[Fedora-directory-users] (no subject)

Rich Megginson rmeggins at redhat.com
Thu Aug 14 14:30:18 UTC 2008 

Mister Anonyme wrote:
> > Date: Wed, 13 Aug 2008 14:57:59 -0600
> > From: rmeggins at redhat.com
> > To: fedora-directory-users at redhat.com
> > Subject: Re: [Fedora-directory-users] (no subject)
>  ==============================================================================
> > > Input the Directory Server password on the server SERVER2:
> > > Error: failed to register the configuration server info to the
> > > Configuration Directory Server SERVER2.
> > Hmm - not sure. Either earlier attempts have broken something past the
> > point of repair, or there is a bug in register-ds-admin.pl - maybe it
> > expects o=NetscapeRoot to not already exist? But then the setup step
> > earlier would fail without it. Try register-ds-admin.pl -ddd
>
> OK. 
>
> I deinstalled all packages and did a rm -rf of all directories like this:
>
> rm -rf /etc/dirsrv /usr/lib/dirsrv /usr/share/dirsrv /var/lib/dirsrv/ 
> /var/lock/dirsrv /var/log/dirsrv /usr/share/dirsrv/manual/en/admin 
> /tmp/setup*.{log,inf}
>
> And re-installed and I ran /usr/sbin/setup-ds.pl with the same LDIF 
> files that I showed you earlier with a fix that you provided.  After, 
> I did a synchronize of the replication with success (replication 
> status confirmed that it worked).  In other words, it went without any 
> errors.
>
> Then, I did a /usr/sbin/register-ds-admin.pl -ddd on the second server 
> and there you go:
>
> [root at SERVER2 ~]# /usr/sbin/register-ds-admin.pl -ddd
> Beginning registration of the Directory Server
> ==============================================================================
> The Directory Server locates its configuration file (dse.ldif) at 
> /etc/dirsrv/slapd-ID, by default.  If you have Directory Server(s) 
> which configuration file is put at the other location, you need to 
> input it to register the server.
>
> If you have such Directory Server, type the full path that stores the 
> configuration file.
>
> If you don't, type return.
> [configuration directory path or return]:
>
>
> ==============================================================================
> Candidate servers to register:
>     /etc/dirsrv/slapd-SERVER2
>
> ==============================================================================
> Do you want to use this server as Configuration Directory Server?
>
> Directory server identifier [SERVER2]:
>
> ==============================================================================
> The server must run as a specific user in a specific group.
> It is strongly recommended that this user should have no privileges
> on the computer (i.e. a non-root user).  The setup procedure
> will give this user/group some permissions in specific paths/files
> to perform server-specific operations.
>
> If you have not yet created a user and group for the server,
> create this user and group using your native operating
> system utilities.
>
> System User [nobody]:
> System Group [nobody]:
>
> ==============================================================================
> Please specify the information about your configuration directory
> server.  The following information is required:
> - host (fully qualified), port (non-secure or secure), suffix,
>   protocol (ldap or ldaps) - this information should be provided in the
>   form of an LDAP url e.g. for non-secure
> ldap://host.example.com:389/o=NetscapeRoot
>   or for secure
> ldaps://host.example.com:636/o=NetscapeRoot
> - admin ID and password
> - admin domain
> - a CA certificate file may be required if you choose to use ldaps and
>   security has not yet been configured - the file must be in PEM/ASCII
>   format - specify the absolute path and filename
>
> Configuration directory server URL [ldap://SERVER2:389/o=NetscapeRoot]:
> Configuration directory server admin ID [admin]:
> Configuration directory server admin password:
> Configuration directory server admin password (confirm):
> Configuration directory server admin domain [DOMAIN.NET]: DOMAIN.NET
>
> ==============================================================================
> The information stored in the configuration directory server can be
> separated into different Administration Domains.  If you are managing
> multiple software releases at the same time, or managing information
> about multiple domains, you may use the Administration Domain to keep
> them separate.
>
> If you are not using administrative domains, press Enter to select the
> default.  Otherwise, enter some descriptive, unique name for the
> administration domain, such as the name of the organization
> responsible for managing the domain.
>
> Administration Domain [DOMAIN.NET]: DOMAIN.NET
>
> ==============================================================================
> The Administration Server is separate from any of your web or application
> servers since it listens to a different port and access to it is
> restricted.
>
> Pick a port number between 1024 and 65535 to run your Administration
> Server on. You should NOT use a port number which you plan to
> run a web or application server on, rather, select a number which you
> will remember and which will not be used for anything else.
>
> Administration port [9830]:
>
> ==============================================================================
> Registering new Config DS: SERVER2
>
> ==============================================================================
> Input the Directory Server password on the server SERVER2:
> +Processing /usr/share/dirsrv/data/10dsdata.ldif.tmpl ...
> +++check_and_add_entry: Found entry o=NetscapeRoot
> +++Adding attr=aci value=(targetattr = "*")(version 3.0; acl "SIE 
> Group (SERVER2)"; allow (all) groupdn = "ldap:///cn=slapd-SERVER2, 
> cn=Red Hat Directory Server, cn=Server Group, cn=SERVER2., ou=DOMAIN, 
> o=NetscapeRoot";) to entry o=NetscapeRoot
> +++check_and_add_entry: Entry not found cn=Red Hat Directory Server, 
> cn=Server Group, cn=SERVER2., ou=DOMAIN, o=NetscapeRoot error No such 
> object
> +ERROR: adding an entry cn=Red Hat Directory Server, cn=Server Group, 
> cn=SERVER2., ou=DOMAIN, o=NetscapeRoot failed, error: No such object
> dn: cn=Red Hat Directory Server, cn=Server Group, cn=SERVER2., ou=
>  DOMAIN, o=NetscapeRoot
> objectclass: nsApplication
> objectclass: groupOfUniqueNames
> objectclass: top
> cn: Red Hat Directory Server
> nsproductname: Red Hat Directory Server
> nsproductversion: 8.0.0
> nsnickname: slapd
> nsbuildnumber: 2007.353.1757
> nsvendor: Red Hat
> installationtimestamp: 20080814121046Z
> nsexpirationdate: 0
> nsbuildsecurity: domestic
> uniquemember: cn=slapd-SERVER2, cn=Red Hat Directory Server, cn=Server 
> Group,
>   cn=SERVER2., ou=DOMAIN, o=NetscapeRoot
> nsservermigrationclassname: 
> com.netscape.admin.dirserv.task.MigrateCreate at redh
>  at-ds-8.0.jar at cn=admin-serv-SERVER2, cn=Red Hat Administration 
> Server, cn=Se
>  rver Group, cn=SERVER2., ou=DOMAIN, o=NetscapeRoot
> nsservercreationclassname: 
> com.netscape.admin.dirserv.task.MigrateCreate at redha
>  t-ds-8.0.jar at cn=admin-serv-SERVER2, cn=Red Hat Administration Server, 
> cn=Ser
>  ver Group, cn=SERVER2., ou=DOMAIN, o=NetscapeRoot
>
> +ERROR: There was an error processing entry cn=Red Hat Directory 
> Server, cn=Server Group, cn=SERVER2., ou=DOMAIN, o=NetscapeRoot
> +Cannot continue processing entries.
> Error: failed to register the configuration server info to the 
> Configuration Directory Server SERVER2.
>
> Thanks again for your help.
Looks like https://bugzilla.redhat.com/show_bug.cgi?id=431103 again 
rears its ugly head.
>
>
> ------------------------------------------------------------------------
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080814/b73a89b0/attachment.bin>

More information about the 389-users mailing list