search

OpenIdentityPlatform / OpenDJ

OpenDJ is an LDAPv3 compliant directory service, which has been developed for the Java platform, providing a high performance, highly available, and secure store for the identities managed by your organization. Its easy installation process, combined with the power of the Java platform makes OpenDJ the simplest, fastest directory to deploy and manage.
https://www.openidentityplatform.org/opendj
Other
365 stars 100 forks source link

Start-DS and Stop-DS have unpredictable behaviours #72

Open Marsonge opened 5 years ago

Marsonge commented 5 years ago

Describe the bug When trying to start the domain server using start-ds.bat, or to stop the server either as a Windows service or with stop-ds.bat, the behaviour is unpredictable. Stopping the Windows service or using stop-ds.bat will not kill the server, despite stop-ds.bat exiting with 0.

To Reproduce Steps to reproduce the behavior:

  1. Install OpenDJ as a Windows service. 1a. During installation, the starting of the server works unpredictably. It often fails to start, despite start-ds.bat exiting with 0.
  2. Start the Windows service using net start.
  3. Stop the Windows service.
  4. Check using Task Manager: OpenDJ is still running, despite the Windows service being at Stopped.
  5. Run stop-ds.bat.
  6. Check using Task Manager: OpenDJ is still running, despite stop-ds.bat exiting with 0.

Environment:

maximthomas commented 5 years ago

@Marsonge Hi, I've just reproduced this problem. Trying to find the cause...

maximthomas commented 5 years ago

@Marsonge I think there are couple of reasons, causing this OpenDJ as Windows service issues:

  1. If your OpenDJ instance location configured in separate folder than OpenDJ via instance.loc, service wrapper can't find servier.lock file
  2. Service account don't have access to OpenDJ instance folder

Source file for service wrapper is here: https://github.com/OpenIdentityPlatform/OpenDJ/blob/master/opendj-server-legacy/src/build-tools/windows/service.c

I'll try to fix it, as soon as I can, but still have no time yet.

anilj commented 5 years ago

I see something related on Solaris also. I have to ^C and then it prompts for certificate trust. In the end it throws an access error.


$ bin/stop-ds
Stopping Server...

^CThe server is using the following certificate:
    Subject DN:  CN=hostname1, O=Administration Connector RSA Self-Signed Certificate
    Issuer DN:  CN=hostname1, O=Administration Connector RSA Self-Signed Certificate
    Validity:  Sat Aug 10 00:45:39 UTC 2019 through Fri Aug 05 00:45:39 UTC 2039
Do you wish to trust this certificate and continue connecting to the server?
Please enter "yes" or "no":yes
The entry ds-task-id=cd161aa4-4aee-4af5-9204-dd1e1d88fb97,cn=Scheduled Tasks,cn=Tasks cannot be added due to insufficient access rights
maximthomas commented 5 years ago

@anilj I don't think there's an issue with certificate, the problem is with interaction OpenDJ service wrapper and OpenDJ itself. Because OpenDJ starts successfully, if you start and stop manually

vharseko commented 5 years ago

@maximthomas try add in all (Unix/windows) stop scripts 

-X | —trustAll Trust all server SSL certificates.

https://cdn.rawgit.com/wiki/OpenIdentityPlatform/OpenDJ/docbkx/webhelp/man-pages/stop-ds-1.html

maximthomas commented 4 years ago

Done, but there's no effect

maximthomas commented 3 years ago

@Marsonge Hello may be it's too late, but are you still facing the issue?

Marsonge commented 3 years ago

@maximthomas Hey! Haven't been working with OpenDJ for about 7 months now. I was still facing the issue back then. I ended up working around them using Powershell and find-ldif to check whether the server was running or not programatically.