Vcenter6.0执行STS更新脚本fixsts.sh报错,有知道怎么解决吗。
0
[待解决问题]
./fixsts.sh: line 60: administrator@${DOMAIN^^}: bad substitution
==================================
Detected Root's certificate expiration date: 2032 Mar 10
Detected today's date: 2024 Apr 20
Exporting and generating STS certificate
Status : Success
Using config file : /tmp/vmware-fixsts/certool.cfg
Status : Success
Enter password for administrator@vsphere.local:
Highest tenant credentials index : 1
Exporting tenant 1 to /tmp/vmware-fixsts
./fixsts.sh: line 155: ldapsearch: command not found
Tenant 1 not found
Highest trusted cert chains index: 1
Exporting trustedcertchain 1 to /tmp/vmware-fixsts
./fixsts.sh: line 189: ldapsearch: command not found
Trusted cert chain 1 not found
Applying newly generated STS certificate to SSO domain
ldap_add: No such object (32)
additional info: parent (cn=TrustedCertificateChains,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local) not found, ((MDB_NOTFOUND: No matching key/data pair found)(cn=trustedcertificatechains,cn=vsphere.local,cn=tenants,cn=identitymanager,cn=services,dc=vsphere,dc=local))
adding new entry "cn=TenantCredential-1,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local"
adding new entry "cn=TrustedCertChain-1,cn=TrustedCertificateChains,cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local"
Replacement finished - Please restart services on all vCenters and PSCs in your SSO domain
IMPORTANT: In case you're using HLM (Hybrid Linked Mode) without a gateway, you would need to re-sync the certs from Cloud to On-Prem after following this procedure
==================================
所有回答(2)
0
脚本中出现了几个错误,让我们一一解决它们:
首先,关于报错 ./fixsts.sh: line 60: administrator@${DOMAIN^^}: bad substitution,这个错误可能是因为在当前的shell环境中不支持 ${DOMAIN^^} 这样的转换形式。这个问题可能是由于你正在使用的shell不支持这种语法所导致的。解决方法是确认你使用的是支持此语法的shell,例如bash,或者将该语法替换为更通用的形式。
其次,报错 ./fixsts.sh: line 155: ldapsearch: command not found 表明在脚本中使用了 ldapsearch 命令,但系统中没有找到该命令。这个命令通常在 openldap 或者 ldap-utils 等软件包中。你需要安装相应的软件包以解决这个问题。你可以通过执行 sudo apt install ldap-utils(假设你的系统是基于Debian或者Ubuntu)来安装 ldap-utils 软件包。
最后,报错 ldap_add: No such object (32) 表示在尝试添加新的LDAP条目时出现了问题,可能是因为目标路径不存在。你需要确认在执行LDAP操作时,所操作的目标路径是存在的。你可以通过手动检查LDAP目录结构,或者查看脚本中相关部分的配置来解决这个问题。
修复这些问题后,你可以重新运行脚本并确保没有报错。
0
The author did a fantastic job of presenting a complex topic in a way that was easy to understand. Geometry Dash
