Hi Morgan,
your mail arrived one day late for me, it seems that the
fedora mailman-server held it for some time before releasing it.
You seem to have found the solution. When I ran the setup interactively
with --keepcache the SlapdConfigForMC option was not set at all for the
slave. If I manually set it in the inf-file to "no" it all works as
intended. I'm just curious as to why the --keepcache-option would
produce an output that does not reproduce my input…
In the meantime I had it working with an except-script. If anyone for
any reason would like to use this over a silent install I'm going to
add my ansible template for it here:
#!/usr/bin/expect -f
spawn setup-ds-admin.pl
expect "continue with set up"
send "yes\r"
expect "Would you like to continue"
send "yes\r"
expect "Choose a setup type"
send "2\r"
expect "Computer name"
send "\r"
expect "System User"
send "\r"
expect "System Group"
send "\r"
expect "configuration directory server"
{% if dirsrv_mode == "master" %}
send "no\r"
expect "administrator ID"
send "\r"
expect "Password"
send "{{ vault_dirsrv_admin_server_password }}\r"
expect "Password (confirm)"
send "{{ vault_dirsrv_admin_server_password }}\r"
expect "Administration Domain"
send "\r"
{% else %}
send "yes\r"
expect "Configuration directory server URL"
send "ldap://{{ dirsrv_config_host }}:389/o=NetscapeRoot\r"
expect "Configuration directory server admin ID"
send "\r"
expect "Configuration directory server admin password"
send "{{ vault_dirsrv_admin_server_password }}\r"
expect "Configuration directory server admin domain"
send "\r"
{% endif %}
expect "Directory server network port"
send "389\r"
expect "Directory server identifier"
send "\r"
expect "Suffix"
send "\r"
expect "Directory Manager DN"
send "\r"
expect "Password"
send "{{ vault_dirsrv_directory_manager_password }}\r"
expect "Password (confirm)"
send "{{ vault_dirsrv_directory_manager_password }}\r"
expect "Administration port"
send "\r"
expect "Are you ready to set up your servers"
send "\r"
expect "Log file is"
send_user "$expect_out(buffer)"
exit 0
Julian
Am Mon, 18 Sep 2017 16:41:46 -0400
schrieb Morgan Jones <morgan(a)morganjones.org>:
Hello Julian et al,
I’ve resolved my unrelated issues and now I'm pretty sure the process
to install several servers with a common config host using inf files
is this. I’d love some feedback from others if you feel this is
wrong, this is just from trial and error on my part and it’s not
particularly intuitive:
Do an install with setup-ds-admin.pl —keepcache
Take the resulting .inf and change:
SlapdConfigForMC = yes on the server you want to install the config
tree, SlapdConfigForMC = no on the rest, and
UseExistingMC = 0 on the server you want to install the config tree,
and UseExistingMC = 1 on the rest and
Also put adm.conf at /etc/dirsrv/admin-serv/adm.conf.
Here’s an update to the links below, I renamed the .inf template.
These should be immutable:
https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940ea...
https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940ea...
https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940ea...
-morgan
> On Sep 15, 2017, at 12:56 PM, Morgan Jones <morgan(a)morganjones.org>
> wrote:
>
> Hello Julia,
>
> I’m troubleshooting this exact behavior. So far I’ve found if you
> create an /etc/dirsrv/admin-serv/adm.conf before the silent install
> it works. However we just went through a host domain name change
> (long story) and I’m having I think unrelated problems. I hope to
> resolve that shortly and then I might have a more definitive answer.
>
> In the mean time this may be helpful to you:
>
https://github.com/morganllj/ansible-playbooks/blob/develop/templates/389...
>
https://github.com/morganllj/ansible-playbooks/blob/develop/templates/adm...
>
> Here’s where they’re used if you are familiar with ansible:
>
https://github.com/morganllj/ansible-playbooks/blob/develop/install_389.yml
>
> -morgan
>
>
>> On Sep 15, 2017, at 11:49 AM, Julian Kippels <kippels(a)hhu.de>
>> wrote:
>>
>> Hi,
>>
>> I was playing around with silent installs and found out that the
>> final configuration differs from interactive installations. Here
>> is what I did:
>>
>> I installed two servers on different machines ds-1.localdomain and
>> ds-2.localdomain. ds-1 is used as a master and ds-2 is supposed to
>> use it as its configuration server.
>> Both machines run RHEL 7.4 with the latest EPEL-builds of 389-ds.
>>
>> First I used setup-ds-admin.pl --keepcache interactively first on
>> ds-1 and told it not to use an existing configuration server, then
>> on ds-2 and told it to use ds-1. When I connect to ds-1 using
>> 389-console I can see both ds-1 and ds-2.
>> Then I took the generated .inf-files, removed all traces from the
>> previous instances from both machines using remove-ds-admin.pl -a
>> -f -y and then ran setup-ds-admin.pl --silent --file=ds-1.inf and
>> --file=ds-2.inf respectively. When I connect to ds-1 now, I only
>> see ds-1, to see ds-2 I have to connect to ds-2 with 389-console.
