[Fedora-directory-users] Setting up Multiple Directory Servers - in a multi-master mesh. Having problems with admin server.

Thu Feb 14 17:52:21 UTC 2008

Howard Wilkinson wrote:
> We are configuring a new site which has a pair of Master servers and 2 
> "slave" servers. We have followed the following sequence of steps but 
> have fallen at the last fence in getting all of the servers registered 
> with admin servers.
>
>     Install fresh copies of fedora-ds* 1.1 packages.
>     Run setup-ds-admin.pl on the primary master (primary because it is
>     the first one)
>     Setup SSL access to server
>     Create ROOTDNs.
>     Populate server with initial data.
>
>     Run setup-ds.pl on the secondary master and the 2 slaves.
>
Why did you run setup-ds.pl instead of setup-ds-admin.pl?
>
>     Setup SSL access on these servers
>     Create ROOTDNs
>     Initiate multi-master replication for all roots from primary
>     master to secondary master.
>     Initiate ordinary replication from the primary master to each slave.
>     Initiate ordinary replication from the secondary master to each slave.
>
>
> We are replicating o=NetscapeRoot as well as all of our Roots.
>
> The servers are setup using this inf file.
>
>     [General]
>
>     FullMachineName=${HOSTNAMEFQDN}
>
>     SuiteSpotUserID=${LDAPUID}
>
>     SuiteSpotGroup=${LDAPGID}
>
>     ServerRoot=/usr/lib/fedora-ds
>
>     AdminDomain=${MASTERDOMAIN}
>
>     ConfigDirectoryAdminID=admin
>
>     ConfigDirectoryAdminPwd=${ADMINPASSWD}
>
>     ConfigDirectoryLdapURL=ldap://${MASTERHOSTFQDN}:${LDAPPORT}/o=NetscapeRoot
>
>     UserDirectoryAdminID=admin
>
>     UserDirectoryAdminPwd=${ADMINPASSWD}
>
>     UserDirectoryLdapURL=ldap://${HOSTNAMEFQDN}:${LDAPPORT}/${MASTERDN}
>
>     #CACertificateURL=
>
>     [slapd]
>
>     SlapdConfigForMC=${SlapdConfigForMC} # Set to 1 on Master, 0 on all others
>
>     SecurityOn=No
>
>     UseExistingMC=${UseExistingMC} # Set to 0 on Master, 1 on all others
>
>     UseExistingUG=0
>
>     ServerPort=${LDAPPORT}
>
>     ServerIdentifier=${HOSTNAME}
>
>     Suffix=dc=${MASTERDN}
>
>     RootDN=cn=Directory Manager
>
>     AddSampleEntries=No
>
>     InstallLdifFile=none
>
>     AddOrgEntries=No
>
>     DisableSchemaChecking=No
>
>     RootDNPwd=${DIRMANPASSWD}
>
>     start_server=1
>
>     install_full_schema=1
>
>     [admin]
>
>     SysUser=${LDAPUID}
>
>     Port=${ADMINPORT}
>
>     ServerIpAddress=*
>
>     ServerAdminID=admin
>
>     ServerAdminPwd=${ADMINPASSWD}
>
>     ApacheDir=/usr/sbin/
>
>     ApacheRoot=/etc/httpd
>
>
> I then run up fedora-idm-console on the master. We can see the master 
> server in the console but cannot see any of the others!
Not surprising since setup-ds.pl doesn't do any console/admin server 
registration.
>
> What have we missed? What do we need to do to get this running and 
> then switch each server over to using its local admin server (with 
> replicated data from the master)
>
> Note we cannot get "register-ds-admin.pl" to do anything in this 
> environment a sit just keeps asking for the server name and any input 
> results in it asking again for the server name.
register-ds-admin.pl should work - can you provide more details?  Script 
output?
>
> Regards, Howard.
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20080214/362eba32/attachment.bin>