-
Notifications
You must be signed in to change notification settings - Fork 148
Configuring DS Replication
Endi S. Dewata edited this page Nov 22, 2021
·
6 revisions
To create replication manager on the master:
$ ldapadd -h master.example.com -x -D "cn=Directory Manager" -w Secret.123 << EOF dn: ou=csusers,cn=config objectClass: top objectClass: organizationalUnit ou: csusers dn: cn=Replication Manager masterAgreement1-replica.example.com-pki-tomcat,ou=csusers,cn=config objectClass: top objectClass: person cn: Replication Manager masterAgreement1-replica.example.com-pki-tomcat sn: manager userPassword: <password> EOF
To create replication manager on the replica:
$ ldapadd -h replica.example.com -x -D "cn=Directory Manager" -w Secret.123 << EOF dn: ou=csusers,cn=config objectClass: top objectClass: organizationalUnit ou: csusers dn: cn=Replication Manager cloneAgreement1-replica.example.com-pki-tomcat,ou=csusers,cn=config objectClass: top objectClass: person cn: Replication Manager cloneAgreement1-replica.example.com-pki-tomcat sn: manager userPassword: <password> EOF
To create replica object on the master:
$ ldapadd -h master.example.com -x -D "cn=Directory Manager" -w Secret.123 dn: cn=replica,cn=\"dc=ca,dc=pki,dc=example,dc=com\",cn=mapping tree,cn=config objectclass: top objectclass: nsDS5Replica objectclass: extensibleobject cn: replica nsDS5ReplicaRoot: dc=ca,dc=pki,dc=example,dc=com nsDS5ReplicaType: 3 nsDS5ReplicaBindDN: cn=Replication Manager masterAgreement1-replica.example.com-pki-tomcat,ou=csusers,cn=config nsDS5ReplicaId: <replica ID> nsds5flags: 1
To create replica object on the replica:
$ ldapadd -h replica.example.com -x -D "cn=Directory Manager" -w Secret.123 dn: cn=replica,cn=\"dc=ca,dc=pki,dc=example,dc=com\",cn=mapping tree,cn=config objectclass: top objectclass: nsDS5Replica objectclass: extensibleobject cn: replica nsDS5ReplicaRoot: dc=ca,dc=pki,dc=example,dc=com nsDS5ReplicaType: 3 nsDS5ReplicaBindDN: cn=Replication Manager cloneAgreement1-replica.example.com-pki-tomcat,ou=csusers,cn=config nsDS5ReplicaId: <replica ID> nsds5flags: 1
To create replication agreement on the master:
$ ldapadd -h master.example.com -x -D "cn=Directory Manager" -w Secret.123 dn: cn=masterAgreement1-replica.example.com-pki-tomcat,cn=replica,cn=\"dc=ca,dc=pki,dc=example,dc=com\",cn=mapping tree,cn=config objectClass: top objectClass: nsds5replicationagreement cn: masterAgreement1-replica.example.com-pki-tomcat nsDS5ReplicaRoot: dc=ca,dc=pki,dc=example,dc=com nsDS5ReplicaHost: replica.example.com nsDS5ReplicaPort: 389 nsDS5ReplicaBindDN: cn=Replication Manager cloneAgreement1-replica.example.com-pki-tomcat,ou=csusers,cn=config nsDS5ReplicaBindMethod: Simple nsds5replicacredentials: <password> nsDS5ReplicaTransportInfo: <SSL|TLS> description: masterAgreement1-replica.example.com-pki-tomcat
To create replication agreement on the replica:
$ ldapadd -h replica.example.com -x -D "cn=Directory Manager" -w Secret.123 dn: cn=cloneAgreement1-replica.example.com-pki-tomcat,cn=replica,cn=\"dc=ca,dc=pki,dc=example,dc=com\",cn=mapping tree,cn=config objectClass: top objectClass: nsds5replicationagreement cn: cloneAgreement1-replica.example.com-pki-tomcat nsDS5ReplicaRoot: dc=ca,dc=pki,dc=example,dc=com nsDS5ReplicaHost: master.example.com nsDS5ReplicaPort: 389 nsDS5ReplicaBindDN: cn=Replication Manager cloneAgreement1-replica.example.com-pki-tomcat,ou=csusers,cn=config nsDS5ReplicaBindMethod: Simple nsds5replicacredentials: <password> nsDS5ReplicaTransportInfo: <SSL|TLS> description: cloneAgreement1-replica.example.com-pki-tomcat
To initialize the replication:
$ ldapmodify -h master.example.com -x -D "cn=Directory Manager" -w Secret.123 dn: cn=masterAgreement1-replica.example.com-pki-tomcat,cn=replica,cn=\"dc=ca,dc=pki,dc=example,dc=com\",cn=mapping tree,cn=config changetype: modify replace: nsds5beginreplicarefresh nsds5beginreplicarefresh: start
To check the replication status:
$ ldapsearch -h master.example.com -b "cn=masterAgreement1-replica.example.com-pki-tomcat,cn=replica,cn="dc=ca,dc=pki,dc=example,dc=com",cn=mapping tree,cn=config" -s base "(objectclass=*)" nsds5beginreplicarefresh dn: cn=masterAgreement1-replica.example.com-pki-tomcat,cn=replica,cn="dc=ca,dc=pki,dc=example,dc=com",cn=mapping tree,cn=config nsds5beginreplicarefresh: nsds5replicalastinitstatus:
|
Tip
|
To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis. |