Kyley Engle wrote: > > so here's where i'm at now..... > > primary-master and secondary-master running...everything is fine. i > shut down the primary-master and i can log into the admin console on > the secondary-master fine. however, if i try to restart the admin > server, it fails with: > > [Thu Apr 26 22:48:50 2007] [info] Init: Initializing NSS library > [Thu Apr 26 22:48:50 2007] [info] Initializing SSL Session Cache of > size 10000. SSL2 timeout = 100, SSL3/TLS timeout = 86400. > [Thu Apr 26 22:48:50 2007] [info] Init: Initializing (virtual) servers > for SSL > [Thu Apr 26 22:48:50 2007] [info] Server: Apache/2.0.52, Interface: > mod_nss/2.0.52, Library: NSS/3.11 > [Thu Apr 26 22:48:50 2007] [debug] mod_admserv.c(2154): [30854] Cache > expiration set to 600 seconds > [Thu Apr 26 22:48:50 2007] [crit] mod_admserv_post_config(): unable to > build user/group LDAP server info: unable to set User/Group baseDN > Configuration Failed > > I change the 2 files and 1 directory entry listed in the HowTo: and i > get the exact same behavior. There are probably some other values under o=NetscapeRoot somewhere that reference the old directory server. Try this: cd /opt/fedora-ds/shared/bin ; ./ldapsearch -T -h host -p port -D "cn=directory manager" -w password -s sub -b o=netscaperoot "objectclass=*" | grep "old ldap server host and/or port" > > I have no pass through authentication configured. I'm doing some > testing on 2 freshly installed instances that don't have anything > other than o=NetscapeRoot replication enabled and working. > > hope this is useful.... > > -ke > > >> From: Richard Megginson <rmeggins at redhat.com> >> Reply-To: "General discussion list for the Fedora Directory server >> project." <fedora-directory-users at redhat.com> >> To: "General discussion list for the Fedora Directory server >> project." <fedora-directory-users at redhat.com> >> Subject: Re: Problem with Admin Console >> failoverusingFedoraDS >> Date: Thu, 26 Apr 2007 16:01:22 -0600 >> >> Kyley Engle wrote: >>> >>> >>> i have done that, as well as changing the directory in the >>> nsDirectoryURL entry and the file >>> /opt/fedora-ds/admin-serv/config/adm.conf >>> >>> is there maybe a way to increase the debug logging on the >>> admin-serv? i'm not finding very much documentation on it. >> I think you'll also need to change or disable the pass through >> authentication plug-in in your backup configuration directory server. >> >> edit admin-serv/config/httpd.conf and set the LogLevel to debug >>> >>> ke >>> >>>> From: Richard Megginson <rmeggins at redhat.com> >>>> Reply-To: "General discussion list for the Fedora Directory server >>>> project." <fedora-directory-users at redhat.com> >>>> To: "General discussion list for the Fedora Directory server >>>> project." <fedora-directory-users at redhat.com> >>>> Subject: Re: Problem with Admin Console >>>> failoverusing FedoraDS >>>> Date: Thu, 26 Apr 2007 15:17:43 -0600 >>>> >>>> Kyley Engle wrote: >>>>> >>>>> Hello, >>>>> >>>>> I am having problems with the admin-serv when doing failure >>>>> testing in my multi-master environmnet. >>>>> >>>>> What I have: >>>>> >>>>> 2 masters replicating the userRoot and NetscapeRoot directories >>>>> various hub and consumer/search servers >>>>> >>>>> When I installed the instances on each of these servers, i pointed >>>>> them at one of the masters, let's call it primary-master, for it's >>>>> configuration directory. when both masters are up and running, i >>>>> can connect my admin consoel to either directory and manage my >>>>> fleet of servers >>>>> >>>>> While doing failure mode testing, I discovered that if the >>>>> primary-master was turned off, that the secondary master >>>>> admin-serv would not start properly. it gives the following in >>>>> /opt/fedora-ds/admin-serv/logs/error: >>>>> >>>>> [Tue Apr 24 20:37:36 2007] [crit] mod_admserv_post_config(): >>>>> unable to build user/group LDAP server info: unable to set >>>>> User/Group baseDN >>>>> Configuration Failed >>>>> >>>>> I followed the instructions found here: >>>>> http://directory.fedoraproject.org/wiki/Howto:AdminServerLDAPMgmt#How_to_change_the_user.2Fgroup_LDAP_server >>>>> >>>>> >>>>> >>>>> >>>>> to change the admin server running on secondary-master to point to >>>>> itself instead of to the primary master. this did not resolve the >>>>> issue. >>>>> >>>>> Has anyone out there gotten the configuration directory >>>>> successfully working in a failover capacity in a multi-master >>>>> environment? >>>> Try updating shared/config/dbswitch.conf to point to the backup >>>> configuration ds. >>>>> >>>>> ke >>>>> >>>>> _________________________________________________________________ >>>>> The average US Credit Score is 675. The cost to see yours: $0 by >>>>> Experian. >>>>> http://www.freecreditreport.com/pm/default.aspx?sc=660600&bcd=EMAILFOOTERAVERAGE >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Fedora-directory-users mailing list >>>>> Fedora-directory-users at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> >>>> << smime.p7s >> >>> >>> >>> >>> >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >>> _________________________________________________________________ >>> Download Messenger. Join the i?m Initiative. Help make a difference >>> today. http://im.live.com/messenger/im/home/?source=TAGHM_APR07 >>> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users > > >> << smime.p7s >> > > > > >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > > _________________________________________________________________ > Mortgage refinance is Hot. *Terms. Get a 5.375%* fix rate. Check > savings > https://www2.nextag.com/goto.jsp?product=100000035&url=%2fst.jsp&tm=y&search=mortgage_text_links_88_h2bbb&disc=y&vers=925&s=4056&p=5117 > > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20070427/fafd4657/attachment.bin
