[Fedora-directory-users] Admin-server/config-server

Fri Apr 24 12:48:10 UTC 2009

2009/3/12 Rich Megginson <rmeggins at redhat.com>

> One additional question with regards to the above, though, if I may:
>> Does this mean it's not intended/possible to register ldap instance(s) on
>> machine A with the config-server on machine B? I assumed it was because
>> answering "yes" on the register-with-existing-configserv step in
>> setup-ds-admin.pl prompts you for a full ldap-URL.
>>
> You usually have a single configuration directory server for a single admin
> domain, which may consist of many machines.  So yes, that's what that dialog
> does - it registers your directory server with a (possibly) remote
> configuration directory server, used to store configuration for many
> machines.
>
>> However, creating an instance with setup-ds.pl and then later running
>> register-ds-admin.pl it only seems possible to register locally by
>> folder/identifier, not ldap-URL.
>>
> It should be possible both ways.

Following up on this, I think I discovered a small bug in the script: the
first time you run setup-ds-admin.pl the adm.conf ldapurl property isn't
updated correctly and the instance wont find the config directory for
registration.

I have two machines: ldap1.test.com and ldap2.test.com. ldap1 has the
instances slapd-config on port 4000 (holding NetscapeRoot) and slapd-test1
on port 4001. ldap2 only has slapd-test2 on port 4002. (different ports so I
can use the same infs to create all instances on same machine if I need to).
I have been able to set this up successfully, and I can can see them both
under the same admin domain in the fedora-idm-console.

The problem surfaces when I create slapd-test2 instance on ldap2 with
setup-ds-admin.pl -s -f slapd-test2.inf for the first time only (ensured by
running remove-ds-admin.pl -y first). The first time I create the server I
get normal log output and the instance is started successfully but it does
not show up in the idm-console. Then I try to remove it with ds_removal and
I get this:
Error:The server 'ldap://:4002/o=NetscapeRoot' is not reachable.  Error:
unknown error

Checking /etc/dirsrv/admin-serv/adm.conf and notice that it has the wrong
ldapurl: ldap://:4002/o=NetscapeRoot.. Then I run setup-ds-admin.pl again
exactly like before, and then it works. I can see the new instance in the
idm-console and I can ds_removal it again without errors.
/etc/dirsrv/admin-serv/adm.conf now holds the right ldapurl for the
configdirectory: ldapurl: ldap://ldap1.test.com:4000/o=NetscapeRoot. The
rest of the adm.conf is identical in both cases.

If I add FullMachineName directive to the inf then this is added instead of
empty string, but according to the docs
http://www.redhat.com/docs/manuals/dir-server/install/8.0/Installation_Guide-Advanced_Configuration-Silent.htmlthis
should be the hostname of the machine you're installing ON.
Additionally this still leaves me with the wrong port, ie ldap://
ldap01.test.com:4002 (it uses the FullMachineName but local port for the
instance being created). But on the second run it is always corrected. So
the workaround I have found is to just make sure adm.conf exists already.
Then it always works, even when the file is blank.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20090424/be43bd70/attachment.htm>