<html> <head> <style> .hmmessage P { margin:0px; padding:0px } body.hmmessage { FONT-SIZE: 10pt; FONT-FAMILY:Tahoma } </style> </head> <body class='hmmessage'> I did a small mistake. I tried to re-create a scenario of when I tried to create a failover system. About step 3, the synchronization, Instead of sending this command: dn: cn=ExampleAgreement1,cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config changetype: modify replace: nsds5beginreplicarefresh nsds5beginreplicarefresh: start I sent this: *************************************** dn: cn=replication_netscaperoot,cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config changetype: modify replace: nsds5beginreplicarefresh nsds5beginreplicarefresh: start *************************************** The result is: modifying entry cn=replication_netscaperoot,cn=replica,cn="o=Netscaperoot",cn=mapping tree,cn=config modify complete Then, the error in the console is: invalid credentials in 'status' tab, 'replication status'. I can confirm that the credentials are OK because I used the same file repluser.ldif in both servers. Also, when I try to open the console in SERVER2, I got this error: Cannot connect to the Admin Server "http://SERVER2:9830/" The URL is not correct or the server is not running. I restarted the SERVER2 without success. Thanks <hr>From: benetage@hotmail.com To: fedora-directory-users@redhat.com Date: Wed, 13 Aug 2008 15:47:33 -0400 Subject: [Fedora-directory-users] (no subject) <meta http-equiv="Content-Type" content="text/html; charset=unicode"> <meta name="Generator" content="Microsoft SafeHTML"> <style> .ExternalClass .EC_hmmessage P {padding:0px;} .ExternalClass body.EC_hmmessage {font-size:10pt;font-family:Tahoma;} </style> > Rich Megginson wrote: >> Mister Anonyme wrote: >> Hi, >> I tried to follow the guidelines here: >> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Replication-Replicating-ADS-for-Failover.html >> And it doesn't work. > >Can you be more specific? There you go... SERVER1 is first server, SERVER2 is second server (failover) ======================================== First step (from the doc): Install and configure the first Directory Server instance. ======================================== ****** file.inf ****** FullMachineName = SERVER1 AdminDomain = MY DOMAIN NAME SuiteSpotUserID = nobody SuiteSpotGroup = nobody ConfigDirectoryLdapURL = ldap://SERVER1:389/o=NetscapeRoot ConfigDirectoryAdminID = admin ConfigDirectoryAdminPwd = MY PASSWORD [admin] ServerAdminID = admin ServerAdminPwd = MY PASSWORD SysUser = nobody ServerIpAddress = MY SERVER IP ADDRESS Port = 9830 [slapd] InstallLdifFile = suggest ServerIdentifier = SERVER1 ServerPort = 389 AddOrgEntries = Yes RootDN = cn=Directory Manager RootDNPwd = MY DS PASSWORD SlapdConfigForMC = yes Suffix = dc=EXAMPLE, dc=NET UseExistingMC = 0 AddSampleEntries = Yes ConfigFile = repluser.ldif ConfigFile = changelog.ldif ConfigFile = replica.ldif ConfigFile = replagreement.ldif *************** repluser.ldif *************** dn: cn=replication manager,cn=config objectClass: inetorgperson objectClass: person objectClass: top cn: replication manager sn: RM userPassword: MY ENCRYPTED PASSWORD passwordExpirationTime: 20380119031407Z **************** changelog.ldif **************** dn: cn=changelog5,cn=config objectclass: top objectclass: extensibleObject cn: changelog5 nsslapd-changelogdir: /var/lib/dirsrv/slapd-MYINSTANCE/changelogdb ************ replica.ldif ************* dn: cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config objectclass: top objectclass: nsds5replica objectclass: extensibleObject cn: replica nsds5replicaroot: o=NetscapeRoot nsds5replicaid: 1 nsds5replicatype: 3 nsds5flags: 1 nsds5ReplicaPurgeDelay: 604800 nsds5ReplicaBindDN: cn=replication manager,cn=config ****************** replagreement.ldif ****************** dn: cn=replication_netscaperoot,cn=replica,cn="o=Netscaperoot",cn=mapping tree,cn=config objectclass: top objectclass: nsds5replicationagreement cn: replication_netscaperoot nsds5replicahost: SECONDARY LDAP SERVER HOSTNAME nsds5replicaport: 389 nsds5ReplicaBindDN: cn=replication manager nsds5replicabindmethod: SIMPLE nsds5replicaroot: o=Netscaperoot description: replication netscaperoot nsds5replicacredentials: ENCRYPTEDPASSWORD nsds5BeginReplicaRefresh: start I run this command: # /usr/sbin/setup-ds-admin -s -f file.inf Here's the log: [...] +Processing repluser.ldif ... +++check_and_add_entry: Entry not found cn=replication manager,cn=config error No such object +Entry cn=replication manager,cn=config is added +Processing changelog.ldif ... +++check_and_add_entry: