[389-users] Re: Possible bug? - Silent install behaves differently from interactive
Julian, I’m glad that resolved your issue. It’s also nice to know I’m not the only one using Ansible with 389. -morgan > On Sep 20, 2017, at 3:37 AM, Julian Kippelswrote: > > Hi Morgan, > > your mail arrived one day late for me, it seems that the > fedora mailman-server held it for some time before releasing it. > > You seem to have found the solution. When I ran the setup interactively > with --keepcache the SlapdConfigForMC option was not set at all for the > slave. If I manually set it in the inf-file to "no" it all works as > intended. I'm just curious as to why the --keepcache-option would > produce an output that does not reproduce my input… > > In the meantime I had it working with an except-script. If anyone for > any reason would like to use this over a silent install I'm going to > add my ansible template for it here: > > #!/usr/bin/expect -f > spawn setup-ds-admin.pl > expect "continue with set up" > send "yes\r" > expect "Would you like to continue" > send "yes\r" > expect "Choose a setup type" > send "2\r" > expect "Computer name" > send "\r" > expect "System User" > send "\r" > expect "System Group" > send "\r" > expect "configuration directory server" > {% if dirsrv_mode == "master" %} > send "no\r" > expect "administrator ID" > send "\r" > expect "Password" > send "{{ vault_dirsrv_admin_server_password }}\r" > expect "Password (confirm)" > send "{{ vault_dirsrv_admin_server_password }}\r" > expect "Administration Domain" > send "\r" > {% else %} > send "yes\r" > expect "Configuration directory server URL" > send "ldap://{{ dirsrv_config_host }}:389/o=NetscapeRoot\r" > expect "Configuration directory server admin ID" > send "\r" > expect "Configuration directory server admin password" > send "{{ vault_dirsrv_admin_server_password }}\r" > expect "Configuration directory server admin domain" > send "\r" > {% endif %} > expect "Directory server network port" > send "389\r" > expect "Directory server identifier" > send "\r" > expect "Suffix" > send "\r" > expect "Directory Manager DN" > send "\r" > expect "Password" > send "{{ vault_dirsrv_directory_manager_password }}\r" > expect "Password (confirm)" > send "{{ vault_dirsrv_directory_manager_password }}\r" > expect "Administration port" > send "\r" > expect "Are you ready to set up your servers" > send "\r" > expect "Log file is" > send_user "$expect_out(buffer)" > exit 0 > > Julian > > Am Mon, 18 Sep 2017 16:41:46 -0400 > schrieb Morgan Jones : > >> Hello Julian et al, >> >> I’ve resolved my unrelated issues and now I'm pretty sure the process >> to install several servers with a common config host using inf files >> is this. I’d love some feedback from others if you feel this is >> wrong, this is just from trial and error on my part and it’s not >> particularly intuitive: >> >> Do an install with setup-ds-admin.pl —keepcache >> >> Take the resulting .inf and change: >> SlapdConfigForMC = yes on the server you want to install the config >> tree, SlapdConfigForMC = no on the rest, and >> UseExistingMC = 0 on the server you want to install the config tree, >> and UseExistingMC = 1 on the rest and >> >> Also put adm.conf at /etc/dirsrv/admin-serv/adm.conf. >> >> Here’s an update to the links below, I renamed the .inf template. >> These should be immutable: >> https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/templates/389_install.inf.j2 >> https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/templates/adm.conf.j2 >> https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/install_389.yml >> >> -morgan >> >> >> >> >>> On Sep 15, 2017, at 12:56 PM, Morgan Jones >>> wrote: >>> >>> Hello Julia, >>> >>> I’m troubleshooting this exact behavior. So far I’ve found if you >>> create an /etc/dirsrv/admin-serv/adm.conf before the silent install >>> it works. However we just went through a host domain name change >>> (long story) and I’m having I think unrelated problems. I hope to >>> resolve that shortly and then I might have a more definitive answer. >>> >>> In the mean time this may be helpful to you: >>> https://github.com/morganllj/ansible-playbooks/blob/develop/templates/389_primary_master_setup.inf.j2 >>> https://github.com/morganllj/ansible-playbooks/blob/develop/templates/adm.conf.j2 >>> >>> Here’s where they’re used if you are familiar with ansible: >>> https://github.com/morganllj/ansible-playbooks/blob/develop/install_389.yml >>> >>> -morgan >>> >>> On Sep 15, 2017, at 11:49 AM, Julian Kippels wrote: Hi, I was playing around with silent installs and found out that the final configuration differs from interactive installations. Here is what I did: I installed two servers on different machines ds-1.localdomain and ds-2.localdomain. ds-1 is used as a master
[389-users] Re: Possible bug? - Silent install behaves differently from interactive
Hi Morgan, your mail arrived one day late for me, it seems that the fedora mailman-server held it for some time before releasing it. You seem to have found the solution. When I ran the setup interactively with --keepcache the SlapdConfigForMC option was not set at all for the slave. If I manually set it in the inf-file to "no" it all works as intended. I'm just curious as to why the --keepcache-option would produce an output that does not reproduce my input… In the meantime I had it working with an except-script. If anyone for any reason would like to use this over a silent install I'm going to add my ansible template for it here: #!/usr/bin/expect -f spawn setup-ds-admin.pl expect "continue with set up" send "yes\r" expect "Would you like to continue" send "yes\r" expect "Choose a setup type" send "2\r" expect "Computer name" send "\r" expect "System User" send "\r" expect "System Group" send "\r" expect "configuration directory server" {% if dirsrv_mode == "master" %} send "no\r" expect "administrator ID" send "\r" expect "Password" send "{{ vault_dirsrv_admin_server_password }}\r" expect "Password (confirm)" send "{{ vault_dirsrv_admin_server_password }}\r" expect "Administration Domain" send "\r" {% else %} send "yes\r" expect "Configuration directory server URL" send "ldap://{{ dirsrv_config_host }}:389/o=NetscapeRoot\r" expect "Configuration directory server admin ID" send "\r" expect "Configuration directory server admin password" send "{{ vault_dirsrv_admin_server_password }}\r" expect "Configuration directory server admin domain" send "\r" {% endif %} expect "Directory server network port" send "389\r" expect "Directory server identifier" send "\r" expect "Suffix" send "\r" expect "Directory Manager DN" send "\r" expect "Password" send "{{ vault_dirsrv_directory_manager_password }}\r" expect "Password (confirm)" send "{{ vault_dirsrv_directory_manager_password }}\r" expect "Administration port" send "\r" expect "Are you ready to set up your servers" send "\r" expect "Log file is" send_user "$expect_out(buffer)" exit 0 Julian Am Mon, 18 Sep 2017 16:41:46 -0400 schrieb Morgan Jones: > Hello Julian et al, > > I’ve resolved my unrelated issues and now I'm pretty sure the process > to install several servers with a common config host using inf files > is this. I’d love some feedback from others if you feel this is > wrong, this is just from trial and error on my part and it’s not > particularly intuitive: > > Do an install with setup-ds-admin.pl —keepcache > > Take the resulting .inf and change: > SlapdConfigForMC = yes on the server you want to install the config > tree, SlapdConfigForMC = no on the rest, and > UseExistingMC = 0 on the server you want to install the config tree, > and UseExistingMC = 1 on the rest and > > Also put adm.conf at /etc/dirsrv/admin-serv/adm.conf. > > Here’s an update to the links below, I renamed the .inf template. > These should be immutable: > https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/templates/389_install.inf.j2 > https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/templates/adm.conf.j2 > https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/install_389.yml > > -morgan > > > > > > On Sep 15, 2017, at 12:56 PM, Morgan Jones > > wrote: > > > > Hello Julia, > > > > I’m troubleshooting this exact behavior. So far I’ve found if you > > create an /etc/dirsrv/admin-serv/adm.conf before the silent install > > it works. However we just went through a host domain name change > > (long story) and I’m having I think unrelated problems. I hope to > > resolve that shortly and then I might have a more definitive