Highlighted
Knowledge Partner
Knowledge Partner
175 views

move_to_common_proxy.sh bug

Hi.

The current versions of move_to_common_proxy.sh script on both OES2015 and 2018 has a bug. After you execute the script with the required information, it asks for the context where to create the common proxy user, and states that if you don't fill it in, it would create it in the server context. That exactly (not specifying the context) doesn't work, and fails with a ldap error, being unable to connect to the ldap server.
If, however, you explicitly enter the server context here, the script works.

 

A quick look in the script seems to show the root of the problem:

 

                #Get the NCP Server context from Root DSE
                #Read RootDSE of local LDAP Server
ROOTDSE=`env LDAPTLS_CACERT=/etc/opt/novell/certs/SSCert.pem /usr/bin/ldapsearch -D "" -s base -H ldaps://127.0.0.1:389 | grep dsaName`

 

 

ldaps and port 389? But even replacing that with 636, this command only produces a "can't contact ldap server (-1). Equally, trying without ldaps against 389 produces "ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available:"

I didn't dive too deep into it, but I think eDirectory simply doesn't allow this unauthenticated.

CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
1 Reply
Knowledge Partner
Knowledge Partner

Re: move_to_common_proxy.sh bug

And here are some more:

1. If you mistype the server context as per above, or whatever context you want to specify for the common proxy user, the script will simply create whatever context you typoed, and create the CP user there. *Very* nasty.
2. If whenever the script asks for confirmation, aka "[y/n] questions, and instead of answering y/n you just hit enter, you get two error messages "unary operator expected", and the script will continue as if you had typed "y".

CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.