[Fedora-directory-users] (no subject)

Mister Anonyme benetage at hotmail.com
Wed Aug 13 19:47:33 UTC 2008 

> Rich Megginson wrote:
>> Mister Anonyme wrote:
>> Hi,
>> I tried to follow the guidelines here:
>> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Replication-Replicating-ADS-for-Failover.html
>> And it doesn't work.
>
>Can you be more specific?

There you go...

SERVER1 is first server, SERVER2 is second server (failover)

========================================
First step (from the doc):  Install and configure the first Directory Server instance.
========================================

******
file.inf
******
FullMachineName = SERVER1
AdminDomain = MY DOMAIN NAME
SuiteSpotUserID = nobody
SuiteSpotGroup = nobody
ConfigDirectoryLdapURL = ldap://SERVER1:389/o=NetscapeRoot
ConfigDirectoryAdminID = admin
ConfigDirectoryAdminPwd = MY PASSWORD


[admin]
ServerAdminID = admin
ServerAdminPwd = MY PASSWORD
SysUser = nobody
ServerIpAddress = MY SERVER IP ADDRESS
Port = 9830

[slapd]
InstallLdifFile = suggest
ServerIdentifier = SERVER1
ServerPort = 389
AddOrgEntries = Yes
RootDN = cn=Directory Manager
RootDNPwd = MY DS PASSWORD
SlapdConfigForMC = yes
Suffix = dc=EXAMPLE, dc=NET
UseExistingMC = 0
AddSampleEntries = Yes
ConfigFile = repluser.ldif
ConfigFile = changelog.ldif
ConfigFile = replica.ldif
ConfigFile = replagreement.ldif

***************
repluser.ldif
***************
dn: cn=replication manager,cn=config
objectClass: inetorgperson
objectClass: person
objectClass: top
cn: replication manager
sn: RM
userPassword: MY ENCRYPTED PASSWORD
passwordExpirationTime: 20380119031407Z

****************
changelog.ldif
****************
dn: cn=changelog5,cn=config
objectclass: top
objectclass: extensibleObject
cn: changelog5
nsslapd-changelogdir: /var/lib/dirsrv/slapd-MYINSTANCE/changelogdb


************
replica.ldif
*************
dn: cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config
objectclass: top
objectclass: nsds5replica
objectclass: extensibleObject
cn: replica
nsds5replicaroot: o=NetscapeRoot
nsds5replicaid: 1
nsds5replicatype: 3
nsds5flags: 1
nsds5ReplicaPurgeDelay: 604800
nsds5ReplicaBindDN: cn=replication manager,cn=config


******************
replagreement.ldif
******************
dn: cn=replication_netscaperoot,cn=replica,cn="o=Netscaperoot",cn=mapping 
tree,cn=config
objectclass: top
objectclass: nsds5replicationagreement
cn: replication_netscaperoot
nsds5replicahost: SECONDARY LDAP SERVER HOSTNAME
nsds5replicaport: 389
nsds5ReplicaBindDN: cn=replication manager
nsds5replicabindmethod: SIMPLE
nsds5replicaroot: o=Netscaperoot
description: replication netscaperoot
nsds5replicacredentials: ENCRYPTEDPASSWORD
nsds5BeginReplicaRefresh: start

I run this command:


# /usr/sbin/setup-ds-admin -s -f file.inf


Here's the log:
[...]
+Processing repluser.ldif ...
+++check_and_add_entry: Entry not found cn=replication manager,cn=config error No such object
+Entry cn=replication manager,cn=config is added

+Processing changelog.ldif ...
+++check_and_add_entry: Entry not found cn=changelog5,cn=config error No such object
+Entry cn=changelog5,cn=config is added

+Processing replica.ldif ...
+++check_and_add_entry: Entry not found cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config error No such object
+ERROR: adding an entry cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config failed, error: No such object
dn: cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config
objectclass: top
objectclass: nsds5replica
objectclass: extensibleObject
cn: replica
nsds5replicaroot: o=NetscapeRoot
nsds5replicaid: 1
nsds5replicatype: 3
nsds5flags: 1
nsds5replicapurgedelay: 604800
nsds5replicabinddn: cn=replication manager,cn=config

+ERROR: There was an error processing entry cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config
+Cannot continue processing entries.


So, I created another file (the documentation didn't mention this so I don't know if it's the 'good' procedure...):

*************
replica_1.ldif
*************
dn: cn="o=NetscapeRoot",cn=mapping tree,cn=config
objectclass: top
objectclass: nsMappingTree
objectclass: extensibleObject
cn: "o=NetscapeRoot"


I added just before the replica.ldif in the "file.inf", [slapd] section.

Then:

# /usr/sbin/setup-ds-admin -s -f file.inf

It works well until...:
[...]
+[13/Aug/2008:15:07:17 -0400] NSMMReplicationPlugin - _replica_configure_ruv: replication broken for entry (o=NetscapeRoot); LDAP error - 1
+[13/Aug/2008:15:07:17 -0400] NSMMReplicationPlugin - Unable to configure replica o=NetscapeRoot:
+[13/Aug/2008:15:07:17 -0400] - slapd started.  Listening on All Interfaces port 389 for LDAP requests
+Your new directory server has been started.
Your new DS instance 'INSTANCENAME' was successfully created.
Creating the configuration directory server . . .
The suffix 'o=NetscapeRoot' already exists.  Config entry DN 'cn="o=NetscapeRoot",cn=mapping tree,cn=config'.

Failed to create the configuration directory server
Exiting . . .

So, it won't process LDIF files that I created according to the documentation, but if I force the creation of NetscapeRoot so the replica.ldif can be processed, it won't continue because it already exists...

Great...  

I removed replica_1.ldif, replica.ldif, replagreement.ldif from file.inf and ran this agan:

# /usr/sbin/setup-ds-admin -s -f file.inf

[...]
The admin server was successfully started.
Admin server was successfully created, configured, and started.

Then, I manually created a replica and a replica agreement:

/usr/lib/mozldap6/ldapmodify -cvD "cn=Directory manager"  -w PASSWD < replica.ldif
/usr/lib/mozldap6/ldapmodify -cvD "cn=Directory manager"  -w PASSWD < replagreement.ldif


It went with sucess.

Now, step 2 from the doc...

The inf file of the second server:

******
file.inf
******
[General]
AdminDomain = EXAMPLE.DOMAIN
SuiteSpotGroup = nobody
ConfigDirectoryLdapURL = ldap://SERVER1 (or SERVER2, doesn't matter, it fails).nl.rsft.net:389/o=NetscapeRoot
ConfigDirectoryAdminID = admin
FullMachineName = SERVER2
SuiteSpotUserID = nobody
ConfigDirectoryAdminPwd = PASS

[admin]
ServerAdminID = admin
ServerAdminPwd = PASS
SysUser = nobody
Port = 9830


[slapd]
InstallLdifFile = suggest
ServerIdentifier = SERVER2
ServerPort = 389
AddOrgEntries = Yes
RootDN = cn=Directory Manager
RootDNPwd = SERVER2
Suffix = dc=EXAMPLE,dc=DOMAIN
UseExistingMC = 0
AddSampleEntries = No
ConfigFile = netscaperootdb.ldif
ConfigFile = repluser.ldif
ConfigFile = changelog.ldif
ConfigFile = replica.ldif
ConfigFile = replagreement.ldif


I won't show repluser.ldif, changelog.ldif, replica.ldif and replagreement.ldif, they are same as above, except for netscapeootdb.ldif:

******************
netscaperootdb.ldif
******************
dn: cn="o=netscaperoot",cn=mapping tree,cn=config
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree
nsslapd-state: backend
nsslapd-backend: NetscapeRoot
cn: o=NetscapeRoot


I ran the script:

