Re: [389-users] Registering to a central admin server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Chris Phillips wrote:
On Mon, Jun 22, 2009 at 8:04 PM, Rich Megginson <rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>> wrote: 

    Chris Phillips wrote:


           Try editing /etc/dirsrv/admin-serv/adm.conf to point to the
           correct server, then try register-ds-admin.pl


        I'm afraid I'm still in the dark here. The adm.conf is used by
        the admin server to contact the DS instance to be managed? I
        thought the logic was the other way round, with the DS server
        "phoning home" to register itself to the Admin. Either way,
        the adm.conf then only lists one server in the ldapurl, and
        the other two attributes referencing the server, sie and isie
        both get changed to match the server in the ldapurl as part of
        the registration, removing all other references to the server
        that was in there. So whilst I thought my modifications to
        adm.conf (changing the ldapurl from server b to a) on server b
        and running register-ds-admin.pl on server b would add server
        b to the admin console on server a. Instead it *replaced*
        server b with server a on the admin console on server b,
        meaning both admin consoles were then registered to administer
        server a. Not anything like what I wanted!

        Any pointers?

    Change adm.conf back to point to which server you want to use as
    your main server, and then run setup-ds-admin.pl -u


My main what server? DS or Admin?
DS. The directory server which has the master copy of o=NetscapeRoot which contains all of the configuration information for all of the admin servers and directory servers in your organization.
As I understand that, that will register whatever server is listed as the ldapurl as the only instance in the Admin server on the box I'm running this on. Correct? 
No.
Am I being deluded about this? I'm expect to log in to an admin server with the idm console, and see a list of 8 different machines listed there, and be able to browse the ldap tree of any of those machines, 
Yes.

including their o=NetscapeRoot
No. Only the master configuration DS will have o=NetscapeRoot. The other servers should not have o=NetscapeRoot (unless you have set up MMR/failover for o=NetscapeRoot).
and be able to manage ACI's, password policies and such... This is the model you recommend, no? 
This is the recommended model.


Thanks

Chris

------------------------------------------------------------------------

--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

<<attachment: smime.p7s>>

--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux