OK - while mucking around with console and certificates, I manually clipped out the stuff from admin-serv/config/adm.conf & console.conf and local.conf and seem to have everything back in order. I restart the admin-serv and the encryption stuff comes right back into local.conf and I can't figure out where it is coming from.

So the console tells me that the Administration console is stopped when it isn't stopped but it can't access it. Any clues? (I am getting into a lot of trouble with the console application) ;-) thanks Craig -- Fedora-directory-users mailing list Fedora-directory-users(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users

On Thu, 2005-12-08 at 20:25 -0700, Richard Megginson wrote: >Craig White wrote: > > > >>OK - while mucking around with console and certificates, I manually >>clipped out the stuff from admin-serv/config/adm.conf & console.conf and >>local.conf and seem to have everything back in order. >> >>I restart the admin-serv and the encryption stuff comes right back into >>local.conf and I can't figure out where it is coming from. >> >> >> >> >It's stored in the directory server under o=netscaperoot - do an >ldapsearch for >ldapsearch -b o=netscaperoot -D "cn=directory manager" -w password >"cn=configuration" > >The local.conf file is just a read-only cache of that information. > >If you cannot edit it using the console, you can use ldapmodify >1) find the full dn of the entry using the ldapsearch as above >2) identify the attributes that deal with the encryption stuff >3) use ldapmodify like the following: >ldapmodify -D "cn=directory manager" -w password >dn: cn=configuration,..... >changetype: modify >replace: nameofattr >nameofattr: newvalue > > ---- Thanks - I can probably do that but it occurred to me that I should just probably restore from my last backup but now I can't find my backup. # ls -l /opt/fedora-ds/slapd-srv1/bak total 0 I had created 2 separate backups using the console application (and even restored once so I know that it worked) but now they are nowhere to be found and so I can't restore.

I'm beginning the think that the console application - though exceedingly dangerous in this rookie's hands is possibly not quite ready for prime time...why did the backups disappear?

Is there a method to wipe out the entire DSA and start over without removing the rpm and re-installing rpm again?

And by the way, I am most appreciate of all of the help you have been giving me Richard - just in case I haven't made it obvious - you have been exceedingly patient and helpful. Thanks Craig -- Fedora-directory-users mailing list Fedora-directory-users(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users

On Fri, 2005-12-09 at 06:53 -0700, Richard Megginson wrote: >Craig White wrote: > > > >>On Thu, 2005-12-08 at 20:25 -0700, Richard Megginson wrote: >> >> >> >> >>>Craig White wrote: >>> >>> >>> >>> >>> >>>>OK - while mucking around with console and certificates, I manually >>>>clipped out the stuff from admin-serv/config/adm.conf & console.conf and >>>>local.conf and seem to have everything back in order. >>>> >>>>I restart the admin-serv and the encryption stuff comes right back into >>>>local.conf and I can't figure out where it is coming from. >>>> >>>> >>>> >>>> >>>> >>>> >>>It's stored in the directory server under o=netscaperoot - do an >>>ldapsearch for >>>ldapsearch -b o=netscaperoot -D "cn=directory manager" -w password >>>"cn=configuration" >>> >>>The local.conf file is just a read-only cache of that information. >>> >>>If you cannot edit it using the console, you can use ldapmodify >>>1) find the full dn of the entry using the ldapsearch as above >>>2) identify the attributes that deal with the encryption stuff >>>3) use ldapmodify like the following: >>>ldapmodify -D "cn=directory manager" -w password >>>dn: cn=configuration,..... >>>changetype: modify >>>replace: nameofattr >>>nameofattr: newvalue >>> >>> >>> >>> >>---- >>Thanks - I can probably do that but it occurred to me that I should just >>probably restore from my last backup but now I can't find my backup. >> >># ls -l /opt/fedora-ds/slapd-srv1/bak >>total 0 >> >>I had created 2 separate backups using the console application (and even >>restored once so I know that it worked) but now they are nowhere to be >>found and so I can't restore. >> >> >> >That's really strange. I've never seen this happen before. > > > >>I'm beginning the think that the console >>application - though exceedingly dangerous in this rookie's hands is >>possibly not quite ready for prime time...why did the backups disappear? >> >> >> >> >I have no idea. I've never seen this before. The console has been used >for this purpose for 7 years now in large production environments and >this is the first time I've ever heard of this happening. > > ---- I am a bit disconcerted about this - I ***know*** that I didn't delete the backups in /opt/fedora-ds/slapd-srv1/bak and was of the opinion that this is where the console put these backups. Perhaps they were removed when I restored using the console. OK - presuming that using the console to backup or command line to backup ( db2bak /opt/redhat-ds/servers/slapd- dirserver/bak/bak_2001070110) are the same thing - a complete backup of the DSA... Then I would want to periodically back up /opt/fedora-ds/slapd-srv1/bak as a 'just in case' this happens again thingy...

Just for confirmation of what - console backup or db2bak actually backup... 1. does this backup configuration too?

2. does this backup items in /opt/fedora-ds/alias or should I do that separately?

3. Is there anything else that I need to back up to get a reasonably quick 'restore' to previous functionality to guard against my uneducated bullets to my feet?

Thanks Craig -- Fedora-directory-users mailing list Fedora-directory-users(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users