# /usr/sbin/setup-ds.pl -s -f file.inf

There's not error until...
[...]
+importing data ...
[13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: 4096, pages: 258922, procpages: 6198
[13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k
[13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, import_pages: 51200, pagesize: 4096
[13/Aug/2008:15:30:35 -0400] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database
[13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: 4096, pages: 258922, procpages: 6198
[13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k
[13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, import_pages: 51200, pagesize: 4096
[13/Aug/2008:15:30:36 -0400] - import userRoot: Beginning import job...
[13/Aug/2008:15:30:36 -0400] - import userRoot: Index buffering enabled with bucket size 100
[13/Aug/2008:15:30:36 -0400] - import userRoot: Processing file "/tmp/ldifBTMcP9.ldif"
[13/Aug/2008:15:30:36 -0400] - import userRoot: Finished scanning file "/tmp/ldifBTMcP9.ldif" (9 entries)
[13/Aug/2008:15:30:37 -0400] - import userRoot: Workers finished; cleaning up...
[13/Aug/2008:15:30:37 -0400] - import userRoot: Workers cleaned up.
[13/Aug/2008:15:30:37 -0400] - import userRoot: Cleaning up producer thread...
[13/Aug/2008:15:30:37 -0400] - import userRoot: Indexing complete.  Post-processing...
[13/Aug/2008:15:30:37 -0400] - import userRoot: Flushing caches...
[13/Aug/2008:15:30:37 -0400] - import userRoot: Closing files...
[13/Aug/2008:15:30:37 -0400] - All database threads now stopped
[13/Aug/2008:15:30:37 -0400] - import userRoot: Import complete.  Processed 9 entries in 1 seconds. (9.00 entries/sec)
+Starting the server: /usr/lib/dirsrv/slapd-myinstance/start-slapd
+Started the server: code 256
Server failed to start !!! Please check errors log for problems
+       Red Hat-Directory/8.0.0 B2007.353.1757
+       server2:389 (/etc/dirsrv/slapd-myinstance)
+
+[13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: 4096, pages: 258922, procpages: 6198
+[13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k
+[13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, import_pages: 51200, pagesize: 4096
+[13/Aug/2008:15:30:35 -0400] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database
+[13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: 4096, pages: 258922, procpages: 6198
+[13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k
+[13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, import_pages: 51200, pagesize: 4096
+[13/Aug/2008:15:30:36 -0400] - import userRoot: Beginning import job...
+[13/Aug/2008:15:30:36 -0400] - import userRoot: Index buffering enabled with bucket size 100
+[13/Aug/2008:15:30:36 -0400] - import userRoot: Processing file "/tmp/ldifBTMcP9.ldif"
+[13/Aug/2008:15:30:36 -0400] - import userRoot: Finished scanning file "/tmp/ldifBTMcP9.ldif" (9 entries)
+[13/Aug/2008:15:30:37 -0400] - import userRoot: Workers finished; cleaning up...
+[13/Aug/2008:15:30:37 -0400] - import userRoot: Workers cleaned up.
+[13/Aug/2008:15:30:37 -0400] - import userRoot: Cleaning up producer thread...
+[13/Aug/2008:15:30:37 -0400] - import userRoot: Indexing complete.  Post-processing...
+[13/Aug/2008:15:30:37 -0400] - import userRoot: Flushing caches...
+[13/Aug/2008:15:30:37 -0400] - import userRoot: Closing files...
+[13/Aug/2008:15:30:37 -0400] - All database threads now stopped
+[13/Aug/2008:15:30:37 -0400] - import userRoot: Import complete.  Processed 9 entries in 1 seconds. (9.00 entries/sec)
+[13/Aug/2008:15starting up
+[13/Aug/2008:15:30:39 -0400] - I'm resizing my cache now...cache was 209715200 and is now 8000000
+[13/Aug/2008:15:30:39 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot
+[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot
+[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot
+[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot
+[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot
+[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot


And it hung up.  I had to do CTRL-C to have prompt.  Well, maybe it's normal.. This server isn't completely installed.

So, step 3 from the doc, I ran it on the SERVER1: 

# /usr/lib/mozldap6/ldapmodify -cvD "cn=Directory manager"  -w PASSWD
ldapmodify-bin: started Wed Aug 13 15:37:03 2008

ldap_init( localhost, 389 )
dn: cn=ExampleAgreement1,cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config
changetype: modify
replace: nsds5beginreplicarefresh
nsds5beginreplicarefresh: start
replace nsds5beginreplicarefresh:
        start
modifying entry cn=ExampleAgreement1,cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config
ldap_modify: No such object

This is when I gave up and decided to create a NetscapeRoot's replication directly from the Java console.  I mean, I installed two LDAP servers with the second server that it uses the Configuration Server from the first server.  

The replication works very well between two servers (only if I setup from the Java console) but when I want to do the the step 4 from the doc (create local Administration Server), it doesn't work, the script 'register-ds-admin.pl' always fails.

Thank you very much for your help!

_________________________________________________________________
If you like crossword puzzles, then you'll love Flexicon, a game which combines four overlapping crossword puzzles into one!
http://g.msn.ca/ca55/208
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080813/5965e030/attachment.html>

More information about the 389-users mailing list