[Fedora-directory-users] Setting up Multiple Directory Servers - in a multi-master mesh. Having problems with admin server.

Howard Wilkinson howard at cohtech.com
Mon Feb 18 10:43:14 UTC 2008 

Rich Megginson wrote:
> Howard Wilkinson wrote:
>> We are configuring a new site which has a pair of Master servers and 
>> 2 "slave" servers. We have followed the following sequence of steps 
>> but have fallen at the last fence in getting all of the servers 
>> registered with admin servers.
>>
>>     Install fresh copies of fedora-ds* 1.1 packages.
>>     Run setup-ds-admin.pl on the primary master (primary because it is
>>     the first one)
>>     Setup SSL access to server
>>     Create ROOTDNs.
>>     Populate server with initial data.
>>
>>     Run setup-ds.pl on the secondary master and the 2 slaves.
>>
> Why did you run setup-ds.pl instead of setup-ds-admin.pl?
>>
>>     Setup SSL access on these servers
>>     Create ROOTDNs
>>     Initiate multi-master replication for all roots from primary
>>     master to secondary master.
>>     Initiate ordinary replication from the primary master to each slave.
>>     Initiate ordinary replication from the secondary master to each 
>> slave.
>>
>>
>> We are replicating o=NetscapeRoot as well as all of our Roots.
>>
>> The servers are setup using this inf file.
>>
>>     [General]
>>
>>     FullMachineName=${HOSTNAMEFQDN}
>>
>>     SuiteSpotUserID=${LDAPUID}
>>
>>     SuiteSpotGroup=${LDAPGID}
>>
>>     ServerRoot=/usr/lib/fedora-ds
>>
>>     AdminDomain=${MASTERDOMAIN}
>>
>>     ConfigDirectoryAdminID=admin
>>
>>     ConfigDirectoryAdminPwd=${ADMINPASSWD}
>>
>>     
>> ConfigDirectoryLdapURL=ldap://${MASTERHOSTFQDN}:${LDAPPORT}/o=NetscapeRoot 
>>
>>
>>     UserDirectoryAdminID=admin
>>
>>     UserDirectoryAdminPwd=${ADMINPASSWD}
>>
>>     UserDirectoryLdapURL=ldap://${HOSTNAMEFQDN}:${LDAPPORT}/${MASTERDN}
>>
>>     #CACertificateURL=
>>
>>     [slapd]
>>
>>     SlapdConfigForMC=${SlapdConfigForMC} # Set to 1 on Master, 0 on 
>> all others
>>
>>     SecurityOn=No
>>
>>     UseExistingMC=${UseExistingMC} # Set to 0 on Master, 1 on all others
>>
>>     UseExistingUG=0
>>
>>     ServerPort=${LDAPPORT}
>>
>>     ServerIdentifier=${HOSTNAME}
>>
>>     Suffix=dc=${MASTERDN}
>>
>>     RootDN=cn=Directory Manager
>>
>>     AddSampleEntries=No
>>
>>     InstallLdifFile=none
>>
>>     AddOrgEntries=No
>>
>>     DisableSchemaChecking=No
>>
>>     RootDNPwd=${DIRMANPASSWD}
>>
>>     start_server=1
>>
>>     install_full_schema=1
>>
>>     [admin]
>>
>>     SysUser=${LDAPUID}
>>
>>     Port=${ADMINPORT}
>>
>>     ServerIpAddress=*
>>
>>     ServerAdminID=admin
>>
>>     ServerAdminPwd=${ADMINPASSWD}
>>
>>     ApacheDir=/usr/sbin/
>>
>>     ApacheRoot=/etc/httpd
>>
>>
>> I then run up fedora-idm-console on the master. We can see the master 
>> server in the console but cannot see any of the others!
> Not surprising since setup-ds.pl doesn't do any console/admin server 
> registration.
Tried with setup-ds-admin.pl instead but still not working! What 
settings do I need in the inf file for the second and subsequent servers?
>>
>> What have we missed? What do we need to do to get this running and 
>> then switch each server over to using its local admin server (with 
>> replicated data from the master)
>>
>> Note we cannot get "register-ds-admin.pl" to do anything in this 
>> environment a sit just keeps asking for the server name and any input 
>> results in it asking again for the server name.
> register-ds-admin.pl should work - can you provide more details?  
> Script output?
On the master it never gets past asking for the password for the 
administrator.
On the other hosts it will not accept any directory server name i.e. 
second prompt just cycles - but this may be an artifact of the failure 
of setup-ds-admin to register the server correctly anyway as we may have 
wrong settings in the inf file!
>>
>> Regards, Howard.
>> ------------------------------------------------------------------------
>>
>> -- 
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>   
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080218/67eb0b78/attachment.html>

More information about the 389-users mailing list