so here's where i'm at now.....
primary-master and secondary-master running...everything is fine. i
shut down the primary-master and i can log into the admin console on
the secondary-master fine. however, if i try to restart the admin
server, it fails with:
[Thu Apr 26 22:48:50 2007] [info] Init: Initializing NSS library
[Thu Apr 26 22:48:50 2007] [info] Initializing SSL Session Cache of
size 10000. SSL2 timeout = 100, SSL3/TLS timeout = 86400.
[Thu Apr 26 22:48:50 2007] [info] Init: Initializing (virtual) servers
for SSL
[Thu Apr 26 22:48:50 2007] [info] Server: Apache/2.0.52, Interface:
mod_nss/2.0.52, Library: NSS/3.11
[Thu Apr 26 22:48:50 2007] [debug] mod_admserv.c(2154): [30854] Cache
expiration set to 600 seconds
[Thu Apr 26 22:48:50 2007] [crit] mod_admserv_post_config(): unable to
build user/group LDAP server info: unable to set User/Group baseDN
Configuration Failed
I change the 2 files and 1 directory entry listed in the HowTo: and i
get the exact same behavior.
There are probably some other values under
o=NetscapeRoot somewhere that
reference the old directory server. Try this:
cd /opt/fedora-ds/shared/bin ; ./ldapsearch -T -h host -p port -D
"cn=directory manager" -w password -s sub -b o=netscaperoot
"objectclass=*" | grep "old ldap server host and/or port"
I have no pass through authentication configured. I'm doing some
testing on 2 freshly installed instances that don't have anything
other than o=NetscapeRoot replication enabled and working.
hope this is useful....
-ke
> From: Richard Megginson <rmeggins(a)redhat.com>
> Reply-To: "General discussion list for the Fedora Directory server
> project." <fedora-directory-users(a)redhat.com>
> To: "General discussion list for the Fedora Directory server
> project." <fedora-directory-users(a)redhat.com>
> Subject: Re: [Fedora-directory-users] Problem with Admin Console
> failoverusingFedoraDS
> Date: Thu, 26 Apr 2007 16:01:22 -0600
>
> Kyley Engle wrote:
>>
>>
>> i have done that, as well as changing the directory in the
>> nsDirectoryURL entry and the file
>> /opt/fedora-ds/admin-serv/config/adm.conf
>>
>> is there maybe a way to increase the debug logging on the
>> admin-serv? i'm not finding very much documentation on it.
> I think you'll also need to change or disable the pass through
> authentication plug-in in your backup configuration directory server.
>
> edit admin-serv/config/httpd.conf and set the LogLevel to debug
>>
>> ke
>>
>>> From: Richard Megginson <rmeggins(a)redhat.com>
>>> Reply-To: "General discussion list for the Fedora Directory server
>>> project." <fedora-directory-users(a)redhat.com>
>>> To: "General discussion list for the Fedora Directory server
>>> project." <fedora-directory-users(a)redhat.com>
>>> Subject: Re: [Fedora-directory-users] Problem with Admin Console
>>> failoverusing FedoraDS
>>> Date: Thu, 26 Apr 2007 15:17:43 -0600
>>>
>>> Kyley Engle wrote:
>>>>
>>>> Hello,
>>>>
>>>> I am having problems with the admin-serv when doing failure
>>>> testing in my multi-master environmnet.
>>>>
>>>> What I have:
>>>>
>>>> 2 masters replicating the userRoot and NetscapeRoot directories
>>>> various hub and consumer/search servers
>>>>
>>>> When I installed the instances on each of these servers, i pointed
>>>> them at one of the masters, let's call it primary-master, for
it's
>>>> configuration directory. when both masters are up and running, i
>>>> can connect my admin consoel to either directory and manage my
>>>> fleet of servers
>>>>
>>>> While doing failure mode testing, I discovered that if the
>>>> primary-master was turned off, that the secondary master
>>>> admin-serv would not start properly. it gives the following in
>>>> /opt/fedora-ds/admin-serv/logs/error:
>>>>
>>>> [Tue Apr 24 20:37:36 2007] [crit] mod_admserv_post_config():
>>>> unable to build user/group LDAP server info: unable to set
>>>> User/Group baseDN
>>>> Configuration Failed
>>>>
>>>> I followed the instructions found here:
>>>>
http://directory.fedoraproject.org/wiki/Howto:AdminServerLDAPMgmt#How_to_...
>>>>
>>>>
>>>>
>>>>
>>>> to change the admin server running on secondary-master to point to
>>>> itself instead of to the primary master. this did not resolve the
>>>> issue.
>>>>
>>>> Has anyone out there gotten the configuration directory
>>>> successfully working in a failover capacity in a multi-master
>>>> environment?
>>> Try updating shared/config/dbswitch.conf to point to the backup
>>> configuration ds.
>>>>
>>>> ke
>>>>
>>>> _________________________________________________________________
>>>> The average US Credit Score is 675. The cost to see yours: $0 by
>>>> Experian.
>>>>
http://www.freecreditreport.com/pm/default.aspx?sc=660600&bcd=EMAILFO...
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users(a)redhat.com
>>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>>
>>> << smime.p7s >>
>>
>>
>>
>>
>>> --
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users(a)redhat.com
>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>> _________________________________________________________________
>> Download Messenger. Join the i’m Initiative. Help make a difference
>> today.
http://im.live.com/messenger/im/home/?source=TAGHM_APR07
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users(a)redhat.com
>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
> << smime.p7s >>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
_________________________________________________________________
Mortgage refinance is Hot. *Terms. Get a 5.375%* fix rate. Check
savings
https://www2.nextag.com/goto.jsp?product=100000035&url=%2fst.jsp&...
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users