[Fedora-directory-users] Setting up Multiple Directory Servers - in a multi-master mesh. Having problems with admin server.

Rich Megginson rmeggins at redhat.com
Wed Mar 5 15:20:08 UTC 2008 

Ben Cohen wrote:
> Did anyone find a fix for this?  I'm having the same problem.
>
> Here's the interactive output from register-ds-admin.pl
>
> [root at generic-02 ~]# register-ds-admin.pl --debug
> Beginning registration of the Directory Server
> =
> =
> =
> =
> =
> =
> ========================================================================
> The Directory Server locates its configuration file (dse.ldif) at 
> /etc/dirsrv/slapd-ID, by default.  If you have Directory Server(s) 
> which configuration file is put at the other location, you need to 
> input it to register the server.
>
> If you have such Directory Server, type the full path that stores the 
> configuration file.
>
> If you don't, type return.
> [configuration directory path or return]:
>
>
> ============================================================================== 
>
> Candidate servers to register:
>     /etc/dirsrv/slapd-generic-02
>     /etc/dirsrv/slapd-temp-02
>
> ============================================================================== 
>
> Do you want to use this server as Configuration Directory Server?
>
> Directory server identifier [generic-02]:
>
> ============================================================================== 
>
> Registering new Config DS: generic-02
>
> ============================================================================== 
>
> Input the Directory Server password on the server generic-02:
>
> ============================================================================== 
>
> Please input the password for the Administrator User uid=admin, 
> ou=Administrators, ou=TopologyManagement, o=NetscapeRoot:
> Error: failed to register the configuration server info to the 
> Configuration Directory Server generic-02.
>
> ============================================================================== 
>
> Please input the password for the Administrator User uid=admin, 
> ou=Administrators, ou=TopologyManagement, o=NetscapeRoot:
> Error: failed to register the configuration server info to the 
> Configuration Directory Server generic-02.
>
> ============================================================================== 
>
> Please input the password for the Administrator User uid=admin, 
> ou=Administrators, ou=TopologyManagement, o=NetscapeRoot:
>
> and here is the output of the .log file
>
> [root at generic-02 ~]# cat /tmp/setupJYeuBo.log
> [08/03/04:13:15:25] - [Setup] Info Beginning registration of the 
> Directory Server[08/03/04:13:15:26] - [Setup] Info Candidate servers 
> to register:
> [08/03/04:13:15:26] - [Setup] Info Do you want to use this server as 
> Configuration Directory Server?
>
> [08/03/04:13:15:26] - [Setup] Info Directory server identifier
> [08/03/04:13:15:33] - [Setup] Info generic-02
> [08/03/04:13:15:33] - [Setup] Info Registering new Config DS: generic-02
> [08/03/04:13:15:42] - [Setup] Warning Error: failed to register the 
> configuration server info to the Configuration Directory Server 
> generic-02.
> [08/03/04:13:15:44] - [Setup] Warning Error: failed to register the 
> configuration server info to the Configuration Directory Server 
> generic-02.
I think there is a bug somewhere that causes the directory server you 
select to be the configuration directory server (in your case, 
generic-02) to have the pass through auth plugin enabled.  Try this - 
when you get to the prompt to input the password for the Administrator 
User, in another window, shutdown that directory server, edit dse.ldif - 
search for the Pass Through Auth plugin (not the PAM pass through auth 
plugin) and set the nsslapd-pluginEnabled attribute to off, then restart 
that server.  Then resume with the prompt to input the password.
>
>
> Rich Megginson wrote:
>>
>> Howard Wilkinson wrote:
>>> Richard et al,
>>>
>>> I have obviously confused you on this so to start again!
>>>
>>> I have four machines on which I am installing directory server 
>>> version 1.1.
>>>
>>> I have automated the install so that I start with a virgin install 
>>> every time - erase the packages and delete all of the files left 
>>> lying around and then reinstall the packages.
>>>
>>> I want to set up the four machines in a fault-tolerant fashion. So I 
>>> have an initial master, a secondary on a separate machine, and 2 
>>> consumers on the other machines.
>>>
>>> I can setup the servers on each machine with their own admin server 
>>> and can gt the SSL working and have modified the mmr script and can 
>>> get all other server to replicate. Master and Secondary in 
>>> multi-master mode, consumers fed from master and secondary.
>>>
>>> What I want to achieve is to have all of the servers sharing the 
>>> o=NetscapeRoot paritition (i.e. all having an admin server but all 
>>> having the same configuration for the admin server). Now this means 
>>> that they need to be in a mesh multi-master - OK I can set that up 
>>> but I can't get the servers to register cleanly with the individual 
>>> admin servers on each of the machines.
>> Ok.  I understand.  First, you have to follow these guidelines - 
>> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Replication-Replicating-ADS-for-Failover.html 
>>
>>
>> Next, it sounds like you are running into this bug - 
>> https://bugzilla.redhat.com/show_bug.cgi?id=431103
> Have followed these instructions, with the fixes from the patch and we 
> are further along! I now have all servers registered on the master 
> server and can see them from there as expected.
>
> I now face an issue with "register-ds-admin.pl" when I run it in the 
> secondary server I get the following output.
> If you have such Directory Server, type the full path that stores the 
> configuration file.
>
> If you don't, type return.
> [configuration directory path or return]:
>
>
> ============================================================================== 
>
> Candidate servers to register:
>     /etc/dirsrv/slapd-backus
>
> ============================================================================== 
>
> Do you want to use this server as Configuration Directory Server?
>
> Directory server identifier: backus
>
> ============================================================================== 
>
> Do you want to use this server as Configuration Directory Server?
>
> Directory server identifier:
> and this justs keeps cycling asking the same question.
>
> If I run on one of the consumers the behaviour is different but still 
> no very useful. I get a bit further but it refuses to recognise the 
> admin password.
> Do you want to use this server as Configuration Directory Server?
>
> Directory server identifier: barnacle
>
> ============================================================================== 
>
> Cleaning up old Config DS:
>
> ============================================================================== 
>
> Please input the password for the Administrator User uid=admin, 
> ou=Administrators, ou=TopologyManagement, o=NetscapeRoot:
> Error: failed to clean up the configuration info from the old 
> Configuration
> Directory Server .
>
> ============================================================================== 
>
> Please input the password for the Administrator User uid=admin, 
> ou=Administrators, ou=TopologyManagement, o=NetscapeRoot:
> I get the same behaviour if I run on the Master server.
>
> Any suggestions?
>
> .............
>
> -- 
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080305/2d2d77ae/attachment.bin>

More information about the 389-users mailing list