Julian,
I’m glad that resolved your issue. It’s also nice to know I’m not the only one using
Ansible with 389.
-morgan
On Sep 20, 2017, at 3:37 AM, Julian Kippels <kippels(a)hhu.de>
wrote:
Hi Morgan,
your mail arrived one day late for me, it seems that the
fedora mailman-server held it for some time before releasing it.
You seem to have found the solution. When I ran the setup interactively
with --keepcache the SlapdConfigForMC option was not set at all for the
slave. If I manually set it in the inf-file to "no" it all works as
intended. I'm just curious as to why the --keepcache-option would
produce an output that does not reproduce my input…
In the meantime I had it working with an except-script. If anyone for
any reason would like to use this over a silent install I'm going to
add my ansible template for it here:
#!/usr/bin/expect -f
spawn setup-ds-admin.pl
expect "continue with set up"
send "yes\r"
expect "Would you like to continue"
send "yes\r"
expect "Choose a setup type"
send "2\r"
expect "Computer name"
send "\r"
expect "System User"
send "\r"
expect "System Group"
send "\r"
expect "configuration directory server"
{% if dirsrv_mode == "master" %}
send "no\r"
expect "administrator ID"
send "\r"
expect "Password"
send "{{ vault_dirsrv_admin_server_password }}\r"
expect "Password (confirm)"
send "{{ vault_dirsrv_admin_server_password }}\r"
expect "Administration Domain"
send "\r"
{% else %}
send "yes\r"
expect "Configuration directory server URL"
send "ldap://{{ dirsrv_config_host }}:389/o=NetscapeRoot\r"
expect "Configuration directory server admin ID"
send "\r"
expect "Configuration directory server admin password"
send "{{ vault_dirsrv_admin_server_password }}\r"
expect "Configuration directory server admin domain"
send "\r"
{% endif %}
expect "Directory server network port"
send "389\r"
expect "Directory server identifier"
send "\r"
expect "Suffix"
send "\r"
expect "Directory Manager DN"
send "\r"
expect "Password"
send "{{ vault_dirsrv_directory_manager_password }}\r"
expect "Password (confirm)"
send "{{ vault_dirsrv_directory_manager_password }}\r"
expect "Administration port"
send "\r"
expect "Are you ready to set up your servers"
send "\r"
expect "Log file is"
send_user "$expect_out(buffer)"
exit 0
Julian
Am Mon, 18 Sep 2017 16:41:46 -0400
schrieb Morgan Jones <morgan(a)morganjones.org>:
> Hello Julian et al,
>
> I’ve resolved my unrelated issues and now I'm pretty sure the process
> to install several servers with a common config host using inf files
> is this. I’d love some feedback from others if you feel this is
> wrong, this is just from trial and error on my part and it’s not
> particularly intuitive:
>
> Do an install with setup-ds-admin.pl —keepcache
>
> Take the resulting .inf and change:
> SlapdConfigForMC = yes on the server you want to install the config
> tree, SlapdConfigForMC = no on the rest, and
> UseExistingMC = 0 on the server you want to install the config tree,
> and UseExistingMC = 1 on the rest and
>
> Also put adm.conf at /etc/dirsrv/admin-serv/adm.conf.
>
> Here’s an update to the links below, I renamed the .inf template.
> These should be immutable:
>
https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940ea...
>
https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940ea...
>
https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940ea...
>
> -morgan
>
>
>
>
>> On Sep 15, 2017, at 12:56 PM, Morgan Jones <morgan(a)morganjones.org>
>> wrote:
>>
>> Hello Julia,
>>
>> I’m troubleshooting this exact behavior. So far I’ve found if you
>> create an /etc/dirsrv/admin-serv/adm.conf before the silent install
>> it works. However we just went through a host domain name change
>> (long story) and I’m having I think unrelated problems. I hope to
>> resolve that shortly and then I might have a more definitive answer.
>>
>> In the mean time this may be helpful to you:
>>
https://github.com/morganllj/ansible-playbooks/blob/develop/templates/389...
>>
https://github.com/morganllj/ansible-playbooks/blob/develop/templates/adm...
>>
>> Here’s where they’re used if you are familiar with ansible:
>>
https://github.com/morganllj/ansible-playbooks/blob/develop/install_389.yml
>>
>> -morgan
>>
>>
>>> On Sep 15, 2017, at 11:49 AM, Julian Kippels <kippels(a)hhu.de>
>>> wrote:
>>>
>>> Hi,
>>>
>>> I was playing around with silent installs and found out that the
>>> final configuration differs from interactive installations. Here
>>> is what I did:
>>>
>>> I installed two servers on different machines ds-1.localdomain and
>>> ds-2.localdomain. ds-1 is used as a master and ds-2 is supposed to
>>> use it as its configuration server.
>>> Both machines run RHEL 7.4 with the latest EPEL-builds of 389-ds.
>>>
>>> First I used setup-ds-admin.pl --keepcache interactively first on
>>> ds-1 and told it not to use an existing configuration server, then
>>> on ds-2 and told it to use ds-1. When I connect to ds-1 using
>>> 389-console I can see both ds-1 and ds-2.
>>> Then I took the generated .inf-files, removed all traces from the
>>> previous instances from both machines using remove-ds-admin.pl -a
>>> -f -y and then ran setup-ds-admin.pl --silent --file=ds-1.inf and
>>> --file=ds-2.inf respectively. When I connect to ds-1 now, I only
>>> see ds-1, to see ds-2 I have to connect to ds-2 with 389-console.
