Gerrard Geldenhuis wrote: >>> There is still some haziness in my mind about the admin server... >>> >>> I setup a server called master01 using setup-ds-admin.pl and then setup another physical server called master02 also using setup-ds-admin.pl. The only difference >was that I "registered" master02 with master01. The effect is that when I run 389-console from the command line logging into either master01 or master02 I get both >master01 and master02 listed in the directory tree. Each one has a server group with an admin server and directory server listed. However the admin server for >master02 points to master01 by default when looking at the settings. >>> >>> >> Right. Unfortunately, the admin server/console do not failover >> automatically to another configuration directory server. But see this - >> http://www.redhat.com/docs/manuals/dir-server/8.2/admin/html/Managing_Replication-Replicating-ADS-for-Failover.html >> > > Thanks for the link, I have tried doing it but I am running into problems... when trying to do it at setup. > The relevant part of my inf file looks as follows: > > [slapd] > ServerIdentifier = 389-master01 > ServerPort = 389 > AddOrgEntries = No > RootDN = cn=Directory Manager > RootDNPwd = secret > SlapdConfigForMC = yes > Suffix = dc=betfair > UseExistingMC = 0 > AddSampleEntries = No > ConfigFile = repluser.ldif > ConfigFile = changelog.ldif > ConfigFile = replica.ldif > ConfigFile = replagreement.ldif > > repluser gets added fine but the last 3 ldif files fail for the following reason in the log file: > > +Processing repluser.ldif ... > +++check_and_add_entry: Entry not found cn=replication manager,cn=config error No such object > +Entry cn=replication manager,cn=config is added > This means it was successfully added. > +Processing changelog.ldif ... > +++check_and_add_entry: Entry not found cn=changelog5,cn=config error No such object > +++check_and_add_entry: attepting to add the entry cn=changelog5,cn=config that does not exist > +Processing replica.ldif ... > +++check_and_add_entry: Entry not found cn=replica,cn=o\3Dnetscaperoot,cn=mapping tree,cn=config error No such object > +++check_and_add_entry: attepting to add the entry cn=replica,cn=o\3Dnetscaperoot,cn=mapping tree,cn=config that does not exist > +Processing replagreement.ldif ... > +++check_and_add_entry: Entry not found cn=test-aggreement-name,cn=replica,cn=o\3Dnetscaperoot,cn=mapping tree,cn=config error No such object > +++check_and_add_entry: attepting to add the entry cn=test-aggreement-name,cn=replica,cn=o\3Dnetscaperoot,cn=mapping tree,cn=config that does not exist > > > I am not sure what I am doing wrong, probably something obvious... > changelog.ldif > ~~~~~~~~~ > dn: cn=changelog5,cn=config > changetype: add > objectclass: top > objectclass: extensibleObject > cn: changelog5 > nsslapd-changelogdir: /var/lib/dirsrv/slapd-389-master01/changelogdb > nsslapd-changelogmaxage: 10d > > replica.ldif > ~~~~~~~ > dn: cn=replica,cn=o\3Dnetscaperoot,cn=mapping tree,cn=config > changetype: add > objectClass: top > objectClass: nsDS5Replica > cn: replica > nsDS5ReplicaRoot: o=netscaperoot > nsDS5ReplicaId: 1 > nsDS5ReplicaType: 3 > nsDS5Flags: 1 > nsds5ReplicaPurgeDelay: 604800 > nsDS5ReplicaBindDN: cn=Replication Manager,cn=config > > replagreement.ldif > ~~~~~~~~~~~~ > dn: cn=test-aggreement-name,cn=replica,cn=o\3Dnetscaperoot,cn=mapping tree,cn=config > changetype: add > objectClass: top > objectClass: nsDS5ReplicationAgreement > cn: test-aggreement-name > description: test-description > nsDS5ReplicaHost: 389-master02.example > nsDS5ReplicaPort: 389 > nsDS5ReplicaBindDN: cn=Replication Manager > nsDS5ReplicaBindMethod: SIMPLE > nsDS5ReplicaRoot: o=netscaperoot > nsDS5ReplicaTransportInfo: TLS > nsDS5ReplicaCredentials: {DES}blahblah > You should add the nsDS5ReplicaCredentials as clear text and let the server encrypt it. This is a bug - if you remove the changetype: add it should work. Please file a bug about this issue. > > I noticed that the netscaperoot db only gets created long after the ldif files were attempted to be added. It is then understandable that they would fail since the object does not yet exists. Is there a way of having ldif files executing later or am I doing it wrong or interpreting the debug information incorrectly? > This is a bug - it should work if you remove the changetype: add > I used setup-ds-admin.pl --silent -f setup-master01.inf -dd to test. > > Best Regards > > ________________________________________________________________________ > In order to protect our email recipients, Betfair Group use SkyScan from > MessageLabs to scan all Incoming and Outgoing mail for viruses. > > ________________________________________________________________________ > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users > -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
