Fedora-ds-1.1.1 on Fedora 7 + (the + is back ports from 8/9, all of the updates applied, and additional packages I have cross ported)

I have succeeded in getting a fault tolerant mesh configured that consists of 2 or more Multi-Master servers, a number of Hub (0+) and a number of consumers (0+).

I have done this by modifying mmr.pl to accept --host1_role and --host2_role parameters which can be set to supplier, hub, or consumer.

For all of the usual DCROOTs i.e. not o=NetscapeRoot I set the relationships up as implied i.e. supplier<->supplier for the Multi-Master Hosts, supplier<->hub, hub<->consumer.
Where the site is too small for hub servers I have gone supplier<->consumer direct. Inter-site topology and hub grouping within sites is left as an exercise for the reader (me when it comes back to bite me...)

For the o=Netscape I have chosen to use supplier<->supplier relationships but to apply the same topology.

Sequence of events are:
    1. Install clean environment - erase rpm's delete residual files, install rpms, patch dirsrv-admin startup to work!
    2. Run setup-ds-admin.pl in silent mode, this adds schema files. The inf file has SlapdConfigMC=1, UseExistingMC=0 and points ConfigDirectoryLdapURL to this host.
    3. Set up SSL certs using certutil commands and openssl supplied certificates from our CA.
    4. Restart dirsrv and dirsrv-admin
    5. Create 2nd and subsequent DCROOTS with default aci's and "standard" container entries
    6. Preload data into DCROOTS for users and other objects being migrated.
Now assuming that this was the right thing to do I now need to set up referrals for writing to the system from the consumers and hubs back to the "site" masters. Where do I put this information?

I am also getting these errors logged on the first master!

Feb 28 22:00:35 bastion ns-slapd: auxpropfunc error invalid parameter supplied
Feb 28 22:00:35 bastion ns-slapd: sql_select option missing
Feb 28 22:00:35 bastion ns-slapd: auxpropfunc error no mechanism available

These are appearing about every 15 minutes. Anybody any idea where these are coming from?

Finally the shutdown time for the dirsrv servers on the suppliers is extremely long - orders of minutes, what could be causing this?

--
Signature

Howard Wilkinson

Phone:

+44(20)76907075

Coherent Technology Limited

Fax:

 

23 Northampton Square,

Mobile:

+44(7980)639379

United Kingdom, EC1V 0HL

Email:

howard@cohtech.com