Anthony Joseph Messina wrote:
On Friday 28 August 2009 10:25:20 Rich Megginson wrote:
>> 2) I noticed that while using SSL, the setup-ds-admin.pl requires me to
>> delete the CA cert that was previously installed and re-import it
> Yes, this is a bug. https://bugzilla.redhat.com/show_bug.cgi?id=501846
>> I'd like to make sure don't have these servers crap out again.
> Due to the rename issue, your servers will be stopped and restarted, but
> you should not lose your run level configuration. In what other way(s)
> did they "crap out"?
well, since i had SSL in the server, the admin server and the console
communication between both, and when the servers were stopped, the setup-ds-
admin.pl couldn't connect to anything to do the upgrade and once i manually
re-added (chkconfig --add dirsrv...) and restarted, the SSL issue with setup-
ds-admin.pl became a problem as i had to then uninstall certs just to
reinstall them... yuk!
but i'm not worried about the change between fedora-ds* and 389-ds* now as i
removed all of fedora-ds* and installed fresh 389-ds* rpms and just simply
started over. -- i had just moved from OpenLDAP so that wasn't a big deal.
i also noticed last time that the setup-ds-admin.pl created duplicate
instances of my servers in the console -- and i wasn't sure how to get rid of
those which is also part of why i just "started over."
They can be removed using the console directory browser, to remove their
entries from under o=NetscapeRoot
since i'm already using the renamed packages (the first round of
them), i want
to be sure i'm ok with a yum upgrade and that the proper procedure is to
always run a setup-ds-admin.pl -u
Yes. In the future (unless we obsolete some packages again) you can
just use yum update. And you must always run setup-ds-admin.pl -u after
doing an upgrade - this will make sure the console shows the correct
information, and in the future will do things like schema upgrade,
adding new configuration, removing old/obsolete configuration/files, etc.
due to https://bugzilla.redhat.com/show_bug.cgi?id=501846
, i now have
ldap:// (instead of ldaps://) between the admin server and the ds so i should
be able to avoid that issue.
i'm still learning this 389-ds, coming from OpenLDAP where i simply did an yum
update and didn't need to do anything else :)
Unfortunately, there is no way to change the information that the
console uses without asking for some sort of password or credential -
you can't do that with yum upgrade or rpm -U.
I'm not sure how a yum upgrade of openldap would deal with schema
changes, config changes, etc. - perhaps it doesn't do any of that, and
just expects you to do that.
i guess, basically... what does one do if the server stops and they
able to run setup-ds-admin.pl? is it safe to restart the server services and
then try it again?
389 users mailing list