Juan Asensio Sánchez wrote:
Yep, this is a known bug. You can ignore the Fedora ones - the 389 ones are the real ones.Hi I am trying to upgrade some of our FDS servers. The test versions we are using for upgrade are (the same that the production servers): [root@fdsold ~]# rpm -qa | grep -i fedora fedora-ds-dsgw-1.1.1-1.fc6 fedora-ds-1.1.2-1.fc6 fedora-ds-admin-1.1.2-2.fc6 fedora-ds-console-1.1.2-1.fc6 fedora-idm-console-1.1.0-5.fc6 fedora-ds-base-1.1.3-2.fc6 fedora-ds-admin-console-1.1.2-1.fc6 We have two test servers, with replication agreements between them, and SSL configured for directory and console; 389 port is disabled. Then we upgrade FDS/389 with this command (we do not want to upgrade the full server): yum upgrade 389-admin 389-admin-console 389-console 389-ds 389-ds-base 389-ds-console 389-dsgw The upgrade is done correctly, then we run "setup-ds-admin.pl -u": [root@fdsnew ~]# setup-ds-admin.pl -u ============================================================================== The update option will allow you to re-register your servers with the configuration directory server and update the information about your servers that the console and admin server uses. You will need your configuration directory server admin ID and password to continue. Continue? [yes]: ============================================================================== Please specify the information about your configuration directory server. The following information is required: - host (fully qualified), port (non-secure or secure), suffix, protocol (ldap or ldaps) - this information should be provided in the form of an LDAP url e.g. for non-secure ldap://host.example.com:389/o=NetscapeRoot or for secure ldaps://host.example.com:636/o=NetscapeRoot - admin ID and password - admin domain - a CA certificate file may be required if you choose to use ldaps and security has not yet been configured - the file must be in PEM/ASCII format - specify the absolute path and filename Configuration directory server URL [ldaps://fdsnew.sacyl.es:636/o=NetscapeRoot]: Configuration directory server admin ID [uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot]: Configuration directory server admin password: Configuration directory server admin domain [center2.sacyl.es]: CA certificate filename: /etc/openldap/cacerts/cert-CA-cacert.pem ============================================================================== The interactive phase is complete. The script will now set up your servers. Enter No or go Back if you want to change something. Are you ready to set up your servers? [yes]: Registering the directory server instances with the configuration directory server . . . Beginning Admin Server reconfiguration . . . Registering admin server with the configuration directory server . . . Updating adm.conf with information from configuration directory server . . . Exiting . . . Log file is '/tmp/setupwDn6B0.log' And reboot... After that, when connecting with the console, we have two entries for the directory server and two for the administration server.
One of each does not show the icon it should, and when I click on it, it tries to download new jars, but it can not.
What error does it give?
This is also a bug. The update procedure does not preserve the SSL settings for your old (Fedora) servers when it adds the new (389) servers.If I use the old item for the administration console (that shows the icon), in the encryption tab , SSL is disabled, but before the upgrade it was enabled, but if i try to access the server with the browser, i must use https (¿?). Why is SSL disabled? And if it is disabled, why must I access using https? Is there any step I haven't done?
Regards and thanks in advance. -- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
