Thanks rich... I will give that a try as soon as possible....


Re: [389-users] Moving admin servers

Rich Megginson to: General discussion list for the 389 Directory server project.        
20.05.2011 22:38

Sent by: 389-users-bounces@lists.fedoraproject.org
Cc: Roland Schwingel

Please respond to "General discussion list for the 389 Directory server project."        







On 05/20/2011 02:25 PM, Roland Schwingel wrote:

Hi Rich...


Thanks for the reply,


> So currently you have all of the directory servers registered with a
> directory server running in Net-A - this is the directory server
> that hosts the o=netscaperoot suffix used to register and configure
> those servers in the console.  This is on a machine with hostname
> ldap.neta or something like that.  Now you want instead to have a
> new server ldap.netc and have all of the directory servers
> registered with that server instead?


You are right....

When running setup-ds-admin.pl you have the option to register

a new server to another already running server. This one is at

present the one in net-a. Now I have to register all server to a

server in net-c.

Are you moving any of the servers other than the one that contains o=NetscapeRoot?  If not, then you could try the following:
1) export the o=NetscapeRoot (NetscapeRoot) database from the server in net-a
db2ldif -U -n NetscapeRoot -a /path/to/nsroot.ldif
2) use perl/sed/awk/whatever you are most comfortable with to change references to net-a to net-c in nsroot.ldif
3) Create a suffix o=NetscapeRoot and database NetscapeRoot in the server in net-c
4) Import (initialize) the new o=NetscapeRoot with the old server data

Then, you'll have to edit the /etc/dirsrv/admin-serv/adm.conf in all of your servers to change any references to net-a to net-c, then restart the admin server (restart-ds-admin)

Finally, you'll have to run ldapmodify on all of your servers (except the one that has the new o=NetscapeRoot) to do something like this:

ldapmodify -x -h hostname -D "cn=directory manager" -W <<EOF
dn: cn=Pass Through Authentication,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginarg0
nsslapd-pluginarg0:
ldap://hostname.of.new.server.in.net-c/o=NetscapeRoot

You'll have to restart the server in order for this change to take effect, but if you don't want to manage the server via the console, you don't have to restart it.


Thanks for your kind help,


Roland



--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users