Problème LDAP sur nouvelle installation

Merci ! Mais malgré cela lors de la post-installation j’obtiens une erreur :

error: Domain already exist

Le problème viens de moi ?

Merci encore pour votre aide !

Tu as procédé comment pour ta postinstallation … tu as réinstallé le serveur avant ?

Non, j’installe un nouveau serveur chez un ami, première installation ici. Tout se passe bien jusque là, et arrivé à la postinstallation j’obtient :

Error when trying to inject ‘cn=admin,ou=sudo’ -> ‘{‘cn’: ‘admin’, ‘sudoCommand’: ‘ALL’, ‘sudoUser’: ‘admin’, ‘objectClass’: [‘sudoRole’, ‘top’], ‘sudoOption’: ‘!authenticate’, ‘sudoHost’: ‘ALL’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘cn=sftpusers,ou=groups’ -> ‘{‘objectClass’: [‘posixGroup’, ‘top’], ‘memberUid’: ‘admin’, ‘gidNumber’: ‘4002’, ‘cn’: ‘sftpusers’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘cn=admins,ou=groups’ -> ‘{‘objectClass’: [‘posixGroup’, ‘top’], ‘memberUid’: ‘admin’, ‘gidNumber’: ‘4001’, ‘cn’: ‘admins’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘ou=users’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘users’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘ou=apps’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘apps’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘ou=sudo’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘sudo’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘ou=groups’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘groups’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Error when trying to inject ‘ou=domains’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘domains’}’ into ldap: Une erreur est survenue lors de l’opération LDAP

Success: LDAP hes been initialized
Success: The local certification authority has been created.

Error: domain already exists

Hmben il y a un soucis avec ton LDAP … qu’est-ce que raconte systemctl status slapd ?

Alors je fait une install par-dessus armbian, et si je fait yunohost systemctl status slapd, il me dit Error: Yunohost is not correctly install. Please execute 'yunohost tools postinstall'

Juste systemctl status slapd

root@tem0:~# systemctl status slapd

  • slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)
    Loaded: loaded (/etc/init.d/slapd; generated; vendor preset: enabled)
    Active: active (running) since Fri 2019-07-19 14:07:02 UTC; 22h ago
    Docs: man:systemd-sysv-generator(8)
    Process: 3882 ExecStop=/etc/init.d/slapd stop (code=exited, status=0/SUCCESS)
    Process: 3889 ExecStart=/etc/init.d/slapd start (code=exited, status=0/SUCCESS)
    Tasks: 4 (limit: 4915)
    CGroup: /system.slice/slapd.service
    `-3895 /usr/sbin/slapd -h ldap://127.0.0.1:389/ ldaps:/// ldapi:/// -g openldap -u openldap -F /etc/ldap/slapd.d

Jul 19 14:07:02 bananapim3 systemd[1]: Starting LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)…
Jul 19 14:07:02 bananapim3 slapd[3894]: @(#) $OpenLDAP: slapd (May 23 2018 04:25:19) $
Debian OpenLDAP Maintainers pkg-openldap-devel@lists.alioth.debian.org
Jul 19 14:07:02 bananapim3 slapd[3895]: slapd starting
Jul 19 14:07:02 bananapim3 slapd[3889]: Starting OpenLDAP: slapd.
Jul 19 14:07:02 bananapim3 systemd[1]: Started LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol).

Et si tu le redémarre avec systemctl restart slapd puis relance la posinstall, est-ce que ça améliore la situation ?

Sinon éventuellement tu peux tenter ce script :confused: https://raw.githubusercontent.com/alexAubin/yunoScripts/master/resetPostinstall.sh

