[Fedora-directory-users] Console - Administration Panel

Richard Megginson rmeggins at redhat.com
Fri Dec 9 15:05:25 UTC 2005 

Craig White wrote:

>On Fri, 2005-12-09 at 06:53 -0700, Richard Megginson wrote:
>  
>
>>Craig White wrote:
>>
>>    
>>
>>>On Thu, 2005-12-08 at 20:25 -0700, Richard Megginson wrote:
>>> 
>>>
>>>      
>>>
>>>>Craig White wrote:
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>>>>OK - while mucking around with console and certificates, I manually
>>>>>clipped out the stuff from admin-serv/config/adm.conf & console.conf and
>>>>>local.conf and seem to have everything back in order.
>>>>>
>>>>>I restart the admin-serv and the encryption stuff comes right back into
>>>>>local.conf and I can't figure out where it is coming from.
>>>>>
>>>>>
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>>It's stored in the directory server under o=netscaperoot - do an 
>>>>ldapsearch for
>>>>ldapsearch -b o=netscaperoot -D "cn=directory manager" -w password 
>>>>"cn=configuration"
>>>>
>>>>The local.conf file is just a read-only cache of that information.
>>>>
>>>>If you cannot edit it using the console, you can use ldapmodify
>>>>1) find the full dn of the entry using the ldapsearch as above
>>>>2) identify the attributes that deal with the encryption stuff
>>>>3) use ldapmodify like the following:
>>>>ldapmodify -D "cn=directory manager" -w password
>>>>dn: cn=configuration,.....
>>>>changetype: modify
>>>>replace: nameofattr
>>>>nameofattr: newvalue
>>>>   
>>>>
>>>>        
>>>>
>>>----
>>>Thanks - I can probably do that but it occurred to me that I should just
>>>probably restore from my last backup but now I can't find my backup.
>>>
>>># ls -l /opt/fedora-ds/slapd-srv1/bak
>>>total 0
>>>
>>>I had created 2 separate backups using the console application (and even
>>>restored once so I know that it worked) but now they are nowhere to be
>>>found and so I can't restore.
>>>
>>>      
>>>
>>That's really strange.  I've never seen this happen before.
>>
>>    
>>
>>>I'm beginning the think that the console
>>>application - though exceedingly dangerous in this rookie's hands is
>>>possibly not quite ready for prime time...why did the backups disappear?
>>> 
>>>
>>>      
>>>
>>I have no idea.  I've never seen this before.  The console has been used 
>>for this purpose for 7 years now in large production environments and 
>>this is the first time I've ever heard of this happening.
>>    
>>
>----
>I am a bit disconcerted about this - I ***know*** that I didn't delete
>the backups in /opt/fedora-ds/slapd-srv1/bak and was of the opinion that
>this is where the console put these backups. Perhaps they were removed
>when I restored using the console.
>
>OK - presuming that using the console to backup or command line to
>backup ( db2bak /opt/redhat-ds/servers/slapd-
>dirserver/bak/bak_2001070110) are the same thing - a complete backup of
>the DSA...
>
>Then I would want to periodically back up /opt/fedora-ds/slapd-srv1/bak
>as a 'just in case' this happens again thingy...
>  
>
But if you can reproduce the bak file removal, please let us know!

>Just for confirmation of what - console backup or db2bak actually
>backup...
>
>1. does this backup configuration too?
>  
>
It backs up the database configuration e.g. configuration information 
about the suffixes and databases, so that if you create a backup, then 
reconfigure the databases and suffixes, then attempt to restore, it will 
overwrite your new database and suffix configuration with the old, 
otherwise it might not be able to restore the old database.  If you look 
in the backup directory, there are .ldif files that contain the 
configuration information.

>2. does this backup items in /opt/fedora-ds/alias or should I do that
>separately?
>  
>
You should do that separately.

>3. Is there anything else that I need to back up to get a reasonably
>quick 'restore' to previous functionality to guard against my uneducated
>bullets to my feet?
>  
>
For the directory server, you should save a copy of 
slapd-host/config/dse.ldif - this is the main server configuration file.

>Thanks
>
>Craig
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>  
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20051209/46ab5cb2/attachment.bin>

More information about the Fedora-directory-users mailing list