answer. > > > > In the mean time this may be helpful to you: > > https://github.com/morganllj/ansible-playbooks/blob/develop/templates/389_primary_master_setup.inf.j2 > > https://github.com/morganllj/ansible-playbooks/blob/develop/templates/adm.conf.j2 > > > > Here’s where they’re used if you are familiar with ansible: > > https://github.com/morganllj/ansible-playbooks/blob/develop/install_389.yml > > > > -morgan > > > > > >> On Sep 15, 2017, at 11:49 AM, Julian Kippels > >> wrote: > >> > >> Hi, > >> > >> I was playing around with silent installs and found out that the > >> final configuration differs from interactive installations. Here > >> is what I did: > >> > >> I installed two servers on different machines ds-1.localdomain and > >> ds-2.localdomain. ds-1 is used as a master and ds-2 is supposed to > >> use it as its configuration server. > >> Both machines run RHEL 7.4 with the latest EPEL-builds of 389-ds. > >> > >> First I used setup-ds-admin.pl --keepcache interactively first on > >> ds-1 and told it not to use an existing configuration server, then > >> on ds-2 and told it to use ds-1. When I connect to ds-1 using > >> 389-console I can
[389-users] Re: Possible bug? - Silent install behaves differently from interactive
Julian, Did you see my on-list response on the list at 16:41pm eastern yesterday? I didn’t see it make it to the list, It’s quoted below. The problem I was having was the first install would fail with an error connecting to the host that stores the config. Setting SlapdConfigForMC and UseExistingMC appropriately fixed it for me. What is SlapdConfigForMC and UseExistingMC set to on the server that stores that config and server(s) that don’t store? I just got everything working cleanly with the below inf. Can dig up a list of the variables I’m setting in my hosts.yml would you be willing to post a sanitized version of your inf so we can compare notes? I agree expect is clunky, I’m curious to find out what your problem is as I’ve been living this issue for the last week or so. -morgan > On Sep 18, 2017, at 4:41 PM, Morgan Joneswrote: > > Hello Julian et al, > > I’ve resolved my unrelated issues and now I'm pretty sure the process to > install several servers with a common config host using inf files is this. > I’d love some feedback from others if you feel this is wrong, this is just > from trial and error on my part and it’s not particularly intuitive: > > Do an install with setup-ds-admin.pl —keepcache > > Take the resulting .inf and change: > SlapdConfigForMC = yes on the server you want to install the config tree, > SlapdConfigForMC = no on the rest, and > UseExistingMC = 0 on the server you want to install the config tree, and > UseExistingMC = 1 on the rest and > > Also put adm.conf at /etc/dirsrv/admin-serv/adm.conf. > > Here’s an update to the links below, I renamed the .inf template. These > should be immutable: > https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/templates/389_install.inf.j2 > https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/templates/adm.conf.j2 > https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/install_389.yml > > -morgan > On Sep 18, 2017, at 5:24 AM, Julian Kippels wrote: > > Hi, > > I have tested this and have found that any entries > in /etc/dirsrv/admin-serv/adm.conf get overridden by the install > script. I have adapted your template to work with my own ansible > playbook and after setup-ds-admin.pl ran, the value for ldapurl has > changed to the local hostname instead of the hostname for the config > host. Additionaly the ConfigDirectoryLdapURL parameter from the > inf-File seems to be ignored. Even if I set it to the correct config > host hostname the local hostname is being used eventually. > > My current plan is to ditch the silent install completely in favor of > an expect-script that would send the input to an interactive run of > setup-ds-admin.pl. However I think that this is a really clunky fix and > I would really like to get it working with the silent install. > > Julian > > Am Fri, 15 Sep 2017 12:56:07 -0400 > schrieb Morgan Jones : > >> Hello Julia, >> >> I’m troubleshooting this exact behavior. So far I’ve found if you >> create an /etc/dirsrv/admin-serv/adm.conf before the silent install >> it works. However we just went through a host domain name change >> (long story) and I’m having I think unrelated problems. I hope to >> resolve that shortly and then I might have a more definitive answer. >> >> In the mean time this may be helpful to you: >> https://github.com/morganllj/ansible-playbooks/blob/develop/templates/389_primary_master_setup.inf.j2 >> https://github.com/morganllj/ansible-playbooks/blob/develop/templates/adm.conf.j2 >> >> Here’s where they’re used if you are familiar with ansible: >> https://github.com/morganllj/ansible-playbooks/blob/develop/install_389.yml >> >> -morgan >> >> >>> On Sep 15, 2017, at 11:49 AM, Julian Kippels wrote: >>> >>> Hi, >>> >>> I was playing around with silent installs and found out that the >>> final configuration differs from interactive installations. Here is >>> what I did: >>> >>> I installed two servers on different machines ds-1.localdomain and >>> ds-2.localdomain. ds-1 is used as a master and ds-2 is supposed to >>> use it as its configuration server. >>> Both machines run RHEL 7.4 with the latest EPEL-builds of 389-ds. >>> >>> First I used setup-ds-admin.pl --keepcache interactively first on >>> ds-1 and told it not to use an existing configuration server, then >>> on ds-2 and told it to use ds-1. When I connect to ds-1 using >>> 389-console I can see both ds-1 and ds-2. >>> Then I took the generated .inf-files, removed all traces from the >>> previous instances from both machines using remove-ds-admin.pl -a >>> -f -y and then ran setup-ds-admin.pl --silent --file=ds-1.inf and >>> --file=ds-2.inf respectively. When I connect to ds-1 now, I only see >>> ds-1, to see ds-2 I have to connect to ds-2 with 389-console. >>> >>> The .inf-files look
[389-users] Re: Possible bug? - Silent install behaves differently from interactive
Hello Julian et al, I’ve resolved my unrelated issues and now I'm pretty sure the process to install several servers with a common config host using inf files is this. I’d love some feedback from others if you feel this is wrong, this is just from trial and error on my part and it’s not particularly intuitive: Do an install with setup-ds-admin.pl —keepcache Take the resulting .inf and change: SlapdConfigForMC = yes on the server you want to install the config tree, SlapdConfigForMC = no on the rest, and UseExistingMC = 0 on the server you want to install the config tree, and UseExistingMC = 1 on the rest and Also put adm.conf at /etc/dirsrv/admin-serv/adm.conf. Here’s an update to the links below, I renamed the .inf template. These should be immutable: https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/templates/389_install.inf.j2 https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/templates/adm.conf.j2 https://github.com/morganllj/ansible-playbooks/blob/3bf0fa9ee5c69c10940eaa2163b6d69155767475/install_389.yml -morgan > On Sep 15, 2017, at 12:56 PM, Morgan Joneswrote: > > Hello Julia, > > I’m troubleshooting this exact behavior. So far I’ve found if you create an > /etc/dirsrv/admin-serv/adm.conf before the silent install it works. However > we just went through a host domain name change (long story) and I’m having I > think unrelated problems. I hope to resolve that shortly and then I might > have a more definitive answer. > > In the mean time this may be helpful to you: > https://github.com/morganllj/ansible-playbooks/blob/develop/templates/389_primary_master_setup.inf.j2 > https://github.com/morganllj/ansible-playbooks/blob/develop/templates/adm.conf.j2 > > Here’s where they’re used if you are familiar with ansible: > https://github.com/morganllj/ansible-playbooks/blob/develop/install_389.yml > > -morgan > > >> On Sep 15, 2017, at 11:49 AM, Julian Kippels wrote: >> >> Hi, >> >> I was playing around with silent installs and found out that the final >> configuration differs from interactive installations. Here is what I >> did: >> >> I installed two servers on different machines ds-1.localdomain and >> ds-2.localdomain. ds-1 is used as a master and ds-2 is supposed to use >> it as its configuration server. >> Both machines run RHEL 7.4 with the latest EPEL-builds of 389-ds. >> >> First I used setup-ds-admin.pl --keepcache interactively first on ds-1 >> and told it not to use an existing configuration server, then on ds-2 >> and told it to use ds-1. When I connect to ds-1 using 389-console I can >> see both ds-1 and ds-2. >> Then I took the generated .inf-files, removed all traces from the >> previous instances from both machines using remove-ds-admin.pl -a -f -y >> and then ran setup-ds-admin.pl --silent --file=ds-1.inf and >> --file=ds-2.inf respectively. When I connect to ds-1 now, I only see >> ds-1, to see ds-2 I have to connect to ds-2 with 389-console. >> >> The .inf-files look like this: >> >> $ cat ds-1.inf >> [General] >> AdminDomain = localdomain >> ConfigDirectoryAdminID = admin >> ConfigDirectoryAdminPwd = XXX >> ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot >> FullMachineName = ds-1.localdomain >> ServerRoot = /usr/lib64/dirsrv >> StrictHostCheck = true >> SuiteSpotGroup = dirsrv >> SuiteSpotUserID = dirsrv >> [admin] >> Port = 9830 >> ServerAdminID = admin >> ServerAdminPwd = XXX >> ServerIpAddress = 0.0.0.0 >> SysUser = dirsrv >> [slapd] >> start_server = 0 >> AddOrgEntries = Yes >> AddSampleEntries = No >> HashedRootDNPwd = XXX >> InstScriptsEnabled = true >> InstallLdifFile = suggest >> RootDN = cn=Directory Manager >> RootDNPwd = XXX >> ServerIdentifier = ds-1 >> ServerPort = 389 >> SlapdConfigForMC = yes >> Suffix = dc=localdomain >> UseExistingMC = 0 >> bak_dir = /var/lib/dirsrv/slapd-ds-1/bak >> bindir = /usr/bin >> cert_dir = /etc/dirsrv/slapd-ds-1 >> config_dir = /etc/dirsrv/slapd-ds-1 >> datadir = /usr/share >> db_dir = /var/lib/dirsrv/slapd-ds-1/db >> ds_bename = userRoot >> inst_dir = /usr/lib64/dirsrv/slapd-ds-1 >> ldif_dir = /var/lib/dirsrv/slapd-ds-1/ldif >> localstatedir = /var >> lock_dir = /var/lock/dirsrv/slapd-ds-1 >> log_dir = /var/log/dirsrv/slapd-ds-1 >> naming_value = rz >> run_dir = /var/run/dirsrv >> sbindir = /usr/sbin >> schema_dir = /etc/dirsrv/slapd-ds-1/schema >> sysconfdir = /etc >> tmp_dir = /tmp >> >> $ cat ds-2.inf >> [General] >> AdminDomain = localdomain >> ConfigDirectoryAdminID = admin >> ConfigDirectoryAdminPwd = XXX >> ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot >> FullMachineName = ds-2.localdomain >> ServerRoot = /usr/lib64/dirsrv >> StrictHostCheck = true >> SuiteSpotGroup = dirsrv >> SuiteSpotUserID = dirsrv >> [admin] >> Port = 9830 >> ServerAdminID = admin >> ServerAdminPwd = XXX >> ServerIpAddress = 0.0.0.0 >> SysUser =
[389-users] Re: Possible bug? - Silent install behaves differently from interactive
Hi, I have tested this and have found that any entries in /etc/dirsrv/admin-serv/adm.conf get overridden by the install script. I have adapted your template to work with my own ansible playbook and after setup-ds-admin.pl ran, the value for ldapurl has changed to the local hostname instead of the hostname for the config host. Additionaly the ConfigDirectoryLdapURL parameter from the inf-File seems to be ignored. Even if I set it to the correct config host hostname the local hostname is being used eventually. My current plan is to ditch the silent install completely in favor of an expect-script that would send the input to an interactive run of setup-ds-admin.pl. However I think that this is a really clunky fix and I would really like to get it working with the silent install. Julian Am Fri, 15 Sep 2017 12:56:07 -0400 schrieb Morgan Jones: > Hello Julia, > > I’m troubleshooting this exact behavior. So far I’ve found if you > create an /etc/dirsrv/admin-serv/adm.conf before the silent install > it works. However we just went through a host domain name change > (long story) and I’m having I think unrelated problems. I hope to > resolve that shortly and then I might have a more definitive answer. > > In the mean time this may be helpful to you: > https://github.com/morganllj/ansible-playbooks/blob/develop/templates/389_primary_master_setup.inf.j2 > https://github.com/morganllj/ansible-playbooks/blob/develop/templates/adm.conf.j2 > > Here’s where they’re used if you are familiar with ansible: > https://github.com/morganllj/ansible-playbooks/blob/develop/install_389.yml > > -morgan > > > > On Sep 15, 2017, at 11:49 AM, Julian Kippels wrote: > > > > Hi, > > > > I was playing around with silent installs and found out that the > > final configuration differs from interactive installations. Here