[Fedora-directory-users] Setting up Multiple Directory Servers - in a multi-master mesh. Having problems with admin server.
Rich Megginson
rmeggins at redhat.com
Wed Feb 20 18:16:59 UTC 2008
Howard Wilkinson wrote:
> Richard et al,
>
> I have obviously confused you on this so to start again!
>
> I have four machines on which I am installing directory server version
> 1.1.
>
> I have automated the install so that I start with a virgin install
> every time - erase the packages and delete all of the files left lying
> around and then reinstall the packages.
>
> I want to set up the four machines in a fault-tolerant fashion. So I
> have an initial master, a secondary on a separate machine, and 2
> consumers on the other machines.
>
> I can setup the servers on each machine with their own admin server
> and can gt the SSL working and have modified the mmr script and can
> get all other server to replicate. Master and Secondary in
> multi-master mode, consumers fed from master and secondary.
>
> What I want to achieve is to have all of the servers sharing the
> o=NetscapeRoot paritition (i.e. all having an admin server but all
> having the same configuration for the admin server). Now this means
> that they need to be in a mesh multi-master - OK I can set that up but
> I can't get the servers to register cleanly with the individual admin
> servers on each of the machines.
Ok. I understand. First, you have to follow these guidelines -
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Replication-Replicating-ADS-for-Failover.html
Next, it sounds like you are running into this bug -
https://bugzilla.redhat.com/show_bug.cgi?id=431103
>
> I understood that register-ds-admin.pl was the answer but the more I
> look at this it seems to only manage multiple instances on one
> machine. So how do I do this.
>
> If I replicate the o=NetscapeRoot with each server registered to its
> own admin-server. Then the admin-servers only have one server
> registered and it seems to be the master (but that may be timing). If
> I try to register the secondary and consumers with the master
> admin-server then nothing happens. SO I am missing a trick.
>
> I have the following silent set up file I use to configure each server.
>
> [General]
> FullMachineName=${HOSTNAMEFQDN}
> SuiteSpotUserID=${LDAPUID}
> SuiteSpotGroup=${LDAPGID}
> ServerRoot=/usr/lib/fedora-ds
> AdminDomain=${MASTERDOMAIN}
> ConfigDirectoryAdminID=admin
> ConfigDirectoryAdminPwd=${ADMINPASSWD}
> ConfigDirectoryLdapURL=${ConfigDirectoryLdapURL}
> UserDirectoryAdminID=admin
> UserDirectoryAdminPwd=${ADMINPASSWD}
> UserDirectoryLdapURL=ldap://${HOSTNAMEFQDN}:${LDAPPORT}/${MASTERDN}
> #CACertificateURL=
>
> [slapd]
> SlapdConfigForMC=${SlapdConfigForMC}
> SecurityOn=No
> UseExistingMC=${UseExistingMC}
> UseExistingUG=0
> ServerPort=${LDAPPORT}
> ServerIdentifier=${HOSTNAME}
> Suffix=dc=${MASTERDN}
> RootDN=cn=Directory Manager
> AddSampleEntries=No
> InstallLdifFile=none
> AddOrgEntries=No
> DisableSchemaChecking=No
> RootDNPwd=${DIRMANPASSWD}
> start_server=1
> install_full_schema=1
>
> [admin]
> SysUser=${LDAPUID}
> Port=${ADMINPORT}
> ServerIpAddress=*
> ServerAdminID=admin
> ServerAdminPwd=${ADMINPASSWD}
> ApacheDir=/usr/sbin/
> ApacheRoot=/etc/httpd
>
> I set
>
> SlapdConfigForMC=1
> UseExistingMC=0
> ConfigDirectoryLdapURL=ldap://${HOSTNAMEFQDN}:${LDAPPORT}/o=NetscapeRoot
>
> for the first case of installing each server locally and change to
>
> SlapdConfigForMC=1
> UseExistingMC=1
> ConfigDirectoryLdapURL=ldap://${MASTERHOSTFQDN}:${LDAPPORT}/o=NetscapeRoot
>
> for the second case where I have tried to get all registered with one
> admin server. But no luck.
>
> Help!
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080220/e9cff99e/attachment.bin>
More information about the 389-users
mailing list