Christopher Waltham
2008-Dec-03 16:15 UTC
[Fedora-directory-users] Configuring replication and creating the supplier bind DN
I''m having a little trouble creating a simple, master/slave replication configuring using FDS 1.1.3. I''m following the Red Hat documentation here: http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Creating_the_Supplier_Bind_DN_Entry.html but am having trouble creating the supplier bind DN. This is what I''m appending to /etc/dirsrv/slapd-ldap/dse.ldif: dn: cn=replication manager,cn=config objectClass: inetorgperson objectClass: person objectClass: top cn: replication manager sn: RM userPassword: secretPassword passwordExpirationTime: 20380119031407Z However, as soon as I start the directory server back up, the changes I made to dse.ldif disappear. Am I missing something? Thanks! Chris
Rich Megginson
2008-Dec-03 17:40 UTC
Re: [Fedora-directory-users] Configuring replication and creating the supplier bind DN
Christopher Waltham wrote:> I''m having a little trouble creating a simple, master/slave > replication configuring using FDS 1.1.3. I''m following the Red Hat > documentation here: > http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Creating_the_Supplier_Bind_DN_Entry.html but > am having trouble creating the supplier bind DN. > > This is what I''m appending to /etc/dirsrv/slapd-ldap/dse.ldif: > > dn: cn=replication manager,cn=config > objectClass: inetorgperson > objectClass: person > objectClass: top > cn: replication manager > sn: RM > userPassword: secretPassword > passwordExpirationTime: 20380119031407Z > > However, as soon as I start the directory server back up, the changes > I made to dse.ldif disappear. Am I missing something?Yes. You cannot edit dse.ldif while the server is running. If you really want to edit dse.ldif, you must shutdown the server first. If you did stop the server first, make sure there is a blank line before dn: cn=replication manager,cn=config - a blank line is the entry delimiter in LDIF - if there is no blank line, the server may just report a warning to the error log and continue. But you do not have to do that - you can just use ldapmodify -a to add this entry while the server is running> > Thanks! > > > Chris > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users
Christopher Waltham
2008-Dec-03 17:43 UTC
Re: [Fedora-directory-users] Configuring replication and creating the supplier bind DN
Hi Rich, On Dec 3, 2008, at 12:40 PM, Rich Megginson wrote:> Christopher Waltham wrote: >> I''m having a little trouble creating a simple, master/slave >> replication configuring using FDS 1.1.3. I''m following the Red Hat >> documentation here: http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Creating_the_Supplier_Bind_DN_Entry.html >> but am having trouble creating the supplier bind DN. >> >> This is what I''m appending to /etc/dirsrv/slapd-ldap/dse.ldif: >> >> dn: cn=replication manager,cn=config >> objectClass: inetorgperson >> objectClass: person >> objectClass: top >> cn: replication manager >> sn: RM >> userPassword: secretPassword >> passwordExpirationTime: 20380119031407Z >> >> However, as soon as I start the directory server back up, the >> changes I made to dse.ldif disappear. Am I missing something? > Yes. You cannot edit dse.ldif while the server is running. If you > really want to edit dse.ldif, you must shutdown the server first. > > If you did stop the server first, make sure there is a blank line > before dn: cn=replication manager,cn=config - a blank line is the > entry delimiter in LDIF - if there is no blank line, the server may > just report a warning to the error log and continue.I definitely shut down the server first, and I thought I did have a blank line preceding the entry. Let me look again and see what''s happening, in the end I just used the console :-) Chris> > > But you do not have to do that - you can just use ldapmodify -a to > add this entry while the server is running >> >> Thanks! >> >> >> Chris
Christopher Waltham
2008-Dec-03 18:33 UTC
Re: [Fedora-directory-users] Configuring replication and creating the supplier bind DN
Is there a tutorial out there anywhere for setting up master/slave (as opposed to multi-master) replication? I''m having issues getting the replication agreement setup; I''ve created cn=replication manager inside of cn=config but I get error messages when trying to create the agreement. When I use cn=Directory Manager instead, it works -- so it''s not a networking issue. I''ve tried various permutations of cn=replication manager inside the "Simple authentication" field on the "Source and Destination" tab of the replication agreement tab, but with no success. I''ve checked the FDS FAQ & Wiki and can''t find a walk-through... Chris On Dec 3, 2008, at 12:40 PM, Rich Megginson wrote:> Christopher Waltham wrote: >> I''m having a little trouble creating a simple, master/slave >> replication configuring using FDS 1.1.3. I''m following the Red Hat >> documentation here: http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Creating_the_Supplier_Bind_DN_Entry.html >> but am having trouble creating the supplier bind DN. >> >> This is what I''m appending to /etc/dirsrv/slapd-ldap/dse.ldif: >> >> dn: cn=replication manager,cn=config >> objectClass: inetorgperson >> objectClass: person >> objectClass: top >> cn: replication manager >> sn: RM >> userPassword: secretPassword >> passwordExpirationTime: 20380119031407Z >> >> However, as soon as I start the directory server back up, the >> changes I made to dse.ldif disappear. Am I missing something? > Yes. You cannot edit dse.ldif while the server is running. If you > really want to edit dse.ldif, you must shutdown the server first. > > If you did stop the server first, make sure there is a blank line > before dn: cn=replication manager,cn=config - a blank line is the > entry delimiter in LDIF - if there is no blank line, the server may > just report a warning to the error log and continue. > > But you do not have to do that - you can just use ldapmodify -a to > add this entry while the server is running >> >> Thanks! >> >> >> Chris
Rich Megginson
2008-Dec-03 18:52 UTC
Re: [Fedora-directory-users] Configuring replication and creating the supplier bind DN
Christopher Waltham wrote:> Is there a tutorial out there anywhere for setting up master/slave (as > opposed to multi-master) replication?Well, it''s pretty similar.> I''m having issues getting the replication agreement setup; I''ve > created cn=replication manager inside of cn=config but I get error > messages when trying to create the agreement.What error messages?> When I use cn=Directory Manager instead, it works -- so it''s not a > networking issue. > > I''ve tried various permutations of cn=replication manager inside the > "Simple authentication" field on the "Source and Destination" tab of > the replication agreement tab, but with no success. I''ve checked the > FDS FAQ & Wiki and can''t find a walk-through...What error messages do you get?> > > Chris > > On Dec 3, 2008, at 12:40 PM, Rich Megginson wrote: > >> Christopher Waltham wrote: >>> I''m having a little trouble creating a simple, master/slave >>> replication configuring using FDS 1.1.3. I''m following the Red Hat >>> documentation here: >>> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Creating_the_Supplier_Bind_DN_Entry.html but >>> am having trouble creating the supplier bind DN. >>> >>> This is what I''m appending to /etc/dirsrv/slapd-ldap/dse.ldif: >>> >>> dn: cn=replication manager,cn=config >>> objectClass: inetorgperson >>> objectClass: person >>> objectClass: top >>> cn: replication manager >>> sn: RM >>> userPassword: secretPassword >>> passwordExpirationTime: 20380119031407Z >>> >>> However, as soon as I start the directory server back up, the >>> changes I made to dse.ldif disappear. Am I missing something? >> Yes. You cannot edit dse.ldif while the server is running. If you >> really want to edit dse.ldif, you must shutdown the server first. >> >> If you did stop the server first, make sure there is a blank line >> before dn: cn=replication manager,cn=config - a blank line is the >> entry delimiter in LDIF - if there is no blank line, the server may >> just report a warning to the error log and continue. >> >> But you do not have to do that - you can just use ldapmodify -a to >> add this entry while the server is running >>> >>> Thanks! >>> >>> >>> Chris > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users
Christopher Waltham
2008-Dec-04 18:55 UTC
Re: [Fedora-directory-users] Configuring replication and creating the supplier bind DN
On Dec 3, 2008, at 1:52 PM, Rich Megginson wrote:> Christopher Waltham wrote: >> Is there a tutorial out there anywhere for setting up master/slave >> (as opposed to multi-master) replication? > Well, it''s pretty similar. >> I''m having issues getting the replication agreement setup; I''ve >> created cn=replication manager inside of cn=config but I get error >> messages when trying to create the agreement. > What error messages?I think I somehow created the DN incorrectly; instead of showing me a hash for the usre''s password it actually showed the password in plain text. I re-created the LDIF and re-imported it, and after that it worked fine. :-) Thanks for the reply! Chris> >> When I use cn=Directory Manager instead, it works -- so it''s not a >> networking issue. >> >> I''ve tried various permutations of cn=replication manager inside >> the "Simple authentication" field on the "Source and Destination" >> tab of the replication agreement tab, but with no success. I''ve >> checked the FDS FAQ & Wiki and can''t find a walk-through... > What error messages do you get? >> >> >> Chris >> >> On Dec 3, 2008, at 12:40 PM, Rich Megginson wrote: >> >>> Christopher Waltham wrote: >>>> I''m having a little trouble creating a simple, master/slave >>>> replication configuring using FDS 1.1.3. I''m following the Red >>>> Hat documentation here: http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Creating_the_Supplier_Bind_DN_Entry.html >>>> but am having trouble creating the supplier bind DN. >>>> >>>> This is what I''m appending to /etc/dirsrv/slapd-ldap/dse.ldif: >>>> >>>> dn: cn=replication manager,cn=config >>>> objectClass: inetorgperson >>>> objectClass: person >>>> objectClass: top >>>> cn: replication manager >>>> sn: RM >>>> userPassword: secretPassword >>>> passwordExpirationTime: 20380119031407Z >>>> >>>> However, as soon as I start the directory server back up, the >>>> changes I made to dse.ldif disappear. Am I missing something? >>> Yes. You cannot edit dse.ldif while the server is running. If >>> you really want to edit dse.ldif, you must shutdown the server >>> first. >>> >>> If you did stop the server first, make sure there is a blank line >>> before dn: cn=replication manager,cn=config - a blank line is the >>> entry delimiter in LDIF - if there is no blank line, the server >>> may just report a warning to the error log and continue. >>> >>> But you do not have to do that - you can just use ldapmodify -a to >>> add this entry while the server is running >>>> >>>> Thanks! >>>> >>>> >>>> Chris >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users