is > > what I did: > > > > I installed two servers on different machines ds-1.localdomain and > > ds-2.localdomain. ds-1 is used as a master and ds-2 is supposed to > > use it as its configuration server. > > Both machines run RHEL 7.4 with the latest EPEL-builds of 389-ds. > > > > First I used setup-ds-admin.pl --keepcache interactively first on > > ds-1 and told it not to use an existing configuration server, then > > on ds-2 and told it to use ds-1. When I connect to ds-1 using > > 389-console I can see both ds-1 and ds-2. > > Then I took the generated .inf-files, removed all traces from the > > previous instances from both machines using remove-ds-admin.pl -a > > -f -y and then ran setup-ds-admin.pl --silent --file=ds-1.inf and > > --file=ds-2.inf respectively. When I connect to ds-1 now, I only see > > ds-1, to see ds-2 I have to connect to ds-2 with 389-console. > > > > The .inf-files look like this: > > > > $ cat ds-1.inf > > [General] > > AdminDomain = localdomain > > ConfigDirectoryAdminID = admin > > ConfigDirectoryAdminPwd = XXX > > ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot > > FullMachineName = ds-1.localdomain > > ServerRoot = /usr/lib64/dirsrv > > StrictHostCheck = true > > SuiteSpotGroup = dirsrv > > SuiteSpotUserID = dirsrv > > [admin] > > Port = 9830 > > ServerAdminID = admin > > ServerAdminPwd = XXX > > ServerIpAddress = 0.0.0.0 > > SysUser = dirsrv > > [slapd] > > start_server = 0 > > AddOrgEntries = Yes > > AddSampleEntries = No > > HashedRootDNPwd = XXX > > InstScriptsEnabled = true > > InstallLdifFile = suggest > > RootDN = cn=Directory Manager > > RootDNPwd = XXX > > ServerIdentifier = ds-1 > > ServerPort = 389 > > SlapdConfigForMC = yes > > Suffix = dc=localdomain > > UseExistingMC = 0 > > bak_dir = /var/lib/dirsrv/slapd-ds-1/bak > > bindir = /usr/bin > > cert_dir = /etc/dirsrv/slapd-ds-1 > > config_dir = /etc/dirsrv/slapd-ds-1 > > datadir = /usr/share > > db_dir = /var/lib/dirsrv/slapd-ds-1/db > > ds_bename = userRoot > > inst_dir = /usr/lib64/dirsrv/slapd-ds-1 > > ldif_dir = /var/lib/dirsrv/slapd-ds-1/ldif > > localstatedir = /var > > lock_dir = /var/lock/dirsrv/slapd-ds-1 > > log_dir = /var/log/dirsrv/slapd-ds-1 > > naming_value = rz > > run_dir = /var/run/dirsrv > > sbindir = /usr/sbin > > schema_dir = /etc/dirsrv/slapd-ds-1/schema > > sysconfdir = /etc > > tmp_dir = /tmp > > > > $ cat ds-2.inf > > [General] > > AdminDomain = localdomain > > ConfigDirectoryAdminID = admin > > ConfigDirectoryAdminPwd = XXX > > ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot > > FullMachineName = ds-2.localdomain > > ServerRoot = /usr/lib64/dirsrv > > StrictHostCheck = true > > SuiteSpotGroup = dirsrv > > SuiteSpotUserID = dirsrv > > [admin] > > Port = 9830 > > ServerAdminID = admin > > ServerAdminPwd = XXX > > ServerIpAddress = 0.0.0.0 > > SysUser = dirsrv > > [slapd] > > AddOrgEntries = Yes > > AddSampleEntries = No > > HashedRootDNPwd = XXX > > InstScriptsEnabled = true > > InstallLdifFile = suggest > > RootDN = cn=Directory Manager > > RootDNPwd = XXX > > ServerIdentifier = ds-2 > >
[389-users] Re: Possible bug? - Silent install behaves differently from interactive
Julian, Sorry on the name mix-up, typing quickly. -morgan > On Sep 15, 2017, at 12:56 PM, Morgan Joneswrote: > > Hello Julia, > > I’m troubleshooting this exact behavior. So far I’ve found if you create an > /etc/dirsrv/admin-serv/adm.conf before the silent install it works. However > we just went through a host domain name change (long story) and I’m having I > think unrelated problems. I hope to resolve that shortly and then I might > have a more definitive answer. > > In the mean time this may be helpful to you: > https://github.com/morganllj/ansible-playbooks/blob/develop/templates/389_primary_master_setup.inf.j2 > https://github.com/morganllj/ansible-playbooks/blob/develop/templates/adm.conf.j2 > > Here’s where they’re used if you are familiar with ansible: > https://github.com/morganllj/ansible-playbooks/blob/develop/install_389.yml > > -morgan > > >> On Sep 15, 2017, at 11:49 AM, Julian Kippels wrote: >> >> Hi, >> >> I was playing around with silent installs and found out that the final >> configuration differs from interactive installations. Here is what I >> did: >> >> I installed two servers on different machines ds-1.localdomain and >> ds-2.localdomain. ds-1 is used as a master and ds-2 is supposed to use >> it as its configuration server. >> Both machines run RHEL 7.4 with the latest EPEL-builds of 389-ds. >> >> First I used setup-ds-admin.pl --keepcache interactively first on ds-1 >> and told it not to use an existing configuration server, then on ds-2 >> and told it to use ds-1. When I connect to ds-1 using 389-console I can >> see both ds-1 and ds-2. >> Then I took the generated .inf-files, removed all traces from the >> previous instances from both machines using remove-ds-admin.pl -a -f -y >> and then ran setup-ds-admin.pl --silent --file=ds-1.inf and >> --file=ds-2.inf respectively. When I connect to ds-1 now, I only see >> ds-1, to see ds-2 I have to connect to ds-2 with 389-console. >> >> The .inf-files look like this: >> >> $ cat ds-1.inf >> [General] >> AdminDomain = localdomain >> ConfigDirectoryAdminID = admin >> ConfigDirectoryAdminPwd = XXX >> ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot >> FullMachineName = ds-1.localdomain >> ServerRoot = /usr/lib64/dirsrv >> StrictHostCheck = true >> SuiteSpotGroup = dirsrv >> SuiteSpotUserID = dirsrv >> [admin] >> Port = 9830 >> ServerAdminID = admin >> ServerAdminPwd = XXX >> ServerIpAddress = 0.0.0.0 >> SysUser = dirsrv >> [slapd] >> start_server = 0 >> AddOrgEntries = Yes >> AddSampleEntries = No >> HashedRootDNPwd = XXX >> InstScriptsEnabled = true >> InstallLdifFile = suggest >> RootDN = cn=Directory Manager >> RootDNPwd = XXX >> ServerIdentifier = ds-1 >> ServerPort = 389 >> SlapdConfigForMC = yes >> Suffix = dc=localdomain >> UseExistingMC = 0 >> bak_dir = /var/lib/dirsrv/slapd-ds-1/bak >> bindir = /usr/bin >> cert_dir = /etc/dirsrv/slapd-ds-1 >> config_dir = /etc/dirsrv/slapd-ds-1 >> datadir = /usr/share >> db_dir = /var/lib/dirsrv/slapd-ds-1/db >> ds_bename = userRoot >> inst_dir = /usr/lib64/dirsrv/slapd-ds-1 >> ldif_dir = /var/lib/dirsrv/slapd-ds-1/ldif >> localstatedir = /var >> lock_dir = /var/lock/dirsrv/slapd-ds-1 >> log_dir = /var/log/dirsrv/slapd-ds-1 >> naming_value = rz >> run_dir = /var/run/dirsrv >> sbindir = /usr/sbin >> schema_dir = /etc/dirsrv/slapd-ds-1/schema >> sysconfdir = /etc >> tmp_dir = /tmp >> >> $ cat ds-2.inf >> [General] >> AdminDomain = localdomain >> ConfigDirectoryAdminID = admin >> ConfigDirectoryAdminPwd = XXX >> ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot >> FullMachineName = ds-2.localdomain >> ServerRoot = /usr/lib64/dirsrv >> StrictHostCheck = true >> SuiteSpotGroup = dirsrv >> SuiteSpotUserID = dirsrv >> [admin] >> Port = 9830 >> ServerAdminID = admin >> ServerAdminPwd = XXX >> ServerIpAddress = 0.0.0.0 >> SysUser = dirsrv >> [slapd] >> AddOrgEntries = Yes >> AddSampleEntries = No >> HashedRootDNPwd = XXX >> InstScriptsEnabled = true >> InstallLdifFile = suggest >> RootDN = cn=Directory Manager >> RootDNPwd = XXX >> ServerIdentifier = ds-2 >> ServerPort = 389 >> Suffix = dc=localdomain >> UseExistingMC = 1 >> bak_dir = /var/lib/dirsrv/slapd-ds-2/bak >> bindir = /usr/bin >> cert_dir = /etc/dirsrv/slapd-ds-2 >> config_dir = /etc/dirsrv/slapd-ds-2 >> datadir = /usr/share >> db_dir = /var/lib/dirsrv/slapd-ds-2/db >> ds_bename = userRoot >> inst_dir = /usr/lib64/dirsrv/slapd-ds-2 >> ldif_dir = /var/lib/dirsrv/slapd-ds-2/ldif >> localstatedir = /var >> lock_dir = /var/lock/dirsrv/slapd-ds-2 >> log_dir = /var/log/dirsrv/slapd-ds-2 >> naming_value = rz >> run_dir = /var/run/dirsrv >> sbindir = /usr/sbin >> schema_dir = /etc/dirsrv/slapd-ds-2/schema >> sysconfdir = /etc >> tmp_dir = /tmp >> >> I think this unintended behaviour and should be fixed. Unless I did a >> mistake somewhere, but I can't see where… >> >> Julian >> ___ >>
[389-users] Re: Possible bug? - Silent install behaves differently from interactive
