Re: [389-users] 389 upgrade

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Juan Asensio Sánchez wrote:
Hi

I am trying to upgrade some of our FDS servers. The test versions we
are using for upgrade are (the same that the production servers):

[root@fdsold ~]# rpm -qa | grep -i fedora
fedora-ds-dsgw-1.1.1-1.fc6
fedora-ds-1.1.2-1.fc6
fedora-ds-admin-1.1.2-2.fc6
fedora-ds-console-1.1.2-1.fc6
fedora-idm-console-1.1.0-5.fc6
fedora-ds-base-1.1.3-2.fc6
fedora-ds-admin-console-1.1.2-1.fc6

We have two test servers, with replication agreements between them,
and SSL configured for directory and console; 389 port is disabled.
Then we upgrade FDS/389 with this command (we do not want to upgrade
the full server):

yum upgrade 389-admin 389-admin-console 389-console 389-ds 389-ds-base
389-ds-console 389-dsgw

The upgrade is done correctly, then we run "setup-ds-admin.pl -u":

[root@fdsnew ~]# setup-ds-admin.pl -u

==============================================================================
The update option will allow you to re-register your servers with the
configuration directory server and update the information about your
servers that the console and admin server uses.  You will need your
configuration directory server admin ID and password to continue.

Continue? [yes]:

==============================================================================
Please specify the information about your configuration directory
server.  The following information is required:
- host (fully qualified), port (non-secure or secure), suffix,
  protocol (ldap or ldaps) - this information should be provided in the
  form of an LDAP url e.g. for non-secure
ldap://host.example.com:389/o=NetscapeRoot
  or for secure
ldaps://host.example.com:636/o=NetscapeRoot
- admin ID and password
- admin domain
- a CA certificate file may be required if you choose to use ldaps and
  security has not yet been configured - the file must be in PEM/ASCII
  format - specify the absolute path and filename

Configuration directory server URL
[ldaps://fdsnew.sacyl.es:636/o=NetscapeRoot]:
Configuration directory server admin ID [uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot]:
Configuration directory server admin password:
Configuration directory server admin domain [center2.sacyl.es]:
CA certificate filename: /etc/openldap/cacerts/cert-CA-cacert.pem

==============================================================================
The interactive phase is complete.  The script will now set up your
servers.  Enter No or go Back if you want to change something.

Are you ready to set up your servers? [yes]:
Registering the directory server instances with the configuration
directory server . . .
Beginning Admin Server reconfiguration . . .
Registering admin server with the configuration directory server . . .
Updating adm.conf with information from configuration directory server . . .
Exiting . . .
Log file is '/tmp/setupwDn6B0.log'

And reboot... After that, when connecting with the console, we have
two entries for the directory server and two for the administration
server.
Yep, this is a known bug. You can ignore the Fedora ones - the 389 ones are the real ones.
One of each does not show the icon it should, and when I click
on it, it tries to download new jars, but it can not.
What error does it give?
If I use the old
item for the administration console (that shows the icon), in the
encryption tab , SSL is disabled, but before the upgrade it was
enabled, but if i try to access the server with the browser, i must
use https (¿?). Why is SSL disabled? And if it is disabled, why must I
access using https? Is there any step I haven't done?
This is also a bug. The update procedure does not preserve the SSL settings for your old (Fedora) servers when it adds the new (389) servers.
Regards and thanks in advance.

--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users


<<attachment: smime.p7s>>

--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux