[Freeipa-users] Re: Creating_a_binddn_for_Foreman

Mon, 23 Dec 2024 09:19:58 -0800 

On Пан, 23 сне 2024, Dirk Streubel via FreeIPA-users wrote:

Hello everbody,

i want to create a bindddb for Foreman and i find this documentation:

https://www.freeipa.org/page/Creating_a_binddn_for_Foreman

So i make a file with thid contents:

root@ipa9:~# cat foreman-binddn.update
dn: uid=foreman,cn=sysaccounts,cn=etc,dc=linux,dc=schnell,dc=er
default:objectclass:account
default:objectclass:simplesecurityobject
default:uid:foreman
only:userPassword:Test123$
only:nsIdleTimeout:0

After this i make :

ipa-ldap-updater foreman-binddn.update

and the result ist this:
2024-12-23T12:23:09Z DEBUG flushing ldapi://%2Frun%2Fslapd-LINUX-SCHNELL-ER.socket from SchemaCache 2024-12-23T12:23:09Z DEBUG retrieving schema for SchemaCache url=ldapi://%2Frun%2Fslapd-LINUX-SCHNELL-ER.socket conn=<ldap.ldapobject.SimpleLDAPObject object at 0x 
9f55e50>
2024-12-23T12:23:09Z DEBUG Parsing update file 'foreman-binddn.update'
2024-12-23T12:23:09Z DEBUG Destroyed connection context.ldap2_281472470150800 2024-12-23T12:23:09Z DEBUG   File "/usr/lib/python3.13/site-packages/ipapython/admintool.py", line 180, in execute 
    return_value = self.run()
  File "/usr/lib/python3.13/site-packages/ipaserver/install/ipa_ldap_updater.py", line 150, in run 
    modified = ld.update(self.files) or modified
               ~~~~~~~~~^^^^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/ipaserver/install/ldapupdate.py", line 1040, in update 
    self.parse_update_file(f, data, all_updates)
    ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/ipaserver/install/ldapupdate.py", line 596, in parse_update_file 
    emit_item(logical_line)
    ~~~~~~~~~^^^^^^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/ipaserver/install/ldapupdate.py", line 446, in emit_item 
    logical_line = self._template_str(logical_line)
  File "/usr/lib/python3.13/site-packages/ipaserver/install/ldapupdate.py", line 409, in _template_str 
    return ipautil.template_str(s, self.sub_dict)
           ~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/ipapython/ipautil.py", line 303, in template_str 
    val = string.Template(txt).substitute(vars)
  File "/usr/lib64/python3.13/string.py", line 121, in substitute
    return self.pattern.sub(convert, self.template)
           ~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib64/python3.13/string.py", line 118, in convert
    self._invalid(mo)
    ~~~~~~~~~~~~~^^^^
  File "/usr/lib64/python3.13/string.py", line 101, in _invalid
    raise ValueError('Invalid placeholder in string: line %d, col %d' %
                     (lineno, colno))
2024-12-23T12:23:09Z DEBUG The ipa-ldap-updater command failed, exception: ValueError: Invalid placeholder in string: line 1, col 26 2024-12-23T12:23:09Z ERROR Unexpected error - see /var/log/ipaupgrade.log for details: 
ValueError: Invalid placeholder in string: line 1, col 26
2024-12-23T12:23:09Z ERROR The ipa-ldap-updater command failed. See /var/log/ipaupgrade.log for more information
In the documentation there is $Suffix and only:passwordExpirationTime:20380119031407Z, with these options or without the result is same 

Any ideas what i am doing wrong?


Does your password contain '$' sign? Like in the sample?

If so, then you need to dublicate it, e.g. use '$$' instead of '$'.
See https://docs.python.org/3/library/string.html#template-strings for
details.



Regards

Dirk


--
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue




--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland

--
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to