Mister Anonyme wrote: > > Rich Megginson wrote: > >> Mister Anonyme wrote: > >> Hi, > >> I tried to follow the guidelines here: > >> > http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Replication-Replicating-ADS-for-Failover.html > >> And it doesn't work. > > > >Can you be more specific? > > There you go... > > SERVER1 is first server, SERVER2 is second server (failover) > > ======================================== > First step (from the doc): Install and configure the first Directory > Server instance. > ======================================== > > ****** > file.inf > ****** > FullMachineName = SERVER1 > AdminDomain = MY DOMAIN NAME > SuiteSpotUserID = nobody > SuiteSpotGroup = nobody > ConfigDirectoryLdapURL = ldap://SERVER1:389/o=NetscapeRoot > ConfigDirectoryAdminID = admin > ConfigDirectoryAdminPwd = MY PASSWORD > > > [admin] > ServerAdminID = admin > ServerAdminPwd = MY PASSWORD > SysUser = nobody > ServerIpAddress = MY SERVER IP ADDRESS > Port = 9830 > > [slapd] > InstallLdifFile = suggest > ServerIdentifier = SERVER1 > ServerPort = 389 > AddOrgEntries = Yes > RootDN = cn=Directory Manager > RootDNPwd = MY DS PASSWORD > SlapdConfigForMC = yes > Suffix = dc=EXAMPLE, dc=NET > UseExistingMC = 0 > AddSampleEntries = Yes > ConfigFile = repluser.ldif > ConfigFile = changelog.ldif > ConfigFile = replica.ldif > ConfigFile = replagreement.ldif > > *************** > repluser.ldif > *************** > dn: cn=replication manager,cn=config > objectClass: inetorgperson > objectClass: person > objectClass: top > cn: replication manager > sn: RM > userPassword: MY ENCRYPTED PASSWORD > passwordExpirationTime: 20380119031407Z > > **************** > changelog.ldif > **************** > dn: cn=changelog5,cn=config > objectclass: top > objectclass: extensibleObject > cn: changelog5 > nsslapd-changelogdir: /var/lib/dirsrv/slapd-MYINSTANCE/changelogdb > > > ************ > replica.ldif > ************* > dn: cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config > objectclass: top > objectclass: nsds5replica > objectclass: extensibleObject > cn: replica > nsds5replicaroot: o=NetscapeRoot > nsds5replicaid: 1 > nsds5replicatype: 3 > nsds5flags: 1 > nsds5ReplicaPurgeDelay: 604800 > nsds5ReplicaBindDN: cn=replication manager,cn=config > > > ****************** > replagreement.ldif > ****************** > dn: cn=replication_netscaperoot,cn=replica,cn="o=Netscaperoot",cn=mapping > tree,cn=config > objectclass: top > objectclass: nsds5replicationagreement > cn: replication_netscaperoot > nsds5replicahost: SECONDARY LDAP SERVER HOSTNAME > nsds5replicaport: 389 > nsds5ReplicaBindDN: cn=replication manager > nsds5replicabindmethod: SIMPLE > nsds5replicaroot: o=Netscaperoot > description: replication netscaperoot > nsds5replicacredentials: ENCRYPTEDPASSWORD > nsds5BeginReplicaRefresh: start > > I run this command: > > > # /usr/sbin/setup-ds-admin -s -f file.inf > > > Here's the log: > [...] > +Processing repluser.ldif ... > +++check_and_add_entry: Entry not found cn=replication > manager,cn=config error No such object > +Entry cn=replication manager,cn=config is added > > +Processing changelog.ldif ... > +++check_and_add_entry: Entry not found cn=changelog5,cn=config error > No such object > +Entry cn=changelog5,cn=config is added > > +Processing replica.ldif ... > +++check_and_add_entry: Entry not found > cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config error No such > object > +ERROR: adding an entry cn=replica,cn="o=NetscapeRoot",cn=mapping > tree,cn=config failed, error: No such object > dn: cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config > objectclass: top > objectclass: nsds5replica > objectclass: extensibleObject > cn: replica > nsds5replicaroot: o=NetscapeRoot > nsds5replicaid: 1 > nsds5replicatype: 3 > nsds5flags: 1 > nsds5replicapurgedelay: 604800 > nsds5replicabinddn: cn=replication manager,cn=config > > +ERROR: There was an error processing entry > cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config > +Cannot continue processing entries. > > > So, I created another file (the documentation didn't mention this so I > don't know if it's the 'good' procedure...): I think it is mentioned in the documentation. http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Replication-Replicating-ADS-for-Failover.html "2. Install and configure the second Directory Server instance. For the second server, |server2.example.com|, use the |setup-ds.pl| command, which installs a Directory Server instance without installing a local Administration Server. " Which is what you did below anyway. However, there is a doc bug: "ConfigFile = netscaperootdb.ldif example suffix entry" This links to an example of the suffix only, which is what you did below - the ldif only creates the suffix, not the associated database. The LDIF file should contain this: dn: cn=NetscapeRoot,cn=ldbm database,cn=plugins,cn=config objectclass: top objectclass: extensibleObject objectclass: nsBackendInstance nsslapd-suffix: o=NetscapeRoot cn: NetscapeRoot dn: cn=encrypted attribute keys,cn=NetscapeRoot,cn=ldbm database,cn=plugins,cn=config objectClass: top objectClass: extensibleObject cn: encrypted attributes keys dn: cn=encrypted attributes,cn=NetscapeRoot,cn=ldbm database,cn=plugins,cn=config objectClass: top objectClass: extensibleObject cn: encrypted attributes dn: cn="o=NetscapeRoot",cn=mapping tree,cn=config objectclass: top objectclass: extensibleObject objectclass: nsMappingTree cn: "o=NetscapeRoot" nsslapd-state: backend nsslapd-backend: NetscapeRoot > > ************* > replica_1.ldif > ************* > dn: cn="o=NetscapeRoot",cn=mapping tree,cn=config > objectclass: top > objectclass: nsMappingTree > objectclass: extensibleObject > cn: "o=NetscapeRoot" > > > I added just before the replica.ldif in the "file.inf", [slapd] section. > > Then: > > # /usr/sbin/setup-ds-admin -s -f file.inf > > It works well until...: > [...] > +[13/Aug/2008:15:07:17 -0400] NSMMReplicationPlugin - > _replica_configure_ruv: replication broken for entry (o=NetscapeRoot); > LDAP error - 1 > +[13/Aug/2008:15:07:17 -0400] NSMMReplicationPlugin - Unable to > configure replica o=NetscapeRoot: > +[13/Aug/2008:15:07:17 -0400] - slapd started. Listening on All > Interfaces port 389 for LDAP requests > +Your new directory server has been started. > Your new DS instance 'INSTANCENAME' was successfully created. > Creating the configuration directory server . . . > The suffix 'o=NetscapeRoot' already exists. Config entry DN > 'cn="o=NetscapeRoot",cn=mapping tree,cn=config'. > > Failed to create the configuration directory server > Exiting . . . > > So, it won't process LDIF files that I created according to the > documentation, but if I force the creation of NetscapeRoot so the > replica.ldif can be processed, it won't continue because it already > exists... > > Great... > > I removed replica_1.ldif, replica.ldif, replagreement.ldif from > file.inf and ran this agan: > > # /usr/sbin/setup-ds-admin -s -f file.inf > > [...] > The admin server was successfully started. > Admin server was successfully created, configured, and started. > > Then, I manually created a replica and a replica agreement: > > /usr/lib/mozldap6/ldapmodify -cvD "cn=Directory manager" -w PASSWD < > replica.ldif > /usr/lib/mozldap6/ldapmodify -cvD "cn=Directory manager" -w PASSWD < > replagreement.ldif > > It went