes to set the permissions for proxyagent, I think it uses the Directory Manager login so when I go to see the permissions it created, I don't see that entry. When I go to create one, it gives me: insuffcient 'write' priveledge to the 'aci' attribute of entry.
2.) I can not generate a profile and use ldapadd to add it, I get the following errors:
ldap_gen_profile -P default -b dc=mydomain,dc=com -D \ "cn=Proxyagent,ou=profile,dc=mydomain,dc=com" -w password \ -a simple xxx.xxx.xxx.xxx > default.ldif
Once that is done, you will have to edit the file and take out all the whitespace at the beginning of every line due to a bug. Once you are ready to add the profile, just run:
ldapadd -D "cn=Directory Manager" -w password -h ldapserver \ -p 389 -f default.ldif
I ran the steps above (substituting correct entries) and when I do the ldapadd -D command, I get the following error:
adding new entry cn=default,ou=profile,dc=carfund,dc=com ldap_add_s: Object class violation
3.) If I try to use ldapclient -v -P command on a client machine, I get the following errors:
/usr/sbin/ldapclient -v -P "Solaris Native" ###.##.###.###
parsing -P option
findDN: begins
findDN: calling __ns_ldap_default_config()
found 2 namingcontexts
findDN: __ns_ldap_list(NULL, "(&(objectclass=nisDomainObject) (nisdomain=carfund.com))" rootDN[0] dc=carfund,dc=com
found baseDN dc=carfund,dc=com for domain carfund.com
Servers addresses ###.##.###.###
About to configure machine by downloading a profile
save sysinfo
save stat(/etc/nsswitch.conf,
save /usr/sbin/nscd -K
save /usr/bin/pkill -9 nscd
save rename(/etc/nsswitch.conf, /etc/nsswitch.conf.orig)
save stat(/etc/defaultdomain,
save rename(/etc/defaultdomain, /etc/defaultdomain.orig)
save stat(/etc/.rootkey,
No /etc/.rootkey file!
save stat(/var/nis/NIS_COLD_START,
No /var/nis/NIS_COLD_START file!
namelen 11
save stat(/var/yp/binding/carfund.com,
No /var/yp/binding/carfund.com directory!
download save() of systems configuration suceeded.
download ret 2
download p 0xffbef4c4
download p Object not found
The download of the profile failed, recovering system state.
recover stat(/etc/defaultdomain.orig, )
recover stat(/etc/nsswitch.conf.orig, )
recover open(/etc/defaultdomain.orig, )
recover read(/etc/defaultdomain.orig, )
recover old domainname carfund.com
recover stat(/var/ldap/ldap_client_file.orig, )
recover stat(/var/ldap/ldap_client_file.orig, )
recover stat(/var/nis/NIS_COLD_START.orig, )
recover stat(/var/yp/binding/carfund.com.orig, )
recover ldap -1 nis+ -1 yp -1
recover rename(/etc/nsswitch.conf.orig, /etc/nsswitch.conf)
recover rename(/etc/defaultdomain.orig, /etc/defaultdomain)
Any ideas .. I still want to get Version 5.1 working , but I may have to settle for 4.x since I am not running Solaris 9 and I can't upgrade at this time. -
We recently upgraded to SunOne 9.1 on x86. We kept our webserver on 6.0 but upgraded the plugin. We started experiencing frequent core dumps of our webserver. We decided to upgrade webserver to 7.0 hoping the problem would go away. However, we continue to see the core dumps. Every core dump I looked at had the same stack trace; eg)
libc.so.1`strlen+0xc(11a55440, 10b5da88, 11a55388)
libpassthrough.so`__1cILBDaemonOserviceRequest6MrnMProxyRequest__I_+0x307(f229e08, 11a55388)
libpassthrough.so`__1cLDaemonEntryOserviceRequest6MrnMProxyRequest__I_+0x57(da23ca8, 11a55388)
libpassthrough.so`__1cMRequestGroupOserviceRequest6MrnMProxyRequest__I_+0x1b0(8263c28, 11a55388)
libpassthrough.so`__1cPLBDaemonManagerOserviceRequest6MrnMProxyRequest__I_+0x157(88054a0, 11a55388)
libpassthrough.so`__1cQservice_lbplugin6FpnGpblock_pnHSession_pnHRequest__i_+0x8dc(8719b20, f80fc5c, f80fcd4)
libpassthrough.so`service_passthrough+0x23(8719b20, f80fc5c, f80fcd4)
libns-httpd40.so`func_exec_str+0x1e7(8208328, 8719b20, f80fc5c, f80fcd4)