>>
>> The .inf-files look like this:
>> --------
>> $ cat ds-1.inf
>> [General]
>> AdminDomain = localdomain
>> ConfigDirectoryAdminID = admin
>> ConfigDirectoryAdminPwd = XXX
>> ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot
>> FullMachineName = ds-1.localdomain
>> ServerRoot = /usr/lib64/dirsrv
>> StrictHostCheck = true
>> SuiteSpotGroup = dirsrv
>> SuiteSpotUserID = dirsrv
>> [admin]
>> Port = 9830
>> ServerAdminID = admin
>> ServerAdminPwd = XXX
>> ServerIpAddress = 0.0.0.0
>> SysUser = dirsrv
>> [slapd]
>> start_server = 0
>> AddOrgEntries = Yes
>> AddSampleEntries = No
>> HashedRootDNPwd = XXX
>> InstScriptsEnabled = true
>> InstallLdifFile = suggest
>> RootDN = cn=Directory Manager
>> RootDNPwd = XXX
>> ServerIdentifier = ds-1
>> ServerPort = 389
>> SlapdConfigForMC = yes
>> Suffix = dc=localdomain
>> UseExistingMC = 0
>> bak_dir = /var/lib/dirsrv/slapd-ds-1/bak
>> bindir = /usr/bin
>> cert_dir = /etc/dirsrv/slapd-ds-1
>> config_dir = /etc/dirsrv/slapd-ds-1
>> datadir = /usr/share
>> db_dir = /var/lib/dirsrv/slapd-ds-1/db
>> ds_bename = userRoot
>> inst_dir = /usr/lib64/dirsrv/slapd-ds-1
>> ldif_dir = /var/lib/dirsrv/slapd-ds-1/ldif
>> localstatedir = /var
>> lock_dir = /var/lock/dirsrv/slapd-ds-1
>> log_dir = /var/log/dirsrv/slapd-ds-1
>> naming_value = rz
>> run_dir = /var/run/dirsrv
>> sbindir = /usr/sbin
>> schema_dir = /etc/dirsrv/slapd-ds-1/schema
>> sysconfdir = /etc
>> tmp_dir = /tmp
>> --------
>> $ cat ds-2.inf
>> [General]
>> AdminDomain = localdomain
>> ConfigDirectoryAdminID = admin
>> ConfigDirectoryAdminPwd = XXX
>> ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot
>> FullMachineName = ds-2.localdomain
>> ServerRoot = /usr/lib64/dirsrv
>> StrictHostCheck = true
>> SuiteSpotGroup = dirsrv
>> SuiteSpotUserID = dirsrv
>> [admin]
>> Port = 9830
>> ServerAdminID = admin
>> ServerAdminPwd = XXX
>> ServerIpAddress = 0.0.0.0
>> SysUser = dirsrv
>> [slapd]
>> AddOrgEntries = Yes
>> AddSampleEntries = No
>> HashedRootDNPwd = XXX
>> InstScriptsEnabled = true
>> InstallLdifFile = suggest
>> RootDN = cn=Directory Manager
>> RootDNPwd = XXX
>> ServerIdentifier = ds-2
>> ServerPort = 389
>> Suffix = dc=localdomain
>> UseExistingMC = 1
>> bak_dir = /var/lib/dirsrv/slapd-ds-2/bak
>> bindir = /usr/bin
>> cert_dir = /etc/dirsrv/slapd-ds-2
>> config_dir = /etc/dirsrv/slapd-ds-2
>> datadir = /usr/share
>> db_dir = /var/lib/dirsrv/slapd-ds-2/db
>> ds_bename = userRoot
>> inst_dir = /usr/lib64/dirsrv/slapd-ds-2
>> ldif_dir = /var/lib/dirsrv/slapd-ds-2/ldif
>> localstatedir = /var
>> lock_dir = /var/lock/dirsrv/slapd-ds-2
>> log_dir = /var/log/dirsrv/slapd-ds-2
>> naming_value = rz
>> run_dir = /var/run/dirsrv
>> sbindir = /usr/sbin
>> schema_dir = /etc/dirsrv/slapd-ds-2/schema
>> sysconfdir = /etc
>> tmp_dir = /tmp
>>
>> I think this unintended behaviour and should be fixed. Unless I
>> did a mistake somewhere, but I can't see where…
>>
>> Julian
>> _______________________________________________
>> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
>> To unsubscribe send an email to
>> 389-users-leave(a)lists.fedoraproject.org
> _______________________________________________
> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> To unsubscribe send an email to
> 389-users-leave(a)lists.fedoraproject.org
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to
389-users-leave(a)lists.fedoraproject.org
--
---------------------------------------------------------
| | Julian Kippels
| | M.Sc. Informatik
| |
| | Zentrum für Informations- und Medientechnologie
| | Heinrich-Heine-Universität Düsseldorf
| | Universitätsstr. 1
| | Raum 25.41.O1.36
| | 40225 Düsseldorf / Germany
| |
| | Tel: +49-211-811-4920
| | mail: kippels(a)hhu.de
| | jabber: jukip100(a)xmpp.hhu.de
---------------------------------------------------------