Hello Julia, I’m troubleshooting this exact behavior. So far I’ve found if you create an /etc/dirsrv/admin-serv/adm.conf before the silent install it works. However we just went through a host domain name change (long story) and I’m having I think unrelated problems. I hope to resolve that shortly and then I might have a more definitive answer. In the mean time this may be helpful to you: https://github.com/morganllj/ansible-playbooks/blob/develop/templates/389_primary_master_setup.inf.j2 https://github.com/morganllj/ansible-playbooks/blob/develop/templates/adm.conf.j2 Here’s where they’re used if you are familiar with ansible: https://github.com/morganllj/ansible-playbooks/blob/develop/install_389.yml -morgan > On Sep 15, 2017, at 11:49 AM, Julian Kippelswrote: > > Hi, > > I was playing around with silent installs and found out that the final > configuration differs from interactive installations. Here is what I > did: > > I installed two servers on different machines ds-1.localdomain and > ds-2.localdomain. ds-1 is used as a master and ds-2 is supposed to use > it as its configuration server. > Both machines run RHEL 7.4 with the latest EPEL-builds of 389-ds. > > First I used setup-ds-admin.pl --keepcache interactively first on ds-1 > and told it not to use an existing configuration server, then on ds-2 > and told it to use ds-1. When I connect to ds-1 using 389-console I can > see both ds-1 and ds-2. > Then I took the generated .inf-files, removed all traces from the > previous instances from both machines using remove-ds-admin.pl -a -f -y > and then ran setup-ds-admin.pl --silent --file=ds-1.inf and > --file=ds-2.inf respectively. When I connect to ds-1 now, I only see > ds-1, to see ds-2 I have to connect to ds-2 with 389-console. > > The .inf-files look like this: > > $ cat ds-1.inf > [General] > AdminDomain = localdomain > ConfigDirectoryAdminID = admin > ConfigDirectoryAdminPwd = XXX > ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot > FullMachineName = ds-1.localdomain > ServerRoot = /usr/lib64/dirsrv > StrictHostCheck = true > SuiteSpotGroup = dirsrv > SuiteSpotUserID = dirsrv > [admin] > Port = 9830 > ServerAdminID = admin > ServerAdminPwd = XXX > ServerIpAddress = 0.0.0.0 > SysUser = dirsrv > [slapd] > start_server = 0 > AddOrgEntries = Yes > AddSampleEntries = No > HashedRootDNPwd = XXX > InstScriptsEnabled = true > InstallLdifFile = suggest > RootDN = cn=Directory Manager > RootDNPwd = XXX > ServerIdentifier = ds-1 > ServerPort = 389 > SlapdConfigForMC = yes > Suffix = dc=localdomain > UseExistingMC = 0 > bak_dir = /var/lib/dirsrv/slapd-ds-1/bak > bindir = /usr/bin > cert_dir = /etc/dirsrv/slapd-ds-1 > config_dir = /etc/dirsrv/slapd-ds-1 > datadir = /usr/share > db_dir = /var/lib/dirsrv/slapd-ds-1/db > ds_bename = userRoot > inst_dir = /usr/lib64/dirsrv/slapd-ds-1 > ldif_dir = /var/lib/dirsrv/slapd-ds-1/ldif > localstatedir = /var > lock_dir = /var/lock/dirsrv/slapd-ds-1 > log_dir = /var/log/dirsrv/slapd-ds-1 > naming_value = rz > run_dir = /var/run/dirsrv > sbindir = /usr/sbin > schema_dir = /etc/dirsrv/slapd-ds-1/schema > sysconfdir = /etc > tmp_dir = /tmp > > $ cat ds-2.inf > [General] > AdminDomain = localdomain > ConfigDirectoryAdminID = admin > ConfigDirectoryAdminPwd = XXX > ConfigDirectoryLdapURL = ldap://ds-1.localdomain:389/o=NetscapeRoot > FullMachineName = ds-2.localdomain > ServerRoot = /usr/lib64/dirsrv > StrictHostCheck = true > SuiteSpotGroup = dirsrv > SuiteSpotUserID = dirsrv > [admin] > Port = 9830 > ServerAdminID = admin > ServerAdminPwd = XXX > ServerIpAddress = 0.0.0.0 > SysUser = dirsrv > [slapd] > AddOrgEntries = Yes > AddSampleEntries = No > HashedRootDNPwd = XXX > InstScriptsEnabled = true > InstallLdifFile = suggest > RootDN = cn=Directory Manager > RootDNPwd = XXX > ServerIdentifier = ds-2 > ServerPort = 389 > Suffix = dc=localdomain > UseExistingMC = 1 > bak_dir = /var/lib/dirsrv/slapd-ds-2/bak > bindir = /usr/bin > cert_dir = /etc/dirsrv/slapd-ds-2 > config_dir = /etc/dirsrv/slapd-ds-2 > datadir = /usr/share > db_dir = /var/lib/dirsrv/slapd-ds-2/db > ds_bename = userRoot > inst_dir = /usr/lib64/dirsrv/slapd-ds-2 > ldif_dir = /var/lib/dirsrv/slapd-ds-2/ldif > localstatedir = /var > lock_dir = /var/lock/dirsrv/slapd-ds-2 > log_dir = /var/log/dirsrv/slapd-ds-2 > naming_value = rz > run_dir = /var/run/dirsrv > sbindir = /usr/sbin > schema_dir = /etc/dirsrv/slapd-ds-2/schema > sysconfdir = /etc > tmp_dir = /tmp > > I think this unintended behaviour and should be fixed. Unless I did a > mistake somewhere, but I can't see where… > > Julian > ___ > 389-users mailing list -- 389-users@lists.fedoraproject.org > To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to