libns-httpd40.so`INTfunc_exec_directive+0x1d6(816f888, 8719b20, f80fc5c, f80fcd4)
libns-httpd40.so`INTservact_service+0x31a(f80fc5c, f80fcd4)
libns-httpd40.so`INTservact_handle_processed+0x11d(f80fc5c, f80fcd4)
libns-httpd40.so`__1cLHttpRequestUUnacceleratedRespond6M_v_+0x794(f80fc48)
libns-httpd40.so`__1cLHttpRequestNHandleRequest6MpnGnetbuf_I_i_+0x68e(f80fc48, f82a008, ffffffff)
libns-httpd40.so`__1cNDaemonSessionDrun6M_v_+0x654(f80fe08)
libnsprwrap.so`ThreadMain+0x20(f80fe08)
libnspr4.so`_pt_root+0xe7(f06c718)
libc.so.1`_thr_setup+0x4e(dcc2da00)
libc.so.1`_lwp_start(dcc2da00, 0, 0, dc62aff8, fd397340, dcc2da00)
Any ideas? Are there any known issues with the lbplugin?My "solution" doesn't change your architecture at all.
Your web servers are showing a stack trace pointing to libpassthrough.so. This is a shared object that runs in the Web Server. I'm suggesting that rather than use an old libpassthrough.so that may (or may not) have problems, try using the built-in Reverse Proxy feature of Web Server. The Reverse Proxy feature is derived from the older libpassthrough.so, but has had many enhancements over the years. It IS a newer version of the load balancer shared object you are currently using. -
Netscape directory server startup failture
Hi,
I wonder if anyone can help me.....
We are running Netscape 4.1 under solaris 2.6, and basically what has
happened is that the LDAP server crashed out because it was unable to
write the db file because the file system was full up.
When I try and restart the server I get the following message in the
log file
[11/Sep/2001:08:40:30 -0400] - Netscape-Directory/4.1 B99.262.2243
starting up
[11/Sep/2001:08:40:31 -0400] - Detected Disorderly Shutdown last time
Directory Server was running, recovering database.
[11/Sep/2001:08:40:53 -0400] - Database Recovery Process FAILED. The
database is not recoverable.
[11/Sep/2001:08:40:53 -0400] - start: Failed to init database, err=22
Invalid argument
[11/Sep/2001:08:40:53 -0400] - Backend 'ldbm' failed to start. (-1)
Does anyone have any ideas?
SachinHi Vikram,
Thanks for your quick response. Sorry but i missed to metion that the memory usage was 96% and then i removed some of unnecessary files from the server so that LDAP server can run properly. But still it is giving me the same error. Please help me out. Thanks in advance
Sachin -
C++ Tux 6.4 server core dumping when throwing exception
We are having a problem inside a Tux 6.4 server written in C++ on a Solaris box.
Whenever an exception is thrown, the program dumps core. (The same program transformed
into a standalone C++ program functions normally.)
Has anyone else had similar problems??
Is there something that we need to do to avoid the problem??
Please email me responses and I will post a summary.
adTHANKSvance.Morrie Kahn wrote:
>
We are having a problem inside a Tux 6.4 server written in C++ on a Solaris box.
Whenever an exception is thrown, the program dumps core. (The same program transformed
into a standalone C++ program functions normally.)
Has anyone else had similar problems??
Don't know whether it could be the same problem, but using Tuxedo 6.5 /
Tru64, throwing any exception caused some strange message to occur (sth.
about locking) and the program abort.
After I prepared some test, BEA provided the patch which helped. -
Netscape Directory Server closes LDAPS connection during SSL handshake
I'm trying to bind to a NDS 6.2 LDAP server over SSL using the 1.4.2_03 JNDI LDAP provider,
but I can't get past the initial TSL handshake: it throws a "Remote host closed connection
during handshake" exception. The JSSE FAQ mentions this as likely a problem with
protocol incompatibilities (e.g. SSL3 vs. TLS1), but I can't seem to force the LDAP provider
to use an older protocol to investigate this further.
Here are the environment parameters I'm passing
java.naming.provider.url=ldap://ldaphost:636/o=foo,ou=bar
java.naming.security.principal=cn=foobar
java.naming.security.credentials=password
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
java.naming.security.authentication=simple
java.naming.security.protocol=ssland the associated JSSE debug trace follows.
Any ideas? Do I need to create some custom socket factory to mess with protocols?
pch
================
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: C:\tools\jdk1.4.2\jre\lib\security\jssecacerts
trustStore type is : jks
init truststore
adding as trusted cert:
Subject: [email protected], CN=Petes Bait and Tackle Class Z CA, O=Petes Bait and Tackle, L=Falls Church, ST=Virginia, C=US
Issuer: [email protected], CN=Petes Bait and Tackle Class Z CA, O=Petes Bait and Tackle, L=Falls Church, ST=Virginia, C=US
Algorithm: RSA; Serial number: 0x0
Valid from Thu Jun 24 13:24:27 EDT 2004 until Fri Jun 24 13:24:27 EDT 2005
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1071325469 bytes = { 1, 25, 191, 168, 187, 165, 118, 46, 45, 64, 183, 165, 131, 120, 155, 107, 208, 170, 19, 80, 74, 234, 177, 118, 51, 83, 194, 158 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
0000: 01 00 00 45 03 01 40 DB 21 1D 01 19 BF A8 BB A5 ...E..@.!.......
0010: 76 2E 2D 40 B7 A5 83 78 9B 6B D0 AA 13 50 4A EA [email protected].
0020: B1 76 33 53 C2 9E 00 00 1E 00 04 00 05 00 2F 00 .v3S........../.
0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
0040: 03 00 08 00 14 00 11 01 00 .........
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
0040: 00 11 40 DB 21 1D 01 19 BF A8 BB A5 76 2E 2D 40 ..@.!.......v.-@
0050: B7 A5 83 78 9B 6B D0 AA 13 50 4A EA B1 76 33 53 ...x.k...PJ..v3S
0060: C2 9E ..
main, WRITE: SSLv2 client hello message, length = 98
main, received EOFException: error
main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
main, SEND TLSv1 ALERT: fatal, description = handshake_failure
main, WRITE: TLSv1 Alert, length = 2
main, called closeSocket()My first suggestion is to find an log on de NDS server (maybe it states a reason for the closing the connection)
Otherwise use Ethereal to examen the trafic between the to machines. Maybe that helps.
Or check if the NDS wants 2-way authentication and is trying to get your certificate as wel. -
Where is iPlanet / Netscape Directory Server ?
Any information ?
Hi,
The SunOneDirectory Server is commonly called iPlanet, and you can find the last version in:
http://wwws.sun.com/software/download/products/3ee79e69.html
Regards,
kifwet -
Hi Marcel,
There is a technote available describing what to do if the domain has changed on a DS 4.1x:
http://knowledgebase.iplanet.com/ikb/kb/articles/4770.html
If there is a change in the IP address only, then there is a perl script coming with DS 4.16 (and SP1) and iDS 5.x called admin_ip.pl and located under <server_root>/shared/bin.
This script works for all the DS 4.1x and 5.x servers.
Hope this would help you.
Cheers / Damien.
Maybe you are looking for
-
IPHONE 4 DOESN'T ACCEPT WIFI PASSWORDS ANYMORE - PLEASE HELP!
Hi all, My iPhone 4 out of blue decided not to accept the wifi password- it says "wrong password for xxx network" - it's my home one it always worked- I was away and worked fine for a week in others houses (where the password was stored already) went
-
Hi, I'm new with JTable. I've a JTable where I added a comboBox. I need to open a Dialog box by selecting an option from the comboBox. Please let me know how can I do that... thanks in advance. here is how I added my combobox code //Set up
-
"iTunes Accounts" System Service just used 1.1 GB of cellular data in 14 hours!
Ttitle sums it up. 14 hours ago I activated my new iPhone 6 on T-Mobile, porting my number from AT&T. In this time, even though my phone has been on WiFi for over half of it, the "iTunes Accounts" System Service (Settings>Cellular>System Services) ha
-
How to do single sign on with outside website.
Dear Sir, Our EP is EP6 SP14, I need to do the single signon with the outside website with required user and password. Please kindly help. Thank you and best regards, Vimol
-
How do I post photos on Facebook that are on my IPad?
How do I post pictures on Facebook from my IPad? When I click on search my files in FB nothing happens. Thanks.