On 06/07/2017 10:38 AM, wudadin2003(a)gmail.com wrote:
Here is a look at the logs as it happens
~ # tail -f /var/log/dirsrv/admin-serv/error
[Wed Jun 07 09:19:27 2017] [error] Could not bind as []: ldap error -1: Can't contact
LDAP server
[Wed Jun 07 09:19:27 2017] [warn] Unable to bind as LocalAdmin to populate LocalAdmin
tasks into cache.
[Wed Jun 07 09:19:27 2017] [notice] Access Host filter is:
(*.old.domain.com|*.domain.com)
[Wed Jun 07 09:19:27 2017] [notice] Access Address filter is: *
This is the Admin
Server's error log, I need to see the Directory
Server's access log:
/var/log/dirsrv/slapd-INSTANCE/access
The /etc/dirsrv/admin-serv/adm.conf shows that the ldapurl is still pointing at the old
non-existent server.
cat /etc/dirsrv/admin-serv/adm.conf
AdminDomain:
old.domain.com
sysuser: ldapuser
isie: cn=389 Administration Server,cn=Server
Group,cn=new-server-01.my.domain.com,ou=old.domain.com,o=NetscapeRoot
SuiteSpotGroup: ldapuser
sysgroup: ldapuser
userdn: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
ldapurl: ldap://my-old-server-01.old.domain.com:389/o=NetscapeRoot
SuiteSpotUserID: ldapuser
sie: cn=admin-serv-new-server-01,cn=389 Administration Server,cn=Server
Group,cn=new-server-01.my.domain.com,ou=old.domain.com,o=NetscapeRoot
register-ds-admin.pl does not modify this file. To be honest I really
confused as to what you have and don't have now.
As a side not, the "domain.com" is not changing but the "sub-domain"
is changing. (
old.domain.com vs.
my.domain.com)
This tool will "not" help you with domain name changes. In fact if your
hostname changed it's going to cause all kinds of problems with the console.
I also thinking that there is no o=netscaperoot on this machine since it was originally
registered to another (now non-existent) server.
But you "appear" to have
an admin server, so you should have
o=netscaperoot as a backend.
If I am not able to re-register is to a new server, can I at least get its own admin
server running?
The wiki page describes what you need to do here. Every host needs
an
admin server. Whether the DS is registered or not. Once this is done,
then you can register any instance with any other admin server/config
DS. I'm sorry I just don't understand what you have installed and
don't. I keep seeing conflicting information for you, which makes
helping you very difficult.
I think we should go back and see why the tool was failing before, and
that requires examining the Directory Server's access log. So, tail the
DS access log (the one that you are trying to register to), rerun the
tool, wait 30 seconds for log buffering to flush, and send me the access
log output from that time.
Thanks,
Mark
I would like to have console access to these machines again.
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org