HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
cancel
Showing results for 
Search instead for 
Did you mean: 

ldapux v5

 
christian_derek
Regular Advisor

ldapux v5

Hi,

I was able to use the new autosetup script connecting to a dev Active Directory without issue.

I try to do the same thing for the production ADS, but facing an issue. I am running ldapux client v5 on 11iv2.

Here is the output of autosetup -v 3

# ./autosetup -v 3
Scanning DNS domain "softvoyage.com" for any registered LDAP directory servers..
.

No directory server found!

Please enter the host name and port number of a directory server
[hostname:port], or a Windows domain name: active1.softvoyage.local
*Searching rootDSE object on host active1.softvoyage.local, port 389...
*Searching rootDSE object on host active1.softvoyage.local, port 389...
**ldapsearch -h active1.softvoyage.local -p 389 -T -s base -b "" "(objectClass=*
)" defaultNamingContext domainControllerFunctionality supportedCapabilities sche
maNamingContext
***version: 1
dn:
defaultNamingContext: DC=softvoyage,DC=local
schemaNamingContext: CN=Schema,CN=Configuration,DC=softvoyage,DC=local
supportedCapabilities: 1.2.840.113556.1.4.800
supportedCapabilities: 1.2.840.113556.1.4.1670
supportedCapabilities: 1.2.840.113556.1.4.1791
supportedCapabilities: 1.2.840.113556.1.4.1935
domainControllerFunctionality: 3


Please enter the DN of a user that has sufficient privilege to add this host
to the "softvoyage.local" domain. Note also that if this is the first
time adding an HP-UX host to this directory server, LDAP-UX may also need to
extend the server's schema. Please enter the DN of an Administrator with
these privileges or press Return for the default value
[CN=Administrator,CN=Users,DC=softvoyage,DC=local]:

Please enter the administrator's password:

*Verifying user...
**ldapsearch -D CN\=Administrator\,CN\=Users\,DC\=softvoyage\,DC\=local -j /var/
tmp/ldap/mgrpasswd_10046.txt -T -h active1.softvoyage.local -p 389 -ZZZ -P /etc/
opt/ldapux/cert8.db -s base -b "" "(objectClass=*)" dn >/dev/null 2>&1
***dir_manager: CN=Administrator,CN=Users,DC=softvoyage,DC=local
***host: active1.softvoyage.local
***host_fqdn: active1.softvoyage.local
***host_ipaddr: 192.168.211.158
***port: 389
***ssl_port: 636
***ads_mode: 3
***dc_domain: DC=softvoyage,DC=local
***dns_domain: softvoyage.local
***domain_base: DC=softvoyage,DC=local
***computer_container: CN=computers
***schema: CN=Schema,CN=Configuration,DC=softvoyage,DC=local
***passwd_file: /var/tmp/ldap/mgrpasswd_10046.txt
***computer: ivy
***computer_fqdn: ivy.softvoyage.com

*Searching for default profile entry CN=ldapuxprofile,CN=system,DC=softvoyage,DC
=local...
**ldapsearch -D CN\=Administrator\,CN\=Users\,DC\=softvoyage\,DC\=local -j /var/
tmp/ldap/mgrpasswd_10046.txt -T -h active1.softvoyage.local -p 389 -b CN\=ldapux
profile\,CN\=system\,DC\=softvoyage\,DC\=local -ZZZ -P /etc/opt/ldapux/cert8.db
-s base "(objectClass=DUAConfigProfile)" > /etc/opt/ldapux/ldapux_profile.ldif 2
>&1

Found default profile entry CN=ldapuxprofile,CN=system,DC=softvoyage,DC=local.

Successfully downloaded profile entry from AD server.
*Successfully created the binary profile /etc/opt/ldapux/ldapux_profile.bin.
*Modifying /etc/opt/ldapux/ldapux_client.conf...
*Searching rootDSE object on host active1.softvoyage.local, port 389...
**ldapsearch -h active1.softvoyage.local -p 389 -T -s base -b "" "(objectClass=*
)" defaultNamingContext domainControllerFunctionality supportedCapabilities sche
maNamingContext
***version: 1
dn:
defaultNamingContext: DC=softvoyage,DC=local
schemaNamingContext: CN=Schema,CN=Configuration,DC=softvoyage,DC=local
supportedCapabilities: 1.2.840.113556.1.4.800
supportedCapabilities: 1.2.840.113556.1.4.1670
supportedCapabilities: 1.2.840.113556.1.4.1791
supportedCapabilities: 1.2.840.113556.1.4.1935
domainControllerFunctionality: 3

*Creating environment variable file /var/tmp/ldap/ivy.env...
***LDAP_BINDDN=CN=Administrator,CN=Users,DC=softvoyage,DC=local
***LDAP_BINDCRED=Bonjour!1
***LDAP_HOSTCRED=cCqQr4fcR0T3
*Checking if computer account ivy exists...
**ldaphostlist -L -n ivy
*Creating computer account ivy in AD server...
**ldaphostmgr -a -I -f -X -P -E /var/tmp/ldap/ivy.env ivy userAccountControl=544
userPrincipalName=host/ivy.softvoyage.com
ERROR: HST_ENTRY_ALREADY_EXISTS:
The host entry already exists in the directory server.

ERROR: Failed to create computer account in AD server!

any help will be appreciated.

3 REPLIES
Steven E. Protter
Exalted Contributor

Re: ldapux v5

Shalom,

Account already exists on the ADS server.

Check with that admin to see if these needs to be a modify or a different account should be added.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
christian_derek
Regular Advisor

Re: ldapux v5

Hi,

I forgot to mentionned that we already tried that.

If I use the script to connect to the dev ADS, just offer me to delete and recreate.

thanks,
christian_derek
Regular Advisor

Re: ldapux v5

why the script is trying to recreate the entry when it already exist. It should offer me to delete it, like my dev env.

**ldaphostlist -L -n ivy
*Creating computer account ivy in AD server...
**ldaphostmgr -a -I -f -X -P -E /var/tmp/ldap/ivy.env ivy userAccountControl=544
userPrincipalName=host/ivy.softvoyage.com
ERROR: HST_ENTRY_ALREADY_EXISTS:
The host entry already exists in the directory server.

ERROR: Failed to create computer account in AD server!