[389-users] How to restore replica admin in the master

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2009-09-03 at 13:50 -0400, Mister Anonyme wrote:
> Hi,
> 
> I have two masters (in multi-master mode, they replicate each other)
> and 6 slaves.
> 
> I added a new schema file in /etc/dirsrv/slapd-XXX/schema and I
> restarted all dirsrv.  I learned later that I had to stop the
> replication before adding a new schema file.  Because of that, the
> netscaperoot seems to be corrupted because I wasn't able to do
> replication between two masters.
> 
> So, I had to completely re-install two masters and re-import the
> database but is there a way to re-configure the admin part of each
> replica (slave) servers ?  I could completely re-install slaves too
> but if I can reconfigure the admin so I can see all replicas in the
> Redhat Management Console, it would be nice.
> 
<snip>
Ouch! I think I understand.  Unfortunately, I'm on the run and can't
explore it in detail but here is an excerpt from our internal
documentation on restoring the admin relationship between slave and
master and losing and then restoring the master from the slave database:

Once the data is restored, we need to tell LDAP1 that it is the
configuration master and that LDAP2 uses it.
On LDAP1 run "register-ds-admin.pl"
Then, on LDAP2 run "setup-ds-admin.pl -u" but, for some reason, it
insists on installing the CA cert and, since it already exists in the
database, it errors.  So we first remove the existing CA cert:
cd /etc/dirsrv/admin-serv
certutil -D -d . -n "CA certificate"
then run setup-ds-admin.pl -u and take defaults except we must enter the
path the to CA cert (/etc/dirsrv/admin-serv/MyCA.pem).

Hope this helps.  I think the original threads where Rich Megginson
helped us through this scenario are still in the archive.  Good luck -
John
-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com

http://www.spiritualoutreach.com
Making Christianity intelligible to secular society




[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux