[Fedora-directory-users] Setting up Multiple Directory Servers - in a multi-master mesh. Having problems with admin server.

Wed Feb 20 09:57:50 UTC 2008

Richard et al,

I have obviously confused you on this so to start again!

I have four machines on which I am installing directory server version 1.1.

I have automated the install so that I start with a virgin install every 
time - erase the packages and delete all of the files left lying around 
and then reinstall the packages.

I want to set up the four machines in a fault-tolerant fashion. So I 
have an initial master, a secondary on a separate machine, and 2 
consumers on the other machines.

I can setup the servers on each machine with their own admin server and 
can gt the SSL working and have modified the mmr script and can get all 
other server to replicate. Master and Secondary in multi-master mode, 
consumers fed from master and secondary.

What I want to achieve is to have all of the servers sharing the 
o=NetscapeRoot paritition (i.e. all having an admin server but all 
having the same configuration for the admin server). Now this means that 
they need to be in a mesh multi-master - OK I can set that up but I 
can't get the servers to register cleanly with the individual admin 
servers on each of the machines.

I understood that register-ds-admin.pl was the answer but the more I 
look at this it seems to only manage multiple instances on one machine. 
So how do I do this.

If I replicate the o=NetscapeRoot with each server registered to its own 
admin-server. Then the admin-servers only have one server registered and 
it seems to be the master (but that may be timing). If I try to register 
the secondary and consumers with the master admin-server then nothing 
happens. SO I am missing a trick.

I have the following silent set up file I use to configure each server.

    [General]
    FullMachineName=${HOSTNAMEFQDN}
    SuiteSpotUserID=${LDAPUID}
    SuiteSpotGroup=${LDAPGID}
    ServerRoot=/usr/lib/fedora-ds
    AdminDomain=${MASTERDOMAIN}
    ConfigDirectoryAdminID=admin
    ConfigDirectoryAdminPwd=${ADMINPASSWD}
    ConfigDirectoryLdapURL=${ConfigDirectoryLdapURL}
    UserDirectoryAdminID=admin
    UserDirectoryAdminPwd=${ADMINPASSWD}
    UserDirectoryLdapURL=ldap://${HOSTNAMEFQDN}:${LDAPPORT}/${MASTERDN}
    #CACertificateURL=

    [slapd]
    SlapdConfigForMC=${SlapdConfigForMC}
    SecurityOn=No
    UseExistingMC=${UseExistingMC}
    UseExistingUG=0
    ServerPort=${LDAPPORT}
    ServerIdentifier=${HOSTNAME}
    Suffix=dc=${MASTERDN}
    RootDN=cn=Directory Manager
    AddSampleEntries=No
    InstallLdifFile=none
    AddOrgEntries=No
    DisableSchemaChecking=No
    RootDNPwd=${DIRMANPASSWD}
    start_server=1
    install_full_schema=1

    [admin]
    SysUser=${LDAPUID}
    Port=${ADMINPORT}
    ServerIpAddress=*
    ServerAdminID=admin
    ServerAdminPwd=${ADMINPASSWD}
    ApacheDir=/usr/sbin/
    ApacheRoot=/etc/httpd

I set

    SlapdConfigForMC=1
    UseExistingMC=0
    ConfigDirectoryLdapURL=ldap://${HOSTNAMEFQDN}:${LDAPPORT}/o=NetscapeRoot

for the first case of installing each server locally and change to

    SlapdConfigForMC=1
    UseExistingMC=1
    ConfigDirectoryLdapURL=ldap://${MASTERHOSTFQDN}:${LDAPPORT}/o=NetscapeRoot

for the second case where I have tried to get all registered with one 
admin server. But no luck.

Help!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080220/d7886ff4/attachment.html>