On 06/07/2017 10:38 AM, wudadin2003@xxxxxxxxx wrote: > Here is a look at the logs as it happens > > ~ # tail -f /var/log/dirsrv/admin-serv/error > [Wed Jun 07 09:19:27 2017] [error] Could not bind as []: ldap error -1: Can't contact LDAP server > [Wed Jun 07 09:19:27 2017] [warn] Unable to bind as LocalAdmin to populate LocalAdmin tasks into cache. > [Wed Jun 07 09:19:27 2017] [notice] Access Host filter is: (*.old.domain.com|*.domain.com) > [Wed Jun 07 09:19:27 2017] [notice] Access Address filter is: * This is the Admin Server's error log, I need to see the Directory Server's access log: /var/log/dirsrv/slapd-INSTANCE/access > > The /etc/dirsrv/admin-serv/adm.conf shows that the ldapurl is still pointing at the old non-existent server. > > cat /etc/dirsrv/admin-serv/adm.conf > AdminDomain: old.domain.com > sysuser: ldapuser > isie: cn=389 Administration Server,cn=Server Group,cn=new-server-01.my.domain.com,ou=old.domain.com,o=NetscapeRoot > SuiteSpotGroup: ldapuser > sysgroup: ldapuser > userdn: uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot > ldapurl: ldap://my-old-server-01.old.domain.com:389/o=NetscapeRoot > SuiteSpotUserID: ldapuser > sie: cn=admin-serv-new-server-01,cn=389 Administration Server,cn=Server Group,cn=new-server-01.my.domain.com,ou=old.domain.com,o=NetscapeRoot register-ds-admin.pl does not modify this file. To be honest I really confused as to what you have and don't have now. > > As a side not, the "domain.com" is not changing but the "sub-domain" is changing. (old.domain.com vs. my.domain.com) This tool will "not" help you with domain name changes. In fact if your hostname changed it's going to cause all kinds of problems with the console. > > I also thinking that there is no o=netscaperoot on this machine since it was originally registered to another (now non-existent) server. But you "appear" to have an admin server, so you should have o=netscaperoot as a backend. > > If I am not able to re-register is to a new server, can I at least get its own admin server running? The wiki page describes what you need to do here. Every host needs an admin server. Whether the DS is registered or not. Once this is done, then you can register any instance with any other admin server/config DS. I'm sorry I just don't understand what you have installed and don't. I keep seeing conflicting information for you, which makes helping you very difficult. I think we should go back and see why the tool was failing before, and that requires examining the Directory Server's access log. So, tail the DS access log (the one that you are trying to register to), rerun the tool, wait 30 seconds for log buffering to flush, and send me the access log output from that time. Thanks, Mark > I would like to have console access to these machines again. > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