1 Like

root@tem0:~# systemctl restart slapd
root@tem0:~# yunohost tools postinstall
Main domain: tem0.nohost.me
You are now about to define a new administration password. The password should be at least 8 characters - though it is good practice to use longer password (i.e. a passphrase) and/or to use various kind of characters (uppercase, lowercase, digits and special characters).
New administration password:
Confirm new administration password:
Info: Installing YunoHost…
Warning: Error when trying to inject ‘ou=domains’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘domains’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘ou=groups’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘groups’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘ou=sudo’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘sudo’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘ou=apps’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘apps’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘ou=users’ -> ‘{‘objectClass’: [‘organizationalUnit’, ‘top’], ‘ou’: ‘users’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘cn=admins,ou=groups’ -> ‘{‘objectClass’: [‘posixGroup’, ‘top’], ‘memberUid’: ‘admin’, ‘gidNumber’: ‘4001’, ‘cn’: ‘admins’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘cn=sftpusers,ou=groups’ -> ‘{‘objectClass’: [‘posixGroup’, ‘top’], ‘memberUid’: ‘admin’, ‘gidNumber’: ‘4002’, ‘cn’: ‘sftpusers’}’ into ldap: An error occurred during LDAP operation
Warning: Error when trying to inject ‘cn=admin,ou=sudo’ -> ‘{‘cn’: ‘admin’, ‘sudoCommand’: ‘ALL’, ‘sudoUser’: ‘admin’, ‘objectClass’: [‘sudoRole’, ‘top’], ‘sudoOption’: ‘!authenticate’, ‘sudoHost’: ‘ALL’}’ into ldap: An error occurred during LDAP operation
Success! LDAP has been initialized
Success! The local certification authority has been created.
Info: The operation ‘Postinstall your YunoHost server’ has failed! To get help, please share the full log of this operation using the command ‘yunohost log display 20190720-125536-tools_postinstall-tem0.nohost.me --share’
Error: Domain already exists

Du coup idem, mais je t’ai tout remis propre parce que du coup je suis passé en ssh et je peux faire des copier-coller c’est plus pratique !

Je vais jeter un oeil au script merci !

Et j’y connais rien désolé mais tu sais si je dois rentrer le script ligne par ligne ou est-ce que il y a un moyen de l’exécuter d’un coup ?

Tu peux faire :

curl https://raw.githubusercontent.com/alexAubin/yunoScripts/master/resetPostinstall.sh | bash

Parfait merci c’est exactement ce que je me demander si je pouvais faire !

Je te mets pas tout mais à la fin j’ai un test qui échoue. Je retente la postinstall malgré tout.

Initializing a local SSL certification authority …
(logs available in /tmp/yunohost-ssl-init)
Updating certificates in /etc/ssl/certs…
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d…
done.
config file testing succeeded
nginx: [emerg] SSL_CTX_use_PrivateKey_file(“/etc/yunohost/certs/yunohost.org/key.pem”) failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
nginx: configuration file /etc/nginx/nginx.conf test failed

Oui !!! Ca semble marcher ! :smile:

Merci merci merci ! J’ai donc fait :

curl https://raw.githubusercontent.com/alexAubin/yunoScripts/master/resetPostinstall.sh | bash

Puis j’ai refais dans le doute :

systemctl restart slapd

Et enfin :

yunohost tools postinstall

1 Like

Mais j’ai juste un dernier soucis du coup :

root@tem0:~# yunohost tools postinstall
Main domain: tem0.nohost.me
You are now about to define a new administration password. The password should be at least 8 characters - though it is good practice to use longer password (i.e. a passphrase) and/or to use various kind of characters (uppercase, lowercase, digits and special characters).
New administration password:
Confirm new administration password:
Info: Installing YunoHost…
Success! The configuration has been updated for category ‘nsswitch’
Success! The configuration has been updated for category ‘nslcd’
Success! LDAP has been initialized
Success! The configuration has been updated for category ‘ssl’
Success! The local certification authority has been created.
Info: The operation ‘Add ‘tem0.nohost.me’ domain into system configuration’ has failed! To get help, please share the full log of this operation using the command ‘yunohost log display 20190720-130754-domain_add-tem0.nohost.me --share’
Info: The operation ‘Postinstall your YunoHost server’ has failed! To get help, please share the full log of this operation using the command ‘yunohost log display 20190720-130742-tools_postinstall-tem0.nohost.me --share’
Error: You’ve already subscribed to a DynDNS domain
root@tem0:~#

Erf … a mon avis t’es parti pour refaire un tour de resetPostinstall.sh … mais avant/après ça, fait un :

rm -rf /etc/yunohost/dyndns/
rm /etc/cron.d/yunohost-dyndns

root@tem0:~# resetPostinstall.sh
Could not find the database of available applications, run update-command-not-found as root to fix this
resetPostinstall.sh: command not found

Je parlais de curl https://raw.githubusercontent.com/alexAubin/yunoScripts/master/resetPostinstall.sh | bash

Euh, celle-ci, si j’ai bien compris !