with sucess. > > Now, step 2 from the doc... > > The inf file of the second server: > > ****** > file.inf > ****** > [General] > AdminDomain = EXAMPLE.DOMAIN > SuiteSpotGroup = nobody > ConfigDirectoryLdapURL = ldap://SERVER1 (or SERVER2, doesn't matter, > it fails).nl.rsft.net:389/o=NetscapeRoot > ConfigDirectoryAdminID = admin > FullMachineName = SERVER2 > SuiteSpotUserID = nobody > ConfigDirectoryAdminPwd = PASS > > [admin] > ServerAdminID = admin > ServerAdminPwd = PASS > SysUser = nobody > Port = 9830 > > > [slapd] > InstallLdifFile = suggest > ServerIdentifier = SERVER2 > ServerPort = 389 > AddOrgEntries = Yes > RootDN = cn=Directory Manager > RootDNPwd = SERVER2 > Suffix = dc=EXAMPLE,dc=DOMAIN > UseExistingMC = 0 > AddSampleEntries = No > ConfigFile = netscaperootdb.ldif > ConfigFile = repluser.ldif > ConfigFile = changelog.ldif > ConfigFile = replica.ldif > ConfigFile = replagreement.ldif > > > I won't show repluser.ldif, changelog.ldif, replica.ldif and > replagreement.ldif, they are same as above, except for netscapeootdb.ldif: > > ****************** > netscaperootdb.ldif > ****************** > dn: cn="o=netscaperoot",cn=mapping tree,cn=config > objectclass: top > objectclass: extensibleObject > objectclass: nsMappingTree > nsslapd-state: backend > nsslapd-backend: NetscapeRoot > cn: o=NetscapeRoot > > > I ran the script: > > # /usr/sbin/setup-ds.pl -s -f file.inf > > There's not error until... > [...] > +importing data ... > [13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: 4096, > pages: 258922, procpages: 6198 > [13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k > [13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, > import_pages: 51200, pagesize: 4096 > [13/Aug/2008:15:30:35 -0400] - WARNING: Import is running with > nsslapd-db-private-import-mem on; No other process is allowed to > access the database > [13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: 4096, > pages: 258922, procpages: 6198 > [13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k > [13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, > import_pages: 51200, pagesize: 4096 > [13/Aug/2008:15:30:36 -0400] - import userRoot: Beginning import job... > [13/Aug/2008:15:30:36 -0400] - import userRoot: Index buffering > enabled with bucket size 100 > [13/Aug/2008:15:30:36 -0400] - import userRoot: Processing file > "/tmp/ldifBTMcP9.ldif" > [13/Aug/2008:15:30:36 -0400] - import userRoot: Finished scanning file > "/tmp/ldifBTMcP9.ldif" (9 entries) > [13/Aug/2008:15:30:37 -0400] - import userRoot: Workers finished; > cleaning up... > [13/Aug/2008:15:30:37 -0400] - import userRoot: Workers cleaned up. > [13/Aug/2008:15:30:37 -0400] - import userRoot: Cleaning up producer > thread... > [13/Aug/2008:15:30:37 -0400] - import userRoot: Indexing complete. > Post-processing... > [13/Aug/2008:15:30:37 -0400] - import userRoot: Flushing caches... > [13/Aug/2008:15:30:37 -0400] - import userRoot: Closing files... > [13/Aug/2008:15:30:37 -0400] - All database threads now stopped > [13/Aug/2008:15:30:37 -0400] - import userRoot: Import complete. > Processed 9 entries in 1 seconds. (9.00 entries/sec) > +Starting the server: /usr/lib/dirsrv/slapd-myinstance/start-slapd > +Started the server: code 256 > Server failed to start !!! Please check errors log for problems > + Red Hat-Directory/8.0.0 B2007.353.1757 > + server2:389 (/etc/dirsrv/slapd-myinstance) > + > +[13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: > 4096, pages: 258922, procpages: 6198 > +[13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k > +[13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, > import_pages: 51200, pagesize: 4096 > +[13/Aug/2008:15:30:35 -0400] - WARNING: Import is running with > nsslapd-db-private-import-mem on; No other process is allowed to > access the database > +[13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: > 4096, pages: 258922, procpages: 6198 > +[13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k > +[13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, > import_pages: 51200, pagesize: 4096 > +[13/Aug/2008:15:30:36 -0400] - import userRoot: Beginning import job... > +[13/Aug/2008:15:30:36 -0400] - import userRoot: Index buffering > enabled with bucket size 100 > +[13/Aug/2008:15:30:36 -0400] - import userRoot: Processing file > "/tmp/ldifBTMcP9.ldif" > +[13/Aug/2008:15:30:36 -0400] - import userRoot: Finished scanning > file "/tmp/ldifBTMcP9.ldif" (9 entries) > +[13/Aug/2008:15:30:37 -0400] - import userRoot: Workers finished; > cleaning up... > +[13/Aug/2008:15:30:37 -0400] - import userRoot: Workers cleaned up. > +[13/Aug/2008:15:30:37 -0400] - import userRoot: Cleaning up producer > thread... > +[13/Aug/2008:15:30:37 -0400] - import userRoot: Indexing complete. > Post-processing... > +[13/Aug/2008:15:30:37 -0400] - import userRoot: Flushing caches... > +[13/Aug/2008:15:30:37 -0400] - import userRoot: Closing files... > +[13/Aug/2008:15:30:37 -0400] - All database threads now stopped > +[13/Aug/2008:15:30:37 -0400] - import userRoot: Import complete. > Processed 9 entries in 1 seconds. (9.00 entries/sec) > +[13/Aug/2008:15starting up > +[13/Aug/2008:15:30:39 -0400] - I'm resizing my cache now...cache was > 209715200 and is now 8000000 > +[13/Aug/2008:15:30:39 -0400] - Warning: Mapping tree node entry for > o=NetscapeRoot point to an unknown backend : NetscapeRoot > +[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for > o=NetscapeRoot point to an unknown backend : NetscapeRoot > +[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for > o=NetscapeRoot point to an unknown backend : NetscapeRoot > +[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for > o=NetscapeRoot point to an unknown backend : NetscapeRoot > +[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for > o=NetscapeRoot point to an unknown backend : NetscapeRoot > +[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for > o=NetscapeRoot point to an unknown backend : NetscapeRoot > > > And it hung up. I had to do CTRL-C to have prompt. Well, maybe it's > normal.. This server isn't completely installed. > > So, step 3 from the doc, I ran it on the SERVER1: > > # /usr/lib/mozldap6/ldapmodify -cvD "cn=Directory manager" -w PASSWD > ldapmodify-bin: started Wed Aug 13 15:37:03 2008 > > ldap_init( localhost, 389 ) > dn: cn=ExampleAgreement1,cn=replica,cn="o=NetscapeRoot",cn=mapping > tree,cn=config > changetype: modify > replace: nsds5beginreplicarefresh > nsds5beginreplicarefresh: start > replace nsds5beginreplicarefresh: > start > modifying entry > cn=ExampleAgreement1,cn=replica,cn="o=NetscapeRoot",cn=mapping > tree,cn=config > ldap_modify: No such object > > This is when I gave up and decided to create a NetscapeRoot's > replication directly from the Java console. I mean, I installed two > LDAP servers with the second server that it uses the Configuration > Server from the first server. > > The replication works very well between two servers (only if I setup > from the Java console) but when I want to do the the step 4 from the > doc (create local Administration Server), it doesn't work, the script > 'register-ds-admin.pl' always fails. > > Thank you very much for your help! > > ------------------------------------------------------------------------ > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20080813/ef029dea/attachment.bin