>>>
>>> The .inf-files look like this:
>>> --------
>>> $ cat ds-1.inf
>>> [General]
>>> AdminDomain = localdomain
>>> ConfigDirectoryAdminID = admin
>>> ConfigDirectoryAdminPwd = XXX
>>> ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot
>>> FullMachineName = ds-1.localdomain
>>> ServerRoot = /usr/lib64/dirsrv
>>> StrictHostCheck = true
>>> SuiteSpotGroup = dirsrv
>>> SuiteSpotUserID = dirsrv
>>> [admin]
>>> Port = 9830
>>> ServerAdminID = admin
>>> ServerAdminPwd = XXX
>>> ServerIpAddress = 0.0.0.0
>>> SysUser = dirsrv
>>> [slapd]
>>> start_server = 0
>>> AddOrgEntries = Yes
>>> AddSampleEntries = No
>>> HashedRootDNPwd = XXX
>>> InstScriptsEnabled = true
>>> InstallLdifFile = suggest
>>> RootDN = cn=Directory Manager
>>> RootDNPwd = XXX
>>> ServerIdentifier = ds-1
>>> ServerPort = 389
>>> SlapdConfigForMC = yes
>>> Suffix = dc=localdomain
>>> UseExistingMC = 0
>>> bak_dir = /var/lib/dirsrv/slapd-ds-1/bak
>>> bindir = /usr/bin
>>> cert_dir = /etc/dirsrv/slapd-ds-1
>>> config_dir = /etc/dirsrv/slapd-ds-1
>>> datadir = /usr/share
>>> db_dir = /var/lib/dirsrv/slapd-ds-1/db
>>> ds_bename = userRoot
>>> inst_dir = /usr/lib64/dirsrv/slapd-ds-1
>>> ldif_dir = /var/lib/dirsrv/slapd-ds-1/ldif
>>> localstatedir = /var
>>> lock_dir = /var/lock/dirsrv/slapd-ds-1
>>> log_dir = /var/log/dirsrv/slapd-ds-1
>>> naming_value = rz
>>> run_dir = /var/run/dirsrv
>>> sbindir = /usr/sbin
>>> schema_dir = /etc/dirsrv/slapd-ds-1/schema
>>> sysconfdir = /etc
>>> tmp_dir = /tmp
>>> --------
>>> $ cat ds-2.inf
>>> [General]
>>> AdminDomain = localdomain
>>> ConfigDirectoryAdminID = admin
>>> ConfigDirectoryAdminPwd = XXX
>>> ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot
>>> FullMachineName = ds-2.localdomain
>>> ServerRoot = /usr/lib64/dirsrv
>>> StrictHostCheck = true
>>> SuiteSpotGroup = dirsrv
>>> SuiteSpotUserID = dirsrv
>>> [admin]
>>> Port = 9830
>>> ServerAdminID = admin
>>> ServerAdminPwd = XXX
>>> ServerIpAddress = 0.0.0.0
>>> SysUser = dirsrv
>>> [slapd]
>>> AddOrgEntries = Yes
>>> AddSampleEntries = No
>>> HashedRootDNPwd = XXX
>>> InstScriptsEnabled = true
>>> InstallLdifFile = suggest
>>> RootDN = cn=Directory Manager
>>> RootDNPwd = XXX
>>> ServerIdentifier = ds-2
>>> ServerPort = 389
>>> Suffix = dc=localdomain
>>> UseExistingMC = 1
>>> bak_dir = /var/lib/dirsrv/slapd-ds-2/bak
>>> bindir = /usr/bin
>>> cert_dir = /etc/dirsrv/slapd-ds-2
>>> config_dir = /etc/dirsrv/slapd-ds-2
>>> datadir = /usr/share
>>> db_dir = /var/lib/dirsrv/slapd-ds-2/db
>>> ds_bename = userRoot
>>> inst_dir = /usr/lib64/dirsrv/slapd-ds-2
>>> ldif_dir = /var/lib/dirsrv/slapd-ds-2/ldif
>>> localstatedir = /var
>>> lock_dir = /var/lock/dirsrv/slapd-ds-2
>>> log_dir = /var/log/dirsrv/slapd-ds-2
>>> naming_value = rz
>>> run_dir = /var/run/dirsrv
>>> sbindir = /usr/sbin
>>> schema_dir = /etc/dirsrv/slapd-ds-2/schema
>>> sysconfdir = /etc
>>> tmp_dir = /tmp
>>>
>>> I think this unintended behaviour and should be fixed. Unless I
>>> did a mistake somewhere, but I can't see where…
>>>
>>> Julian
>>> _______________________________________________
>>> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
>>> To unsubscribe send an email to
>>> 389-users-leave(a)lists.fedoraproject.org
>> _______________________________________________
>> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
>> To unsubscribe send an email to
>> 389-users-leave(a)lists.fedoraproject.org
> _______________________________________________
> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> To unsubscribe send an email to
> 389-users-leave(a)lists.fedoraproject.org
--
---------------------------------------------------------
| | Julian Kippels
| | M.Sc. Informatik
| |
| | Zentrum für Informations- und Medientechnologie
| | Heinrich-Heine-Universität Düsseldorf
| | Universitätsstr. 1
| | Raum 25.41.O1.36
| | 40225 Düsseldorf / Germany
| |
| | Tel: +49-211-811-4920
| | mail: kippels(a)hhu.de
| | jabber: jukip100(a)xmpp.hhu.de
---------------------------------------------------------