http://www.vmware.com/vmtn/appliances/directory/320
A virtual machine appliance featuring Fedora (LDAP) Directory Server 1.02 on Fedora Core 5
After going through the wizard and choosing "typical" setup, accepting all defaults (except providing a unique FQDN hostname whenever asked), I can't start the console as advised, when the wizard finishes:
\[root@foo ~]# cd /opt/fedora-ds/
\[root@foo fedora-ds]# ./startconsole -u admin -a http://foo.bar.com:56980/
GC Warning: Out of Memory! Returning NIL!
Exception in thread "main" GC Warning: Out of Memory! Returning NIL!
java.awt.AWTError: Cannot load AWT toolkit: gnu.java.awt.peer.gtk.GtkToolkit
\*** Got java.lang.OutOfMemoryError while trying to print stack trace.
\[root@foo fedora-ds]# free
total used free shared buffers cached
Mem: 515760 161260 354500 0 23456 114716
-/+ buffers/cache: 23088 492672
Swap: 1048568 0 1048568
\[root@foo fedora-ds]#
Note how much free ram there is. The error message happens in about 2 seconds, so there's no way a program can leak memory that fast. Also, it would be nice if the full pathname to a log file was mentioned along with the error message so I could read more verbose info about this error.
There's also a glaring license violation[/b] on two major components of Fedora Directory Server (AKA fedora-ds) that is distributed in this VM. Basically, the fedora-ds "admin server" and "console" cannot be redisributed (in this VM) by Mr. Lackey to me because he did not obtain a written agreement from me to be bound by the terms of Section 2.1, quoted below:
The included license found in /opt/fedora-ds/LICENSE.txt contains this:
\----
2. ADMINISTRATION SERVER, AND MANAGEMENT CONSOLE
2.1 LICENSE GRANT. Subject to the provisions of this Section 2.1, Red
Hat hereby grants LICENSEE a non-exclusive, non-transferable,
worldwide, perpetual, fully paid right (without the right to
sublicense) to use, reproduce and distribute Administration Server
("ADMIN SERVER"), and Management Console ("CONSOLE") in executable,
machine-readable form. LICENSEE must reproduce all copyright and
other proprietary notices on such copies. LICENSEE may only reproduce
and distribute Admin Server or Console to another party if the other
party agrees in writing to be obligated by the terms and conditions of
this Section 2.1.[/b] Except as provided in this Section 2.1, LICENSEE
may not modify, copy, transfer or otherwise use Admin Server, or
Console, and all licenses granted in this Section 2 are automatically
terminated if LICENSEE does so.
2.2 CHANGE IN LICENSING. It is Red Hat's intent to change the terms
of the license granted in this Section 2 to that of an open source
license. If such change is generally announced to the public,
LICENSEE will have the option to elect to have Admin Server and
Console governed by the terms of such open source license. If
LICENSEE does not make such election, the terms of this Agreement will
continue to govern LICENSEE's use of Admin Server and Console.
\----
Basically, Redhat needs to get with the program[/b] and proceed in Open-Sourcing the fedora-ds "admin server" and "console" like they say they eventually will[/b] (in Section 2.2 above). Until then, I'll stop using this VM and delete it (as interesting as it is) as I don't want to risk running afoul of Redhat's lawyers. I would advise the same for anyone else who has downloaded this VM. BTW, IANAL.
Mr. Lackey, I'm on your side, don't get me wrong! I hope this VM you've made gives Redhat a very concrete reason to Open source all of fedora-ds. If fedore-ds is to ever take off in popularity, Redhat needs to make it much more easy to set up and use, which your VM will do a great job of. By distributing fedora-ds in a VM, fedora-ds becomes much more of a "turn-key" solution, which attract much more attention. And much more attention is needed in order to form a larger community around fedora-ds.
totro2:
Thank you for your vigilance! However, I think the particulars in this case are not as you have found. Since version 1.0 of the Fedora DS both the console and the admin server have been open sourced. They are released under the GPL, and should be fully redestributable.
Reference:
http://directory.fedora.redhat.com/wiki/Licensing#Admin_Server_and_Management_Console
totro2:
Regarding the error you encountered starting the console. One thing that I would try is to download and install the Sun Java distribution and see if the error recurs. Information about using a different JRE is provided by Fedora at http://fedoranews.org/mediawiki/index.php/JPackage_Java_for_FC4.
Also, since the VM does not have X installed you may wish to install it to use the Java console on the local VM. You may also wish to see
http://directory.fedora.redhat.com/wiki/Howto:WindowsConsole for information regarding using the console from Windows if you use that platform as well.
totro2:
Also, in case you were not aware, there is a web based administration interface as well. To access it, visit: http://
:
/. The URL is the same as is printed at the end of setup, or used by startconsole. From your previous post, it would be http://foo.bar.com:56980/.Message was edited by:
telackey
Hi,
I would like to know "how" to download and "use" your vmware LDAP appliance. I already have Fedora 5 Core install on my vmware workstation.
