<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body bgcolor="#ffffff" text="#000000">
Fedora-ds-1.1.1 on Fedora 7 + (the + is back ports from 8/9, all of the
updates applied, and additional packages I have cross ported)<br>
<br>
I have succeeded in getting a fault tolerant mesh configured that
consists of 2 or more Multi-Master servers, a number of Hub (0+) and a
number of consumers (0+).<br>
<br>
I have done this by modifying mmr.pl to accept --host1_role and
--host2_role parameters which can be set to supplier, hub, or consumer.<br>
<br>
For all of the usual DCROOTs i.e. not o=NetscapeRoot I set the
relationships up as implied i.e. supplier<->supplier for the
Multi-Master Hosts, supplier<->hub, hub<->consumer.<br>
Where the site is too small for hub servers I have gone
supplier<->consumer direct. Inter-site topology and hub grouping
within sites is left as an exercise for the reader (me when it comes
back to bite me...)<br>
<br>
For the o=Netscape I have chosen to use supplier<->supplier
relationships but to apply the same topology.<br>
<br>
Sequence of events are:<br>
<ul>
<li>On first Master<br>
</li>
</ul>
<ol>
<ol>
<li>Install clean environment - erase rpm's delete residual files,
install rpms, patch dirsrv-admin startup to work!</li>
<li>Run setup-ds-admin.pl in silent mode, this adds schema files.
The inf file has SlapdConfigMC=1, UseExistingMC=0 and points
ConfigDirectoryLdapURL to this host.<br>
</li>
<li>Set up SSL certs using certutil commands and openssl supplied
certificates from our CA.</li>
<li>Restart dirsrv and dirsrv-admin</li>
<li>Create 2nd and subsequent DCROOTS with default aci's and
"standard" container entries</li>
<li>Preload data into DCROOTS for users and other objects being
migrated.</li>
</ol>
</ol>
<ul>
<li>On other servers - doing other masters first, followed by hubs
and then consumers - carry out steps 1-5 above creating the
o=NetscapeRoot DCROOT as well.</li>
<ul>
<li>The inf file has SlapdConfigMC=1, UseExistingMC=1 and points
ConfigDirectoryLdapUrl to the first Master</li>
</ul>
<li>Then run the mmr.pl script on each connection for each DCROOT
starting with replicating the first master to all other masters, then
to hubs, then other masters to hubs and finally hubs to consumers.<br>
</li>
<ol>
<li>For o=NetscapeRoot run mmr.pl as supplier<->supplier,
otherwise honor the role played by each server.</li>
<li>Replace entries in cn=UserDirectory, ou=Global Preferences,
ou=<localdomain>, o=NetscapeRoot for nsDirectoryFailoverList with
one for each server other than the first master which is mentioned in
the nsDirectoryURL entry in the same object. <b>Is this the right sort
of thing to do?</b></li>
<li>On every host alter the cn=Pass Through
Authentication,cn=plugins,cn=config object to have nssslapd-pluginarg0
to reference that host rather than the first master. <b>Is this
correct on the consumers (or hubs)? </b>I am assuming that this is for
authentication not for password modification purposes! Which brings up
the question of where in the consumers and hubs do I put referrals to
the Master(s)?</li>
<li>Edit adm.conf on each host to change the ldapurl to point to
the local host.</li>
</ol>
</ul>
Now assuming that this was the right thing to do I now need to set up
referrals for writing to the system from the consumers and hubs back to
the "site" masters. Where do I put this information? <br>
<br>
I am also getting these errors logged on the first master!<br>
<br>
Feb 28 22:00:35 bastion ns-slapd: auxpropfunc error invalid parameter
supplied<br>
Feb 28 22:00:35 bastion ns-slapd: sql_select option missing<br>
Feb 28 22:00:35 bastion ns-slapd: auxpropfunc error no mechanism
available<br>
<br>
These are appearing about every 15 minutes. Anybody any idea where
these are coming from?<br>
<br>
Finally the shutdown time for the dirsrv servers on the suppliers is
extremely long - orders of minutes, what could be causing this?<br>
<br>
<div class="moz-signature">-- <br>
<title>Signature</title>
<div class="Section1">
<table class="MsoNormalTable" style="width: 100%;" border="0"
cellpadding="0" width="100%">
<tbody>
<tr style="">
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal">Howard Wilkinson</p>
</td>
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal">Phone:</p>
</td>
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal">+44(20)76907075</p>
</td>
</tr>
<tr style="">
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal">Coherent Technology Limited</p>
</td>
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal">Fax:</p>
</td>
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal"> </p>
</td>
</tr>
<tr style="">
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal">23 Northampton Square,</p>
</td>
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal">Mobile:</p>
</td>
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal">+44(7980)639379</p>
</td>
</tr>
<tr style="">
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal">United Kingdom, EC1V 0HL</p>
</td>
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal">Email:</p>
</td>
<td style="padding: 1.5pt;" valign="top">
<p class="MsoNormal"><a name="howardcohtech.com"></a><a class="moz-txt-link-abbreviated" href="mailto:howard@cohtech.com">howard@cohtech.com</a></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"> </p>
</div>
</div>
</body>
</html>