Description of problem: During install ldappasswd fails to change admin password leaving kinit admin to fail with Preauthentication failed due to password not being the same. log message has: ldap_start_tls_s failed: (Can't connect to the LDAP server) DEBUG Unable to set admin password Command '/usr/lib/mozldap/ldappasswd -D cn=Directory Manager -w example -P /etc/dirsrv/slapd-EXAMPLE-COM//cert8.db -ZZZ -s example uid=admin,cn=sysaccounts,cn=etc,dc=example,dc=com' returned non-zero exit status 91 Version-Release number of selected component (if applicable): current ipa-server version from testing. ipa-server-install --version reports ipa-server-install .1 Additional info: Fixed by adding "" around cn=Directory Manager
Just to be clear, you did something like this? diff --git a/ipa-server/ipaserver/dsinstance.py b/ipa-server/ipaserver/dsinstanc index a56a8a8..d217123 100644 --- a/ipa-server/ipaserver/dsinstance.py +++ b/ipa-server/ipaserver/dsinstance.py @@ -361,7 +361,7 @@ class DsInstance(service.Service): else: app = "/usr/lib/mozldap/ldappasswd" args = [app, - "-D", "cn=Directory Manager", "-w", self.dm_password, + "-D", "\"cn=Directory Manager\"", "-w", self.dm_password, "-P", dirname+"/cert8.db", "-ZZZ", "-s", password, "uid=admin,cn=sysaccounts,cn=etc,"+self.suffix] try:
No I run the code by itself did not patch the source.
What I meant was: did you make a similar change to dsinstance.py on your system to make the installation successful?
I can't reproduce this behavior. Is it possible for you to try the install again and see if it happens again for you? Did you install this from source or from the Fedora repos?
Sorry, I had set the NEEDINFO wrong. I can't reproduce this and need more details on what it is you changed to make it work on your system.
Closing this for now, I can't reproduce this. It may have been fixed as a side-effect of another change, I can't be sure.