Re: upgrade to 389-ds-base-1.3.4 Q

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Rich,
Yes I totally agree I should see the prompt as you put here, this is working in my case only  when running:
setup-ds.pl -u
but not for ds-admin.
 I would like to continue with this upgrade process ( i have 4 more hosts to upgrade)  is there a option to check for any missing packages,lib etc when running setup-ds-admin.pl -u .??
 The Sysadmin build the  389-ds* rmp's  from scratch for this OS,  I have a feeling something may missing from ds-admin package (??) but I need "tools/proof" to  point what's missing.

 OS
Linux 2.6.32-431.el6.x86_64 #1 SMP Thu Nov 21 13:35:52 CST 2013 x86_64 x86_64 x86_64 GNU/Linux


 new installed 389-ds-admin

rpm -qa | grep 389-admin*
389-admin-1.1.42-000.x86_64
389-admin-console-1.1.10-000.x86_64
389-adminutil-1.1.22-000.x86_64



Thank you again
Isabella


...
I don't understand what is going on. When you use setup-ds-admin.pl -u, You should see a prompt like this: ============================================================================== The update option will allow you to re-register your servers with the configuration directory server and update the information about your servers that the console and admin server uses. You will need your configuration directory server admin ID and password to continue. Continue? ============================================================================== I have no idea what's wrong.
...


On 12/01/2015 02:07 PM, ghiureai wrote:



Rich, still see bellow : and bellow only for ds no admin

setup-ds-admin.pl -u -ddddd

==============================================================================
This program will set up the 389 Directory and Administration Servers.

It is recommended that you have "root" privilege to set up the software.
Tips for using this program:
  - Press "Enter" to choose the default and go to the next screen
  - Type "Control-B" then "Enter" to go back to the previous screen
  - Type "Control-C" to cancel the setup program

Would you like to continue with set up? [yes]:

==============================================================================
Your system has been scanned for potential problems, missing patches,
etc.  The following output is a report of the items found that need to
be addressed before running this software in a production
environment.

Would you like to continue? [no]: yes

==============================================================================
Choose a setup type:

   1. Express
       Allows you to quickly set up the servers using the most
       common options and pre-defined defaults. Useful for quick
       evaluation of the products.

   2. Typical
       Allows you to specify common defaults and options.

   3. Custom
       Allows you to specify more advanced options. This is
       recommended for experienced server administrators only.

To accept the default shown in brackets, press the Enter key.




**********************************************************************
>>>>>>setup-ds.pl -u

==============================================================================
This program will update the 389 Directory Server.

It is recommended that you have "root" privilege to perform the update.
Tips for using this  program:
  - Press "Enter" to choose the default and go to the next screen
  - Type "Control-B" or the word "back" then "Enter" to go back to the previous screen
  - Type "Control-C" to cancel the update

Would you like to continue with update? [yes]: yes

==============================================================================

The update process can work in one of two modes:

  - Online: The changes are made to the running directory servers using LDAP.
            The operations must be performed as an administrative user.
            You must provide the name and password, for each instance
            if there is more than one instance of directory server.
            Some operations may require a directory server restart to take
            effect.  The update script will notify you if you need to restart
            the server.

  - Offline: The changes are made to the server configuration files.  The
             servers MUST FIRST BE SHUTDOWN BY YOU.  The script will not
             shutdown the servers for you.  You MUST shutdown the
             servers in order to use this mode.  A username and password
             are not required to use Offline mode.  If the servers are not
             shutdown, CHANGES WILL BE LOST.

To summarize:
  Online - servers remain running - you must provide admin name and password
           for each server - servers may need to be restarted
  Offline - servers must be shutdown - no username or password required




On 12/01/2015 01:23 PM, ghiureai wrote:
On 12/01/2015 11:42 AM, ghiureai wrote:

Rich, pls see the answers to your Q's (   the DS upgrade worked but the  DS Admin set up will not behave same way )
...
setup-ds-admin.pl -u

this will not give the noption for upgrade like with (setup-ds.pl -u)
see the menu bellow
setup-ds-admin.pl -u

==============================================================================
This program will set up the 389 Directory and Administration Servers.

It is recommended that you have "root" privilege to set up the software.
Tips for using this program:
  - Press "Enter" to choose the default and go to the next screen
  Would you like to continue with set up? [yes]:

==============================================================================
Your system has been scanned for potential problems, missing patches,
etc.  The following output is a report of the items found that need to
be addressed before running this software in a production
environment.

Would you like to continue? [no]: yes

==============================================================================
Choose a setup type:

   1. Express
       Allows you to quickly set up the servers using the most
       common options and pre-defined defaults. Useful for quick
       evaluation of the products.

2 ....................................................................
...

What repo are you using? What platform is this? If you are using el6 or el7 you must use epel6 or epel7 to get the admin/console packages.
...


Linux  2.6.32-431.el6.x86_64 #1 SMP Thu Nov 21 13:35:52 CST 2013 x86_64 x86_64 x86_64 GNU/Linux
epel6
rpm -qa | grep 389-*
389-ds-console-1.2.12-000.x86_64
389-ds-base-1.3.4.4-000.x86_64
389-admin-1.1.42-000.x86_64
389-admin-console-1.1.10-000.x86_64
389-adminutil-1.1.22-000.x86_64
389-console-1.1.9-000.x86_64



On 12/01/2015 10:42 AM, ghiureai wrote:
Thank you Rich for reply one more related issues I see :

When need to run the  ds admin update  I do not see the  options for 
update,  seems goes back and asks all the Q's  as a new fresh 
installation ( ??)
What we are missing from this upgrade installation here is what is been 
installed
    grep 389-*
389-ds-console-1.2.12-000.x86_64
389-admin-1.1.42-000.x86_64
389-ds-base-1.3.4.4-000.x86_64
389-console-1.1.9-000.x86_64
389-admin-console-1.1.10-000.x86_64
389-adminutil-1.1.22-000.x86_64





On 12/01/2015 09:07 AM, ghiureai wrote:

Hi List,
we are tying to upgrade to 389-ds 1.3.4 from 1.2.2 , after rpm installed
and update the server ,  when restarting the DS geting the following in
DS errorlog, there is no such  "entryallowWeakCipher" in cfg file , what
should we dissable see entries for this cn

   SSL alert: Cipher rsa_rc4_128_md5 is weak. It is enabled since
allowWeakCipher is "on" (default setting for the backward
compatibility). We strongly recommend to set it to "off".  Please
replace the value of allowWeakCipher with "off" in the encryption config
entry cn=encryption,cn=config and restart the server.

dn: cn=encryption,cn=config
objectClass: top
objectClass: nsEncryptionConfig
cn: encryption
nsSSLSessionTimeout: 0
nsSSLClientAuth: allowed
nsSSL2: off

nsSSL3: off ----->>> This was on but turn to "off"

creatorsName: cn=server,cn=plugins,cn=config
modifiersName:
uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoo
   t
createTimestamp: xxxxxxxxxxxxxxxx
modifyTimestamp:xxxxxxxxxxxxxxxxxxxx
nsSSL3Ciphers:
-rsa_null_md5,-rsa_null_sha,+rsa_rc4_128_md5,+rsa_rc4_40_md5,+r
   sa_rc2_40_md5,+rsa_des_sha,+rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha
   ,+fortezza,+fortezza_rc4_128_sha,+fortezza_null,+tls_rsa_export1024_with_rc4_
   56_sha,+tls_rsa_aes_128_sha,+tls_rsa_aes_256_sha


xxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxx

Thank you for your time
Isabella





--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux