On 05/20/2011 03:04 AM, Roland Schwingel wrote:

Hi...

I got a question on how to move administration servers.

In my network I do have at present 3 subnets that are managed by 389ds.

Lets call them Net-A, Net-B and Net-C. Each subnet hosts a replica of the
ldap tree. All ldap/admin servers are registered to the admin server on Net-A.

Due to some network restructurings Net-A will become a more or less "private"
networks. And I also will add 10 more networks (each will host a replica) to 389ds.
They all should register to a new adminserver in Net-C.

So I need to move the central admin server from Net-A to Net-C. Is this possible
while being in production? As I understand 389ds the adminservers are independant
of the slapd processes doing the concrete ldap. For Net-A there will be a hole
in the firewall to allow traffic to port 389,636 and 9830 to the other networks.

Any advice on how to accomplish the move of the adminserver de- and reregistration?

So currently you have all of the directory servers registered with a directory server running in Net-A - this is the directory server that hosts the o=netscaperoot suffix used to register and configure those servers in the console. This is on a machine with hostname ldap.neta or something like that. Now you want instead to have a new server ldap.netc and have all of the directory servers registered with that server instead?

Thanks in advance for your help,

Roland


--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users