OESCommonProxy without a LDAP service at localhost

0 Likes

When you use /opt/novell/proxymgmt/change_proxy_pwd.sh and get an error in the /var/opt/novell/log/proxymgmt/pxymgmt.log this is mostly because the script uses the localhost for LDAP requests. But if there is no local eDir/nldap the requests fail!

Unfortunately the LDAP address for localhost is hard coded. To get the request running without have an local LDAP service, first backup the original file:

# cd /opt/novell/proxymgmt/
# cp -a change_proxy_pwd.sh change_proxy_pwd.sh_bak



then add the line:

LDAP_SRV=$(grep preferred-server /etc/nam.conf | cut -f2 -d=)



at the beginning of the script.

eg:

...
echo " example3: To provide the proxy details in interactive way: ./change_proxy_pwd.sh -A no "
echo ""
exit 1;
}

LDAP_SRV=$(grep preferred-server /etc/nam.conf | cut -f2 -d=)

# This function executes the given command to retrieve or update the proxy credentials. It also retries the execution of the same command for 3 times in case of failure. This method is added to #provide the fix for the bug #859412.
RetrieveOrUpdateProxyCredentials()
...



This will read the preferred LDAP-Server from nam.conf and load the address to the variable LDAP_SRV.

(Maybe you'll want to check before if NAM is configured in a correct manner and the LDAP-Server is reachable )

Next leave the editor and replace all 127.0.0.1 with $LDAP_SRV

# sed s/127.0.0.1/\$LDAP_SRV/g change_proxy_pwd.sh_bak > change_proxy_pwd.sh


as an alternative use your preferred local editor to do this.

Next add the line:

TLS_REQCERT     allow


to /etc/openldap/ldap.conf (see TID7010961).

With these minor changes the change_proxy_pwd script is able to reach the LDAP-Server and the request is successful.

WARNING!
Do this on you own risk! And be aware that further updates from Micro Focus can replace your changes.

 

Labels:

How To-Best Practice
Comment List
Related
Recommended