[Fedora-directory-users] Admin-server/config-server
Rich Megginson
rmeggins at redhat.com
Fri Apr 24 14:31:04 UTC 2009
tamarin p wrote:
>
>
> 2009/3/12 Rich Megginson <rmeggins at redhat.com
> <mailto:rmeggins at redhat.com>>
>
> One additional question with regards to the above, though, if
> I may:
> Does this mean it's not intended/possible to register ldap
> instance(s) on machine A with the config-server on machine B?
> I assumed it was because answering "yes" on the
> register-with-existing-configserv step in setup-ds-admin.pl
> prompts you for a full ldap-URL.
>
> You usually have a single configuration directory server for a
> single admin domain, which may consist of many machines. So yes,
> that's what that dialog does - it registers your directory server
> with a (possibly) remote configuration directory server, used to
> store configuration for many machines.
>
> However, creating an instance with setup-ds.pl and then later
> running register-ds-admin.pl it only seems possible to
> register locally by folder/identifier, not ldap-URL.
>
> It should be possible both ways.
>
>
> Following up on this, I think I discovered a small bug in the script:
> the first time you run setup-ds-admin.pl the adm.conf ldapurl property
> isn't updated correctly and the instance wont find the config
> directory for registration.
>
> I have two machines: ldap1.test.com <http://ldap1.test.com> and
> ldap2.test.com <http://ldap2.test.com>. ldap1 has the instances
> slapd-config on port 4000 (holding NetscapeRoot) and slapd-test1 on
> port 4001. ldap2 only has slapd-test2 on port 4002. (different ports
> so I can use the same infs to create all instances on same machine if
> I need to). I have been able to set this up successfully, and I can
> can see them both under the same admin domain in the fedora-idm-console.
>
> The problem surfaces when I create slapd-test2 instance on ldap2 with
> setup-ds-admin.pl -s -f slapd-test2.inf for the first time only
> (ensured by running remove-ds-admin.pl -y first). The first time I
> create the server I get normal log output and the instance is started
> successfully but it does not show up in the idm-console. Then I try to
> remove it with ds_removal and I get this:
> Error:The server 'ldap://:4002/o=NetscapeRoot' is not reachable.
> Error: unknown error
Can you post your slapd-test2.inf? Be sure to obscure any sensitive
info first.
>
> Checking /etc/dirsrv/admin-serv/adm.conf and notice that it has the
> wrong ldapurl: ldap://:4002/o=NetscapeRoot.. Then I run
> setup-ds-admin.pl again exactly like before, and then it works. I can
> see the new instance in the idm-console and I can ds_removal it again
> without errors. /etc/dirsrv/admin-serv/adm.conf now holds the right
> ldapurl for the configdirectory: ldapurl:
> ldap://ldap1.test.com:4000/o=NetscapeRoot
> <http://ldap1.test.com:4000/o=NetscapeRoot>. The rest of the adm.conf
> is identical in both cases.
>
> If I add FullMachineName directive to the inf then this is added
> instead of empty string, but according to the docs
> http://www.redhat.com/docs/manuals/dir-server/install/8.0/Installation_Guide-Advanced_Configuration-Silent.html
> this should be the hostname of the machine you're installing ON.
> Additionally this still leaves me with the wrong port, ie
> ldap://ldap01.test.com:4002 <http://ldap01.test.com:4002> (it uses the
> FullMachineName but local port for the instance being created). But on
> the second run it is always corrected. So the workaround I have found
> is to just make sure adm.conf exists already. Then it always works,
> even when the file is blank.
Ok. Looks like the auto hostname thing is not working. We use perl
Net::Domain hostfqdn if FullMachineName is absent - it uses some
complicated formula involving sys::hostname, /etc/resolv.conf, etc. I'm
not sure why it would fail completely though.
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20090424/129d6d71/attachment.bin>
More information about the 389-users
mailing list