[Fedora-directory-users] Setting up Multiple Directory Servers - in a multi-master mesh. Having problems with admin server.
Rich Megginson
rmeggins at redhat.com
Thu Feb 14 17:52:21 UTC 2008
Howard Wilkinson wrote:
> We are configuring a new site which has a pair of Master servers and 2
> "slave" servers. We have followed the following sequence of steps but
> have fallen at the last fence in getting all of the servers registered
> with admin servers.
>
> Install fresh copies of fedora-ds* 1.1 packages.
> Run setup-ds-admin.pl on the primary master (primary because it is
> the first one)
> Setup SSL access to server
> Create ROOTDNs.
> Populate server with initial data.
>
> Run setup-ds.pl on the secondary master and the 2 slaves.
>
Why did you run setup-ds.pl instead of setup-ds-admin.pl?
>
> Setup SSL access on these servers
> Create ROOTDNs
> Initiate multi-master replication for all roots from primary
> master to secondary master.
> Initiate ordinary replication from the primary master to each slave.
> Initiate ordinary replication from the secondary master to each slave.
>
>
> We are replicating o=NetscapeRoot as well as all of our Roots.
>
> The servers are setup using this inf file.
>
> [General]
>
> FullMachineName=${HOSTNAMEFQDN}
>
> SuiteSpotUserID=${LDAPUID}
>
> SuiteSpotGroup=${LDAPGID}
>
> ServerRoot=/usr/lib/fedora-ds
>
> AdminDomain=${MASTERDOMAIN}
>
> ConfigDirectoryAdminID=admin
>
> ConfigDirectoryAdminPwd=${ADMINPASSWD}
>
> ConfigDirectoryLdapURL=ldap://${MASTERHOSTFQDN}:${LDAPPORT}/o=NetscapeRoot
>
> UserDirectoryAdminID=admin
>
> UserDirectoryAdminPwd=${ADMINPASSWD}
>
> UserDirectoryLdapURL=ldap://${HOSTNAMEFQDN}:${LDAPPORT}/${MASTERDN}
>
> #CACertificateURL=
>
> [slapd]
>
> SlapdConfigForMC=${SlapdConfigForMC} # Set to 1 on Master, 0 on all others
>
> SecurityOn=No
>
> UseExistingMC=${UseExistingMC} # Set to 0 on Master, 1 on all others
>
> UseExistingUG=0
>
> ServerPort=${LDAPPORT}
>
> ServerIdentifier=${HOSTNAME}
>
> Suffix=dc=${MASTERDN}
>
> RootDN=cn=Directory Manager
>
> AddSampleEntries=No
>
> InstallLdifFile=none
>
> AddOrgEntries=No
>
> DisableSchemaChecking=No
>
> RootDNPwd=${DIRMANPASSWD}
>
> start_server=1
>
> install_full_schema=1
>
> [admin]
>
> SysUser=${LDAPUID}
>
> Port=${ADMINPORT}
>
> ServerIpAddress=*
>
> ServerAdminID=admin
>
> ServerAdminPwd=${ADMINPASSWD}
>
> ApacheDir=/usr/sbin/
>
> ApacheRoot=/etc/httpd
>
>
> I then run up fedora-idm-console on the master. We can see the master
> server in the console but cannot see any of the others!
Not surprising since setup-ds.pl doesn't do any console/admin server
registration.
>
> What have we missed? What do we need to do to get this running and
> then switch each server over to using its local admin server (with
> replicated data from the master)
>
> Note we cannot get "register-ds-admin.pl" to do anything in this
> environment a sit just keeps asking for the server name and any input
> results in it asking again for the server name.
register-ds-admin.pl should work - can you provide more details? Script
output?
>
> Regards, Howard.
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20080214/362eba32/attachment.bin>
More information about the Fedora-directory-users
mailing list