Thanks for your help.
Starting with step 1, to download it you'll need a BitTorrent client. There are several available. This is a very far from complete sampling:
1) Azureus (http://azureus.sourceforge.net)
2) BitComet (http://www.bitcomet.com)
3) Official Client (http://www.bittorrent.com)
I personally prefer Azureus, but they all do the same work, so you can pick the one that suites you best.
Once you've downloaded the appliance, you'll want to make an entry for it in your DNS server. That is because the Directory Server looks up its hostname during its setup. You may be able to skip this step if you have a dynamic DNS server setup.
Next step, make a quick snapshot and then boot the appliance and login as root with a password of "password". You'll be prompted to enter the network configuration info (ie, hostname, IP address, etc.) and then go through the Fedora Directory Server setup.
Here is an example setup:
\--
Please select the install mode:
1 - Express - minimal questions
2 - Typical - some customization (default)
3 - Custom - lots of customization
Please select 1, 2, or 3 (default: 2) 2
Hostname to use (default: test2.redbudcomputer.local)
Server user ID to use (default: nobody)
Server group ID to use (default: nobody)
…
Do you want to register this software with an existing
Fedora configuration directory server? \[No]: No
…
Do you want to use another directory to store your data? \[No]: No
…
Directory server network port \[389]: 389
…
Directory server identifier \[test2]: test2
…
administrator ID \[admin]: admin
Password:
Password (again):
…
Suffix \[dc=redbudcomputer, dc=local]: dc=redbudcomputer, dc=local
…
Directory Manager DN \[cn=Directory Manager]: cn=Directory Manager
Password:
Password (again):
…
Administration Domain \[redbudcomputer.local]: redbudcomputer.local
…
Administration port \[65342]: 65432
…
Run Administration Server as \[root]: root
…
…
\[slapd-test2]: starting up server ...
\[slapd-test2]: Fedora-Directory/1.0.2 B2006.111.2147
\[slapd-test2]: test2.redbudcomputer.local:389 (/opt/fedora-ds/slapd-test2)
\[slapd-test2]:
\[slapd-test2]: \[05/Aug/2006:10:23:15 -0400] - Fedora-Directory/1.0.2 B2006.111.2
147 starting up
\[slapd-test2]: \[05/Aug/2006:10:23:16 -0400] - slapd started. Listening on All I
nterfaces port 389 for LDAP requests
Your new directory server has been started.
Created new Directory Server
Start Slapd Starting Slapd server configuration.
Success Slapd Added Directory Server information to Configuration Server.
Configuring Administration Server...
Setting up Administration Server Instance...
Configuring Administration Tasks in Directory Server...
Configuring Global Parameters in Directory Server...
You can now use the console. Here is the command to use to start the console:
cd /opt/fedora-ds
./startconsole -u admin -a http://test2.redbudcomputer.local:65432/
\--
When the setup is done, open your web browser and point it to the address listed above (in this case, http://test2.redbudcomputer.local:65432/) to begin administering the server. If you’d prefer to use the Java console instead, you’ll need to copy it to another machine or install X in the appliance (eg, ‘yum -y groupinstall "GNOME Desktop Environment"’).
There is a lot to the server, so you’ll want to look into the Fedora documentation page(http://directory.fedora.redhat.com/wiki/Documentation), the Fedora DS Install Guide (http://directory.fedora.redhat.com/wiki/Install_Guide) and best of all the full RedHat documentation (http://www.redhat.com/docs/manuals/dir-server/).
Given that you already have a Fedora Core 5 installation, you might prefer to install the RPMs in that yourself. You can download them from the FDS download page: http://directory.fedora.redhat.com/wiki/Download.
I hope that helps!
Well what I have found so far is that both this VMWare image and the directory server are nothing more than a complete waste of time. It just does not work, why would anyone even waste the time to build a VM image to showcase something that will not run is beyond me. I would advise anyone just not to waste their time on this project.
I'd like to help, but "doesn't work" is a bit too vague a complaint to admit any help. The best I can do is guess, and ask did you follow the notes in the post above or in the installation summary on the VMTN page and make an entry in your DNS server for the appliance? It must[/I] be able to look it up during setup for the LDAP server to start.
Well first, if to get this working we need to download the Sun Java distribution, then this is not a complete VM appliance.
All this gives are error messages:
\[root@fc5 fedora-ds]# ./startconsole -u -a http://fc5.xxx-xxx.com:7667
GC Warning: Out of Memory! Returning NIL!
