changeip -checkhostnameHowever the error recurs no matter what you do, even if you try and change the name of the Open Directory Master or the address you still usually end up seeing the same error. If it isn’t the address or the name then could it be the port? If you run lsof to see about that whole ldap port:
lsof -i | grep ldapThen you’ll end up seeing something like a mail server or third party tool taking 389 first. So, the error should probably read “port already in use” rather than “address already in use.” Disable ldap or move ldap to some other port with the other service, or spin up a new IP and move ldap to that IP for the other service and re-promote and viola, you’re golden. Good luck!
krypted September 8th, 2013
Posted In: Mac OS X Server
NSMutableDictionary *_getRootDSE(const char *): rootDSE not foundAt the GUI this just looks like: This could mean that you need to check the SSL box in the Directory Utility for the replica. You’ll know that’s the case if the Replica appears in the Server app but is still throwing errors when trying to work. This could also be an issue where the Master can’t get a version or the DSE from the Master. Assuming you already checked IP/DNS, let’s see if the server knows what it is (the master, version, etc). To see if it can’t get a version, run slapconfig -ver:
slapconfig -verIf you get an error, comment out the TLSCertificatePassphrase line in /etc/openldap/slapd_macosxserver.conf. If not, then it’s a problem with ssh connecting. Assuming ssh is open/on we’re gonna’ need to make sure the authentication types between the client and the server match. To do so, first, change the authentication options in /etc/sshd_config (the section should look like the following when you’re done):
# To disable tunneled clear text passwords both PasswordAuthentication and # ChallengeResponseAuthentication must be set to "no". #PasswordAuthentication yes #PermitEmptyPasswords noThen, in the Authentication section, change PubkeyAuthentication to no:
# Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 #RSAAuthentication yes #PubkeyAuthentication noThen, in the /etc/sshd_config on the client, change the PasswordAuthentication to yes and the PubkeyAuthentication to no, which should have an sshd_config file similar to the above examples.
krypted September 5th, 2013
Posted In: Mac OS X Server
Tags: 10.8.4 server, an error occured while configuring as a directory replica, failing, Mac OS X Server, NSMutableDictionary *_getRootDSE(const char *): rootDSE not found, Open Directory, os x, rootDSE not found