Red Hat Bugzilla – Bug 442802
ipa-server-install ldappasswd fail
Last modified: 2015-01-04 18:31:58 EST
Description of problem:
During install ldappasswd fails to change admin password leaving kinit admin to
fail with Preauthentication failed due to password not being the same.
log message has: ldap_start_tls_s failed: (Can't connect to the LDAP server)
DEBUG Unable to set admin password Command '/usr/lib/mozldap/ldappasswd -D
cn=Directory Manager -w example -P /etc/dirsrv/slapd-EXAMPLE-COM//cert8.db -ZZZ
-s example uid=admin,cn=sysaccounts,cn=etc,dc=example,dc=com' returned non-zero
exit status 91
Version-Release number of selected component (if applicable):
current ipa-server version from testing.
ipa-server-install --version reports ipa-server-install .1
Fixed by adding "" around cn=Directory Manager
Just to be clear, you did something like this?
diff --git a/ipa-server/ipaserver/dsinstance.py b/ipa-server/ipaserver/dsinstanc
index a56a8a8..d217123 100644
@@ -361,7 +361,7 @@ class DsInstance(service.Service):
app = "/usr/lib/mozldap/ldappasswd"
args = [app,
- "-D", "cn=Directory Manager", "-w", self.dm_password,
+ "-D", "\"cn=Directory Manager\"", "-w", self.dm_password,
"-P", dirname+"/cert8.db", "-ZZZ", "-s", password,
No I run the code by itself did not patch the source.
What I meant was: did you make a similar change to dsinstance.py on your system
to make the installation successful?
I can't reproduce this behavior. Is it possible for you to try the install again
and see if it happens again for you?
Did you install this from source or from the Fedora repos?
Sorry, I had set the NEEDINFO wrong.
I can't reproduce this and need more details on what it is you changed to make
it work on your system.
Closing this for now, I can't reproduce this. It may have been fixed as a
side-effect of another change, I can't be sure.