Exception in thread "main" GC Warning: Out of Memory! Returning NIL!
GC Warning: Out of Memory! Returning NIL!
\*** Catastrophic failure while handling uncaught exception.
GC Warning: Out of Memory! Returning NIL!
\[root@fc5 fedora-ds]# ./startconsole -u -a http://fc5.xxx-xxx.com:7667
GC Warning: Out of Memory! Returning NIL!
Exception in thread "main" GC Warning: Out of Memory! Returning NIL!
java.awt.AWTError: Cannot load AWT toolkit: gnu.java.awt.peer.gtk.GtkToolkit
\*** Got java.lang.OutOfMemoryError while trying to print stack trace.
\[root@fc5 admin]# ./admconfig
./admconfig: line 55: /opt/fedora-ds/bin/base/jre/bin/java: No such file or directory
./admconfig: line 55: exec: /opt/fedora-ds/bin/base/jre/bin/java: cannot execute: No such file or directory
Now I already went through the route of installing Sun's Java on another Fedora installation, and quite frankly I would rather pull my nails out than do that again. The problem is we just can not get to the http page period.
Has this issue been resolved?
I also get the "Out of Memory!" error and "Cannot load AWT toolkit..." error when trying to start the console.
jrichardson:
The solution to that those errors is in two parts. The first is that to fix the Java error, Sun's Java should be used. The second is that the Java console requires X, which isn't installed. I'd like to mention, as to why those aren't installed, that the Directory Server is functional by using the command line tools and the web[/i] interface, both of which are installed and work. The only part that is giving the trouble is the Java console, which I didn't actually expect people to run since X wasn't installed.
The good news is that the fixes are simple:
Install X:
yum -y groupinstall "GNOME Desktop Environment"
yum -y groupinstall "X Window System"
init 5
Install Java:
1. Download the Linux 32b Java RPM from Sun
2. chmod a+x jre-/bin/java java
Hope that helps! Sorry it gave you trouble.
Edit:
I thought it might also be useful to know, there are some good LDAP browsers available, such as JXplorer (http://www.jxplorer.org/) and LDP (part of the MS support tools) that make pleasant work of browsing a directory tree. Those would be particularly of interest to those not using the Java console, which provides an LDAP browser as well.
Message was edited by:
telackey
The appliance will not download at the moment. Perhaps you can find out why. I tried several times and used two popular bittorrent clients.
The appliance will not download at the moment.
Perhaps you can find out why. I tried several times
and used two popular bittorrent clients.
The best guess I can make is that perhaps there weren't very many people seeding the torrent. I've got my client open, at least, so hopefully you can get a better download now.
There is a problem with the vmware torrent server. I just got an email reply today that they will look into the problem. No idea if this will be now or the work week.
Message was edited by:
normanb
There is a problem with the vmware torrent server. I
just got an email reply today that they will look
into the problem. No idea if this will be now or the
work week.
normanb:
Thanks for the info!
I am starting to see hits against my torrent server again as of today (08/28), so it looks like they may have just fixed the problem. Hopefully the result will be that downloads resume at a decent pace.
I'm getting the following error when i try to login to the admin web
Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
I'm getting the following error when i try to login
to the admin web
Authorization Required
This server could not verify that you are authorized
to access the document requested. Either you supplied
the wrong credentials (e.g., bad password), or your
browser doesn't understand how to supply the
credentials required.
It could mean different things depending on where you are trying to login, but I’ll give both really quickly.
If you are logging in to “Fedora Admin Express,” you want to login with the username “admin” and whatever password you set for the “admin” user during setup.
If trying to login to the “Directory Server Gateway,” you’ll want to click “Directory Server Gateway->Authenticate” and then the button labeled “Authenticate as directory manager.” Then you can enter the password for the directory manager, which would also be given during setup, and login.
I hope that helps!
Has anybody gotten this thing to work? Dont get me wrong, I appreciate the effort and all, but after trying to get it up and running for more than one week. I need to call it quits.
For starters, I am not able load the web interface. Like an earlier comment posted by another tester, I got the Authorization Required message in my browser. This is despite turning off firewall, SELinux and making sure Apache is running.
Then I tried to log on via startconsole. I got GNOME, X and Java installed. I am able to get the Mangement Console log on screen but I am not able to log on. I have tried Admin, Directory Manager logging on to localhost, direct IP, host name etc. They all give me the same message, "Cannot logon because of an incorrect User ID, incorrect password or Directory Problem"
I have also tried JXplorer as recommended. I was able to log on using Anonymous user. Admin + password doesn't work. I am also unable to make any modifications to LDAP since I am logged on as Anonymous.
\*sigh*