Entry not found cn=changelog5,cn=config error No such object +Entry cn=changelog5,cn=config is added +Processing replica.ldif ... +++check_and_add_entry: Entry not found cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config error No such object +ERROR: adding an entry cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config failed, error: No such object dn: cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config objectclass: top objectclass: nsds5replica objectclass: extensibleObject cn: replica nsds5replicaroot: o=NetscapeRoot nsds5replicaid: 1 nsds5replicatype: 3 nsds5flags: 1 nsds5replicapurgedelay: 604800 nsds5replicabinddn: cn=replication manager,cn=config +ERROR: There was an error processing entry cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config +Cannot continue processing entries. So, I created another file (the documentation didn't mention this so I don't know if it's the 'good' procedure...): ************* replica_1.ldif ************* dn: cn="o=NetscapeRoot",cn=mapping tree,cn=config objectclass: top objectclass: nsMappingTree objectclass: extensibleObject cn: "o=NetscapeRoot" I added just before the replica.ldif in the "file.inf", [slapd] section. Then: # /usr/sbin/setup-ds-admin -s -f file.inf It works well until...: [...] +[13/Aug/2008:15:07:17 -0400] NSMMReplicationPlugin - _replica_configure_ruv: replication broken for entry (o=NetscapeRoot); LDAP error - 1 +[13/Aug/2008:15:07:17 -0400] NSMMReplicationPlugin - Unable to configure replica o=NetscapeRoot: +[13/Aug/2008:15:07:17 -0400] - slapd started. Listening on All Interfaces port 389 for LDAP requests +Your new directory server has been started. Your new DS instance 'INSTANCENAME' was successfully created. Creating the configuration directory server . . . The suffix 'o=NetscapeRoot' already exists. Config entry DN 'cn="o=NetscapeRoot",cn=mapping tree,cn=config'. Failed to create the configuration directory server Exiting . . . So, it won't process LDIF files that I created according to the documentation, but if I force the creation of NetscapeRoot so the replica.ldif can be processed, it won't continue because it already exists... Great... I removed replica_1.ldif, replica.ldif, replagreement.ldif from file.inf and ran this agan: # /usr/sbin/setup-ds-admin -s -f file.inf [...] The admin server was successfully started. Admin server was successfully created, configured, and started. Then, I manually created a replica and a replica agreement: /usr/lib/mozldap6/ldapmodify -cvD "cn=Directory manager" -w PASSWD < replica.ldif /usr/lib/mozldap6/ldapmodify -cvD "cn=Directory manager" -w PASSWD < replagreement.ldif It went with sucess. Now, step 2 from the doc... The inf file of the second server: ****** file.inf ****** [General] AdminDomain = EXAMPLE.DOMAIN SuiteSpotGroup = nobody ConfigDirectoryLdapURL = ldap://SERVER1 (or SERVER2, doesn't matter, it fails).nl.rsft.net:389/o=NetscapeRoot ConfigDirectoryAdminID = admin FullMachineName = SERVER2 SuiteSpotUserID = nobody ConfigDirectoryAdminPwd = PASS [admin] ServerAdminID = admin ServerAdminPwd = PASS SysUser = nobody Port = 9830 [slapd] InstallLdifFile = suggest ServerIdentifier = SERVER2 ServerPort = 389 AddOrgEntries = Yes RootDN = cn=Directory Manager RootDNPwd = SERVER2 Suffix = dc=EXAMPLE,dc=DOMAIN UseExistingMC = 0 AddSampleEntries = No ConfigFile = netscaperootdb.ldif ConfigFile = repluser.ldif ConfigFile = changelog.ldif ConfigFile = replica.ldif ConfigFile = replagreement.ldif I won't show repluser.ldif, changelog.ldif, replica.ldif and replagreement.ldif, they are same as above, except for netscapeootdb.ldif: ****************** netscaperootdb.ldif ****************** dn: cn="o=netscaperoot",cn=mapping tree,cn=config objectclass: top objectclass: extensibleObject objectclass: nsMappingTree nsslapd-state: backend nsslapd-backend: NetscapeRoot cn: o=NetscapeRoot I ran the script: # /usr/sbin/setup-ds.pl -s -f file.inf There's not error until... [...] +importing data ... [13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: 4096, pages: 258922, procpages: 6198 [13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k [13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, import_pages: 51200, pagesize: 4096 [13/Aug/2008:15:30:35 -0400] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database [13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: 4096, pages: 258922, procpages: 6198 [13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k [13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, import_pages: 51200, pagesize: 4096 [13/Aug/2008:15:30:36 -0400] - import userRoot: Beginning import job... [13/Aug/2008:15:30:36 -0400] - import userRoot: Index buffering enabled with bucket size 100 [13/Aug/2008:15:30:36 -0400] - import userRoot: Processing file "/tmp/ldifBTMcP9.ldif" [13/Aug/2008:15:30:36 -0400] - import userRoot: Finished scanning file "/tmp/ldifBTMcP9.ldif" (9 entries) [13/Aug/2008:15:30:37 -0400] - import userRoot: Workers finished; cleaning up... [13/Aug/2008:15:30:37 -0400] - import userRoot: Workers cleaned up. [13/Aug/2008:15:30:37 -0400] - import userRoot: Cleaning up producer thread... [13/Aug/2008:15:30:37 -0400] - import userRoot: Indexing complete. Post-processing... [13/Aug/2008:15:30:37 -0400] - import userRoot: Flushing caches... [13/Aug/2008:15:30:37 -0400] - import userRoot: Closing files... [13/Aug/2008:15:30:37 -0400] - All database threads now stopped [13/Aug/2008:15:30:37 -0400] - import userRoot: Import complete. Processed 9 entries in 1 seconds. (9.00 entries/sec) +Starting the server: /usr/lib/dirsrv/slapd-myinstance/start-slapd +Started the server: code 256 Server failed to start !!! Please check errors log for problems + Red Hat-Directory/8.0.0 B2007.353.1757 + server2:389 (/etc/dirsrv/slapd-myinstance) + +[13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: 4096, pages: 258922, procpages: 6198 +[13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k +[13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, import_pages: 51200, pagesize: 4096 +[13/Aug/2008:15:30:35 -0400] - WARNING: Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database +[13/Aug/2008:15:30:35 -0400] - dblayer_instance_start: pagesize: 4096, pages: 258922, procpages: 6198 +[13/Aug/2008:15:30:35 -0400] - cache autosizing: import cache: 204800k +[13/Aug/2008:15:30:35 -0400] - li_import_cache_autosize: 50, import_pages: 51200, pagesize: 4096 +[13/Aug/2008:15:30:36 -0400] - import userRoot: Beginning import job... +[13/Aug/2008:15:30:36 -0400] - import userRoot: Index buffering enabled with bucket size 100 +[13/Aug/2008:15:30:36 -0400] - import userRoot: Processing file "/tmp/ldifBTMcP9.ldif" +[13/Aug/2008:15:30:36 -0400] - import userRoot: Finished scanning file "/tmp/ldifBTMcP9.ldif" (9 entries) +[13/Aug/2008:15:30:37 -0400] - import userRoot: Workers finished; cleaning up... +[13/Aug/2008:15:30:37 -0400] - import userRoot: Workers cleaned up. +[13/Aug/2008:15:30:37 -0400] - import userRoot: Cleaning up producer thread... +[13/Aug/2008:15:30:37 -0400] - import userRoot: Indexing complete. Post-processing... +[13/Aug/2008:15:30:37 -0400] - import userRoot: Flushing caches... +[13/Aug/2008:15:30:37 -0400] - import userRoot: Closing files... +[13/Aug/2008:15:30:37 -0400] - All database threads now stopped +[13/Aug/2008:15:30:37 -0400] - import userRoot: Import complete. Processed 9 entries in 1 seconds. (9.00 entries/sec) +[13/Aug/2008:15starting up +[13/Aug/2008:15:30:39 -0400] - I'm resizing my cache now...cache was 209715200 and is now 8000000 +[13/Aug/2008:15:30:39 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot +[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot +[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot +[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot +[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot +[13/Aug/2008:15:30:40 -0400] - Warning: Mapping tree node entry for o=NetscapeRoot point to an unknown backend : NetscapeRoot And it hung up. I had to do CTRL-C to have prompt. Well, maybe it's normal.. This server isn't completely installed. So, step 3 from the doc, I ran it on the SERVER1: # /usr/lib/mozldap6/ldapmodify -cvD "cn=Directory manager" -w PASSWD ldapmodify-bin: started Wed Aug 13 15:37:03 2008 ldap_init( localhost, 389 ) dn: cn=ExampleAgreement1,cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config changetype: modify replace: nsds5beginreplicarefresh nsds5beginreplicarefresh: start replace nsds5beginreplicarefresh: start modifying entry cn=ExampleAgreement1,cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config ldap_modify: No such object This is when I gave up and decided to create a NetscapeRoot's replication directly from the Java console. I mean, I installed two LDAP servers with the second server that it uses the Configuration Server from the first server. The replication works very well between two servers (only if I setup from the Java console) but when I want to do the the step 4 from the doc (create local Administration Server), it doesn't work, the script 'register-ds-admin.pl' always fails. Thank you very much for your help! <hr> <a href="http://" target="_blank"></a> <hr /> <a href='' target='_new'></a></body> </html>