Hi, I used the gui to change the ports on my test DS. Now I need to change the port that the AS uses to connect to the DS, and I have no clue how to do that. I can''t (obviously) log into the admin console, because it now can''t connect to the server on the old port numbers, and I can''t figure out which file under /opt/fedora-ds stores this vital piece of information. The DS works fine, but I can''t administer it from the console, which I''d really like to do. Clues hereby solicited. brian.
Brian K. Jones wrote:>Hi, > >I used the gui to change the ports on my test DS. Now I need to change the >port that the AS uses to connect to the DS, and I have no clue how to do >that. I can''t (obviously) log into the admin console, because it now can''t >connect to the server on the old port numbers, and I can''t figure out which >file under /opt/fedora-ds stores this vital piece of information. > >It''s stored in the directory as well, under o=netscaperoot. Files - edit admin-serv/config/adm.conf - the "port" attribute edit server.xml - look for port="oldport" Directory: The attribute nsServerPort in your admin server configuration entry e.g. mine is something like this: cn=configuration, cn=admin-serv-localhost, cn=Fedora Administration Server, cn=Server Group, cn=localhost.localdomain, ou=localdomain.com, o=NetscapeRoot>The DS works fine, but I can''t administer it from the console, which I''d >really like to do. > >Clues hereby solicited. >brian. > >-- >Fedora-directory-users mailing list >Fedora-directory-users@redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > >
Brian K. Jones wrote:> Hi, > > I used the gui to change the ports on my test DS. Now I need to change the > port that the AS uses to connect to the DS, and I have no clue how to do > that. I can''t (obviously) log into the admin console, because it now can''t > connect to the server on the old port numbers, and I can''t figure out which > file under /opt/fedora-ds stores this vital piece of information. > > The DS works fine, but I can''t administer it from the console, which I''d > really like to do. > > Clues hereby solicited.Edit /opt/fedora-ds/admin-serv/config/adm.conf Mike -- LDAP Directory Consulting - http://www.netauth.com
sorry. Should''ve mentioned that I had already tried that, and I then restarted the admin server, and it didn''t work, still issuing the error that it was trying to contact the DS on the *old* port. :( On Tuesday 21 June 2005 12:01 pm, Mike Jackson wrote:> Brian K. Jones wrote: > > Hi, > > > > I used the gui to change the ports on my test DS. Now I need to change > > the port that the AS uses to connect to the DS, and I have no clue how to > > do that. I can''t (obviously) log into the admin console, because it now > > can''t connect to the server on the old port numbers, and I can''t figure > > out which file under /opt/fedora-ds stores this vital piece of > > information. > > > > The DS works fine, but I can''t administer it from the console, which I''d > > really like to do. > > > > Clues hereby solicited. > > Edit /opt/fedora-ds/admin-serv/config/adm.conf > > > > Mike
sorry. I forgot to mention that I had already tried that, to no avail. "390" appears in a bunch of other places too, judging by the grep -r output. Changing adm.conf and restarting everything results in the same message as before -- "can''t connect to DS on <old port num>". brian. On Tuesday 21 June 2005 12:01 pm, Mike Jackson wrote:> Brian K. Jones wrote: > > Hi, > > > > I used the gui to change the ports on my test DS. Now I need to change > > the port that the AS uses to connect to the DS, and I have no clue how to > > do that. I can''t (obviously) log into the admin console, because it now > > can''t connect to the server on the old port numbers, and I can''t figure > > out which file under /opt/fedora-ds stores this vital piece of > > information. > > > > The DS works fine, but I can''t administer it from the console, which I''d > > really like to do. > > > > Clues hereby solicited. > > Edit /opt/fedora-ds/admin-serv/config/adm.conf > > > > Mike
OK, editing files under shared/config is also necessary to get the console to run. From there, you also have to edit the User Directory port to change it to the new port. By the way, this seems like an overly complex process. Is there a smooth way to migrate a test server to production? Seemed like the easiest way would be to just change the port from, say, 390 to 389. That''s been proven to be non-trivial. brian. On Tuesday 21 June 2005 12:01 pm, Mike Jackson wrote:> Brian K. Jones wrote: > > Hi, > > > > I used the gui to change the ports on my test DS. Now I need to change > > the port that the AS uses to connect to the DS, and I have no clue how to > > do that. I can''t (obviously) log into the admin console, because it now > > can''t connect to the server on the old port numbers, and I can''t figure > > out which file under /opt/fedora-ds stores this vital piece of > > information. > > > > The DS works fine, but I can''t administer it from the console, which I''d > > really like to do. > > > > Clues hereby solicited. > > Edit /opt/fedora-ds/admin-serv/config/adm.conf > > > > Mike
Brian K. Jones wrote: sorry. I forgot to mention that I had already tried that, to no avail. "390" appears in a bunch of other places too, judging by the grep -r output. Changing adm.conf and restarting everything results in the same message as before -- "can''t connect to DS on ". brian. Hi, Brian; Did you have a chance to try these steps? It''s on our release notes... http://www.redhat.com/docs/manuals/dir-server/release-notes/ds71relnotes.html Changing the Directory Server port number on the Configuration Directory Server will lock you out of the console after the Directory Server is restarted When changing the port number, when you press Save, you will get a dialog explaining what is about to happen. If you choose to proceed with the change, and you restart the Directory Server, you will notice that the console does not work anymore. To make it work again, you will need to change the port number in the files serverroot/shared/config/ldap.conf and serverroot/shared/config/dbswitch.conf. You must do this on all systems that have a Directory Server being managed by the console. If the Configuration Directory Server is also your User/Group Directory Server, you must also update the User Directory entry in the Global Preferences. (154554) Thanks, --noriko On Tuesday 21 June 2005 12:01 pm, Mike Jackson wrote: Brian K. Jones wrote: Hi, I used the gui to change the ports on my test DS. Now I need to change the port that the AS uses to connect to the DS, and I have no clue how to do that. I can''t (obviously) log into the admin console, because it now can''t connect to the server on the old port numbers, and I can''t figure out which file under /opt/fedora-ds stores this vital piece of information. The DS works fine, but I can''t administer it from the console, which I''d really like to do. Clues hereby solicited. Edit /opt/fedora-ds/admin-serv/config/adm.conf Mike -- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
My earlier email got bounced I guess. I read the release notes, which is where I probably got the idea that I could change the ports in the first place, but forgot to revisit them when I actually went to perform the feat. Between grep -r and some digging in the console, I actually did perform these exact steps, but it would''ve been easier if I just remembered to look at the release notes again. thanks. On Tuesday 21 June 2005 1:33 pm, Noriko Hosoi wrote:> Brian K. Jones wrote: > sorry. I forgot to mention that I had already tried that, to no avail. > "390" appears in a bunch of other places too, judging by the grep -r > output. Changing adm.conf and restarting everything results in the same > message as before -- "can''t connect to DS on <old port num>". > > brian. > > Hi, Brian; > Did you have a chance to try these steps? It''s on our release notes... > > > http://www.redhat.com/docs/manuals/dir-server/release-notes/ds71relnotes.ht >ml Changing the Directory Server port number on the Configuration Directory > Server will lock you out of the console after the Directory Server is > restarted > > When changing the port number, when you press Save, you will get a dialog > explaining what is about to happen. If you choose to proceed with the > change, and you restart the Directory Server, you will notice that the > console does not work anymore. To make it work again, you will need to > change the port number in the files serverroot/shared/config/ldap.conf and > serverroot/shared/config/dbswitch.conf. You must do this on all systems > that have a Directory Server being managed by the console. If the > Configuration Directory Server is also your User/Group Directory Server, > you must also update the User Directory entry in the Global Preferences. > (154554) > > Thanks, > --noriko > > On Tuesday 21 June 2005 12:01 pm, Mike Jackson wrote: > > Brian K. Jones wrote: > > Hi, > > I used the gui to change the ports on my test DS. Now I need to change > the port that the AS uses to connect to the DS, and I have no clue how to > do that. I can''t (obviously) log into the admin console, because it now > can''t connect to the server on the old port numbers, and I can''t figure > out which file under /opt/fedora-ds stores this vital piece of > information. > > The DS works fine, but I can''t administer it from the console, which I''d > really like to do. > > Clues hereby solicited. > > Edit /opt/fedora-ds/admin-serv/config/adm.conf > > > > Mike > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users
Think of it this way (doing this from memory): - Config info for _other servers_ (such as admin) is held in the directory under o=netscaperoot. DS itself does not "use" any of this. It''s important to understand that directory and admin are 2 separate servers. - There is one file (adm.conf?) that tells admin server how to initially contact the directory server to lookup this config info. - There is a second file (the one under shared/conf?) that is effectively a cache of some of what is in the directory, in case you start up and the ds is unavailable (this was important back when Console was used to manage messaging, and or/use admin server to start directory server, etc). Note that if you change this cache file and restart things, it''ll get overwritten from what is in o=netscaperoot, if I remember correctly. There are similar issues with changing the IP address. Note that this is an issue with admin server, not directory server itself (i.e. changing the port and ip address on directory server works without problem, but "breaks" admin and such). - Jeff Brian K. Jones wrote:>OK, editing files under shared/config is also necessary to get the console to >run. From there, you also have to edit the User Directory port to change it >to the new port. > >By the way, this seems like an overly complex process. Is there a smooth way >to migrate a test server to production? Seemed like the easiest way would be >to just change the port from, say, 390 to 389. That''s been proven to be >non-trivial. > >brian. > >On Tuesday 21 June 2005 12:01 pm, Mike Jackson wrote: > > >>Brian K. Jones wrote: >> >> >>>Hi, >>> >>>I used the gui to change the ports on my test DS. Now I need to change >>>the port that the AS uses to connect to the DS, and I have no clue how to >>>do that. I can''t (obviously) log into the admin console, because it now >>>can''t connect to the server on the old port numbers, and I can''t figure >>>out which file under /opt/fedora-ds stores this vital piece of >>>information. >>> >>>The DS works fine, but I can''t administer it from the console, which I''d >>>really like to do. >>> >>>Clues hereby solicited. >>> >>> >>Edit /opt/fedora-ds/admin-serv/config/adm.conf >> >> >> >>Mike >> >> > >-- >Fedora-directory-users mailing list >Fedora-directory-users@redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > >
Jeff Clowser wrote:> > There are similar issues with changing the IP address. Note that this > is an issue with admin server, not directory server itself (i.e. > changing the port and ip address on directory server works without > problem, but "breaks" admin and such). >I wonder what breaks if you change the hostname which the directory server is running on? There are piles of places where the hostname is dynamically recorded during instance creation, and possibly other areas as well. -- mike
Mike Jackson wrote:> >> There are similar issues with changing the IP address. Note that >> this is an issue with admin server, not directory server itself (i.e. >> changing the port and ip address on directory server works without >> problem, but "breaks" admin and such). > > I wonder what breaks if you change the hostname which the directory > server is running on? > There are piles of places where the hostname is dynamically recorded > during instance creation, and possibly other areas as well.Well, again, I don''t think it will affect the ds itself, but I''d say the admin server is a lost cause - much of the structure of the stuff in netscaperoot is based around the hostname, and I think it''s sprinkled through it in a lot of places, like you say. Actually, replication would be messed up - you''d have to fix the replication agreements - it has to have a name, ip, or something to know where to push changes to. - Jeff