[Fedora-directory-users] (no subject)
Mister Anonyme
benetage at hotmail.com
Wed Aug 13 20:51:47 UTC 2008
> Date: Wed, 13 Aug 2008 14:03:31 -0600
> From: rmeggins at redhat.com
> To: fedora-directory-users at redhat.com
> Subject: Re: [Fedora-directory-users] (no subject)
> I think it is mentioned in the documentation.
> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Replication-Replicating-ADS-for-Failover.html
> "2. Install and configure the second Directory Server instance. For the
> second server, |server2.example.com|, use the |setup-ds.pl| command,
> which installs a Directory Server instance without installing a local
> Administration Server. "
>
> Which is what you did below anyway. However, there is a doc bug:
> "ConfigFile = netscaperootdb.ldif example suffix entry"
> This links to an example of the suffix only, which is what you did below
> - the ldif only creates the suffix, not the associated database.
>
> The LDIF file should contain this:
>
> dn: cn=NetscapeRoot,cn=ldbm database,cn=plugins,cn=config
> objectclass: top
> objectclass: extensibleObject
> objectclass: nsBackendInstance
> nsslapd-suffix: o=NetscapeRoot
> cn: NetscapeRoot
>
> dn: cn=encrypted attribute keys,cn=NetscapeRoot,cn=ldbm
> database,cn=plugins,cn=config
> objectClass: top
> objectClass: extensibleObject
> cn: encrypted attributes keys
>
> dn: cn=encrypted attributes,cn=NetscapeRoot,cn=ldbm
> database,cn=plugins,cn=config
> objectClass: top
> objectClass: extensibleObject
> cn: encrypted attributes
>
> dn: cn="o=NetscapeRoot",cn=mapping tree,cn=config
> objectclass: top
> objectclass: extensibleObject
> objectclass: nsMappingTree
> cn: "o=NetscapeRoot"
> nsslapd-state: backend
> nsslapd-backend: NetscapeRoot
Great! It fixed the issue.
I was also able to synchronize between two servers.
But, when I execute the register-ds-admin.pl (step 4), I have this:
# /usr/sbin/register-ds-admin.pl
Beginning registration of the Directory Server
==============================================================================
The Directory Server locates its configuration file (dse.ldif) at /etc/dirsrv/slapd-ID, by default. If you have Directory Server(s) which configuration file is put at the other location, you need to input it to register the server.
If you have such Directory Server, type the full path that stores the configuration file.
If you don't, type return.
[configuration directory path or return]:
==============================================================================
Candidate servers to register:
/etc/dirsrv/slapd-myinstance
==============================================================================
Do you want to use this server as Configuration Directory Server?
Directory server identifier [myinstance]:
==============================================================================
The server must run as a specific user in a specific group.
It is strongly recommended that this user should have no privileges
on the computer (i.e. a non-root user). The setup procedure
will give this user/group some permissions in specific paths/files
to perform server-specific operations.
If you have not yet created a user and group for the server,
create this user and group using your native operating
system utilities.
System User [nobody]:
System Group [nobody]:
==============================================================================
Please specify the information about your configuration directory
server. The following information is required:
- host (fully qualified), port (non-secure or secure), suffix,
protocol (ldap or ldaps) - this information should be provided in the
form of an LDAP url e.g. for non-secure
ldap://host.example.com:389/o=NetscapeRoot
or for secure
ldaps://host.example.com:636/o=NetscapeRoot
- admin ID and password
- admin domain
- a CA certificate file may be required if you choose to use ldaps and
security has not yet been configured - the file must be in PEM/ASCII
format - specify the absolute path and filename
Configuration directory server URL [ldap://SERVER2:389/o=NetscapeRoot]:
Configuration directory server admin ID [admin]:
Configuration directory server admin password:
Configuration directory server admin password (confirm):
Configuration directory server admin domain [DOMAIN]: DOMAIN
==============================================================================
The information stored in the configuration directory server can be
separated into different Administration Domains. If you are managing
multiple software releases at the same time, or managing information
about multiple domains, you may use the Administration Domain to keep
them separate.
If you are not using administrative domains, press Enter to select the
default. Otherwise, enter some descriptive, unique name for the
administration domain, such as the name of the organization
responsible for managing the domain.
Administration Domain [DOMAIN]:
==============================================================================
The Administration Server is separate from any of your web or application
servers since it listens to a different port and access to it is
restricted.
Pick a port number between 1024 and 65535 to run your Administration
Server on. You should NOT use a port number which you plan to
run a web or application server on, rather, select a number which you
will remember and which will not be used for anything else.
Administration port [9830]:
==============================================================================
Registering new Config DS: SERVER2
==============================================================================
Input the Directory Server password on the server SERVER2:
Error: failed to register the configuration server info to the Configuration Directory Server SERVER2.
_________________________________________________________________
Find hidden words, unscramble celebrity names, or try the ultimate crossword puzzle with Live Search Games. Play now!
http://g.msn.ca/ca55/212
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20080813/9f36e6ad/attachment.htm>
More information about the Fedora-directory-users
mailing list