Chris Phillips wrote:
On Mon, Jun 22, 2009 at 8:04 PM, Rich Megginson <rmeggins(a)redhat.com
<mailto:rmeggins@redhat.com>> wrote:
Chris Phillips wrote:
Try editing /etc/dirsrv/admin-serv/adm.conf to point to the
correct server, then try register-ds-admin.pl
I'm afraid I'm still in the dark here. The adm.conf is used by
the admin server to contact the DS instance to be managed? I
thought the logic was the other way round, with the DS server
"phoning home" to register itself to the Admin. Either way,
the adm.conf then only lists one server in the ldapurl, and
the other two attributes referencing the server, sie and isie
both get changed to match the server in the ldapurl as part of
the registration, removing all other references to the server
that was in there. So whilst I thought my modifications to
adm.conf (changing the ldapurl from server b to a) on server b
and running register-ds-admin.pl on server b would add server
b to the admin console on server a. Instead it *replaced*
server b with server a on the admin console on server b,
meaning both admin consoles were then registered to administer
server a. Not anything like what I wanted!
Any pointers?
Change adm.conf back to point to which server you want to use as
your main server, and then run setup-ds-admin.pl -u
My main what server? DS or Admin?
DS. The directory server which has the master
copy of o=NetscapeRoot
which contains all of the configuration information for all of the admin
servers and directory servers in your organization.
As I understand that, that will register whatever server is listed as
the ldapurl as the only instance in the Admin server on the box I'm
running this on. Correct?
No.
Am I being deluded about this? I'm expect to log in to an admin server
with the idm console, and see a list of 8 different machines listed
there, and be able to browse the ldap tree of any of those machines,
Yes.
including their o=NetscapeRoot
No. Only the master
configuration DS will have o=NetscapeRoot. The
other servers should not have o=NetscapeRoot (unless you have set up
MMR/failover for o=NetscapeRoot).
and be able to manage ACI's, password policies and such... This
is the
model you recommend, no?
This is the recommended model.
Thanks
Chris
------------------------------------------------------------------------
--
389 users mailing list
389-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users