[Fedora-directory-users] Setting up Multiple Directory Servers - in a multi-master mesh. Having problems with admin server.
Howard Wilkinson
howard at cohtech.com
Thu Feb 14 11:15:04 UTC 2008
We are configuring a new site which has a pair of Master servers and 2
"slave" servers. We have followed the following sequence of steps but
have fallen at the last fence in getting all of the servers registered
with admin servers.
Install fresh copies of fedora-ds* 1.1 packages.
Run setup-ds-admin.pl on the primary master (primary because it is
the first one)
Setup SSL access to server
Create ROOTDNs.
Populate server with initial data.
Run setup-ds.pl on the secondary master and the 2 slaves.
Setup SSL access on these servers
Create ROOTDNs
Initiate multi-master replication for all roots from primary master
to secondary master.
Initiate ordinary replication from the primary master to each slave.
Initiate ordinary replication from the secondary master to each slave.
We are replicating o=NetscapeRoot as well as all of our Roots.
The servers are setup using this inf file.
[General]
FullMachineName=${HOSTNAMEFQDN}
SuiteSpotUserID=${LDAPUID}
SuiteSpotGroup=${LDAPGID}
ServerRoot=/usr/lib/fedora-ds
AdminDomain=${MASTERDOMAIN}
ConfigDirectoryAdminID=admin
ConfigDirectoryAdminPwd=${ADMINPASSWD}
ConfigDirectoryLdapURL=ldap://${MASTERHOSTFQDN}:${LDAPPORT}/o=NetscapeRoot
UserDirectoryAdminID=admin
UserDirectoryAdminPwd=${ADMINPASSWD}
UserDirectoryLdapURL=ldap://${HOSTNAMEFQDN}:${LDAPPORT}/${MASTERDN}
#CACertificateURL=
[slapd]
SlapdConfigForMC=${SlapdConfigForMC} # Set to 1 on Master, 0 on all others
SecurityOn=No
UseExistingMC=${UseExistingMC} # Set to 0 on Master, 1 on all others
UseExistingUG=0
ServerPort=${LDAPPORT}
ServerIdentifier=${HOSTNAME}
Suffix=dc=${MASTERDN}
RootDN=cn=Directory Manager
AddSampleEntries=No
InstallLdifFile=none
AddOrgEntries=No
DisableSchemaChecking=No
RootDNPwd=${DIRMANPASSWD}
start_server=1
install_full_schema=1
[admin]
SysUser=${LDAPUID}
Port=${ADMINPORT}
ServerIpAddress=*
ServerAdminID=admin
ServerAdminPwd=${ADMINPASSWD}
ApacheDir=/usr/sbin/
ApacheRoot=/etc/httpd
I then run up fedora-idm-console on the master. We can see the master
server in the console but cannot see any of the others!
What have we missed? What do we need to do to get this running and then
switch each server over to using its local admin server (with replicated
data from the master)
Note we cannot get "register-ds-admin.pl" to do anything in this
environment a sit just keeps asking for the server name and any input
results in it asking again for the server name.
Regards, Howard.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080214/62367a6e/attachment.html>
More information about the 389-users
mailing list