Anthony Joseph Messina wrote:
They can be removed using the console directory browser, to remove their entries from under o=NetscapeRootOn Friday 28 August 2009 10:25:20 Rich Megginson wrote:2) I noticed that while using SSL, the setup-ds-admin.pl requires me to delete the CA cert that was previously installed and re-import it(crazy).Yes, this is a bug. https://bugzilla.redhat.com/show_bug.cgi?id=501846I'd like to make sure don't have these servers crap out again.Due to the rename issue, your servers will be stopped and restarted, but you should not lose your run level configuration. In what other way(s) did they "crap out"?well, since i had SSL in the server, the admin server and the console communication between both, and when the servers were stopped, the setup-ds- admin.pl couldn't connect to anything to do the upgrade and once i manually re-added (chkconfig --add dirsrv...) and restarted, the SSL issue with setup- ds-admin.pl became a problem as i had to then uninstall certs just to reinstall them... yuk!but i'm not worried about the change between fedora-ds* and 389-ds* now as i removed all of fedora-ds* and installed fresh 389-ds* rpms and just simply started over. -- i had just moved from OpenLDAP so that wasn't a big deal.i also noticed last time that the setup-ds-admin.pl created duplicate instances of my servers in the console -- and i wasn't sure how to get rid of those which is also part of why i just "started over."
since i'm already using the renamed packages (the first round of them), i want to be sure i'm ok with a yum upgrade and that the proper procedure is to always run a setup-ds-admin.pl -uYes. In the future (unless we obsolete some packages again) you can just use yum update. And you must always run setup-ds-admin.pl -u after doing an upgrade - this will make sure the console shows the correct information, and in the future will do things like schema upgrade, adding new configuration, removing old/obsolete configuration/files, etc.
due to https://bugzilla.redhat.com/show_bug.cgi?id=501846, i now have standard ldap:// (instead of ldaps://) between the admin server and the ds so i should be able to avoid that issue.Unfortunately, there is no way to change the information that the console uses without asking for some sort of password or credential - you can't do that with yum upgrade or rpm -U.i'm still learning this 389-ds, coming from OpenLDAP where i simply did an yum update and didn't need to do anything else :)
I'm not sure how a yum upgrade of openldap would deal with schema changes, config changes, etc. - perhaps it doesn't do any of that, and just expects you to do that.
i guess, basically... what does one do if the server stops and they are not able to run setup-ds-admin.pl? is it safe to restart the server services and then try it again?
Yes.
-------------------------------------------------------------------------- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
