I am trying to consolidate our network design in order to make more efficient use of resources/logons etc etc.
The difficulty I have is this:
The current ODMaster (which I would (ideally) like to remain as the master) is out on the internet with a public IP so we have access to the wiki etc from other locations without worrying about VPN's etc. That's not set in stone, but is preferable.
The remaining 4 sites all need ODReplicas, however they are on our private network behind routers. When I try and create a replica using all the correct info, it reports it has succeeded, but back in Server Mgr, it reports it is a standalone and there is no indication on the master that any replica exists.
Have heard that SSH access is needed, so have set up Port forwarding on the router to allow SSH (port 22 TCP) pointing to the potential replica also on port 22, however still no joy. There is nothing in the OD error logs at all.
On another router on another site I just tried opening port 22, and get the same effect when trying to create a replica, but the OD error log reports the following:
2009-01-23 10:10:07 +0000 - ssh command failed with status 1
2009-01-23 10:10:07 +0000 - Removing replica due to an error copying LDAP database. (error = 69)
2009-01-23 10:10:07 +0000 - command: ssh root@85.113.82.31 /usr/sbin/slapconfig -removereplica 192.168.1.11 diradmin
2009-01-23 10:10:10 +0000 - command: ssh root@85.113.82.31 /usr/sbin/slapconfig -startldapserver
2009-01-23 11:05:15 +0000 - slapconfig -setmacosxodpol2009-01-23 11:05:15 +0000 - command: ssh root@85.112.82.31 /usr/sbin/slapconfig -checkmaster diradmin 0 4 4
2009-01-23 11:06:31 +0000 - ssh command failed with status 255
2009-01-23 11:06:31 +0000 - (error = 255)
2009-01-23 11:08:15 +0000 - slapconfig -createreplica
2009-01-23 11:08:15 +0000 - command: ssh root@85.113.82.31 /usr/sbin/slapconfig -checkmaster diradmin 0 4 4
2009-01-23 11:08:18 +0000 - Warning: An error occurred while disabling GSSAPI binding.
2009-01-23 11:08:18 +0000 - 1 Updating master's configuration
2009-01-23 11:08:18 +0000 - command: ssh root@85.113.82.31 /usr/sbin/slapconfig -addreplica 192.168.1.11
2009-01-23 11:08:21 +0000 - 2 Stopping master LDAP server
2009-01-23 11:08:21 +0000 - command: ssh root@85.113.82.31 /usr/sbin/slapconfig -stopldapserver
2009-01-23 11:08:24 +0000 - command: ssh root@85.113.82.31 /usr/bin/db_recover -h /var/db/openldap/openldap-data ; /usr/sbin/slapcat -l /var/db/openldap/openldap-data/backup.ldif
2009-01-23 11:08:29 +0000 - ssh command output:
# no data for entry id=00000001
Obviously it looks like SSH is causing some difficulties, but I'm not sure what exactly.
Anybody any thoughts?
The difficulty I have is this:
The current ODMaster (which I would (ideally) like to remain as the master) is out on the internet with a public IP so we have access to the wiki etc from other locations without worrying about VPN's etc. That's not set in stone, but is preferable.
The remaining 4 sites all need ODReplicas, however they are on our private network behind routers. When I try and create a replica using all the correct info, it reports it has succeeded, but back in Server Mgr, it reports it is a standalone and there is no indication on the master that any replica exists.
Have heard that SSH access is needed, so have set up Port forwarding on the router to allow SSH (port 22 TCP) pointing to the potential replica also on port 22, however still no joy. There is nothing in the OD error logs at all.
On another router on another site I just tried opening port 22, and get the same effect when trying to create a replica, but the OD error log reports the following:
2009-01-23 10:10:07 +0000 - ssh command failed with status 1
2009-01-23 10:10:07 +0000 - Removing replica due to an error copying LDAP database. (error = 69)
2009-01-23 10:10:07 +0000 - command: ssh root@85.113.82.31 /usr/sbin/slapconfig -removereplica 192.168.1.11 diradmin
2009-01-23 10:10:10 +0000 - command: ssh root@85.113.82.31 /usr/sbin/slapconfig -startldapserver
2009-01-23 11:05:15 +0000 - slapconfig -setmacosxodpol2009-01-23 11:05:15 +0000 - command: ssh root@85.112.82.31 /usr/sbin/slapconfig -checkmaster diradmin 0 4 4
2009-01-23 11:06:31 +0000 - ssh command failed with status 255
2009-01-23 11:06:31 +0000 - (error = 255)
2009-01-23 11:08:15 +0000 - slapconfig -createreplica
2009-01-23 11:08:15 +0000 - command: ssh root@85.113.82.31 /usr/sbin/slapconfig -checkmaster diradmin 0 4 4
2009-01-23 11:08:18 +0000 - Warning: An error occurred while disabling GSSAPI binding.
2009-01-23 11:08:18 +0000 - 1 Updating master's configuration
2009-01-23 11:08:18 +0000 - command: ssh root@85.113.82.31 /usr/sbin/slapconfig -addreplica 192.168.1.11
2009-01-23 11:08:21 +0000 - 2 Stopping master LDAP server
2009-01-23 11:08:21 +0000 - command: ssh root@85.113.82.31 /usr/sbin/slapconfig -stopldapserver
2009-01-23 11:08:24 +0000 - command: ssh root@85.113.82.31 /usr/bin/db_recover -h /var/db/openldap/openldap-data ; /usr/sbin/slapcat -l /var/db/openldap/openldap-data/backup.ldif
2009-01-23 11:08:29 +0000 - ssh command output:
# no data for entry id=00000001
Obviously it looks like SSH is causing some difficulties, but I'm not sure what exactly.
Anybody any thoughts?