[Fedora-directory-users] Admin-server/config-server

Rich Megginson rmeggins at redhat.com
Fri Apr 24 14:31:04 UTC 2009 

tamarin p wrote:
>
>
> 2009/3/12 Rich Megginson <rmeggins at redhat.com 
> <mailto:rmeggins at redhat.com>>
>
>         One additional question with regards to the above, though, if
>         I may:
>         Does this mean it's not intended/possible to register ldap
>         instance(s) on machine A with the config-server on machine B?
>         I assumed it was because answering "yes" on the
>         register-with-existing-configserv step in setup-ds-admin.pl
>         prompts you for a full ldap-URL.
>
>     You usually have a single configuration directory server for a
>     single admin domain, which may consist of many machines.  So yes,
>     that's what that dialog does - it registers your directory server
>     with a (possibly) remote configuration directory server, used to
>     store configuration for many machines.
>
>         However, creating an instance with setup-ds.pl and then later
>         running register-ds-admin.pl it only seems possible to
>         register locally by folder/identifier, not ldap-URL.
>
>     It should be possible both ways.
>
>
> Following up on this, I think I discovered a small bug in the script: 
> the first time you run setup-ds-admin.pl the adm.conf ldapurl property 
> isn't updated correctly and the instance wont find the config 
> directory for registration.
>
> I have two machines: ldap1.test.com <http://ldap1.test.com> and 
> ldap2.test.com <http://ldap2.test.com>. ldap1 has the instances 
> slapd-config on port 4000 (holding NetscapeRoot) and slapd-test1 on 
> port 4001. ldap2 only has slapd-test2 on port 4002. (different ports 
> so I can use the same infs to create all instances on same machine if 
> I need to). I have been able to set this up successfully, and I can 
> can see them both under the same admin domain in the fedora-idm-console.
>
> The problem surfaces when I create slapd-test2 instance on ldap2 with 
> setup-ds-admin.pl -s -f slapd-test2.inf for the first time only 
> (ensured by running remove-ds-admin.pl -y first). The first time I 
> create the server I get normal log output and the instance is started 
> successfully but it does not show up in the idm-console. Then I try to 
> remove it with ds_removal and I get this:
> Error:The server 'ldap://:4002/o=NetscapeRoot' is not reachable.  
> Error: unknown error
Can you post your slapd-test2.inf?  Be sure to obscure any sensitive 
info first.
>
> Checking /etc/dirsrv/admin-serv/adm.conf and notice that it has the 
> wrong ldapurl: ldap://:4002/o=NetscapeRoot.. Then I run 
> setup-ds-admin.pl again exactly like before, and then it works. I can 
> see the new instance in the idm-console and I can ds_removal it again 
> without errors. /etc/dirsrv/admin-serv/adm.conf now holds the right 
> ldapurl for the configdirectory: ldapurl: 
> ldap://ldap1.test.com:4000/o=NetscapeRoot 
> <http://ldap1.test.com:4000/o=NetscapeRoot>. The rest of the adm.conf 
> is identical in both cases.
>
> If I add FullMachineName directive to the inf then this is added 
> instead of empty string, but according to the docs 
> http://www.redhat.com/docs/manuals/dir-server/install/8.0/Installation_Guide-Advanced_Configuration-Silent.html 
> this should be the hostname of the machine you're installing ON. 
> Additionally this still leaves me with the wrong port, ie 
> ldap://ldap01.test.com:4002 <http://ldap01.test.com:4002> (it uses the 
> FullMachineName but local port for the instance being created). But on 
> the second run it is always corrected. So the workaround I have found 
> is to just make sure adm.conf exists already. Then it always works, 
> even when the file is blank.
Ok.  Looks like the auto hostname thing is not working.  We use perl 
Net::Domain hostfqdn if FullMachineName is absent - it uses some 
complicated formula involving sys::hostname, /etc/resolv.conf, etc.  I'm 
not sure why it would fail completely though.
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20090424/129d6d71/attachment.bin>

More information about the 389-users mailing list