Product SiteDocumentation Site

Chapter 8. Managing Replication

8.1. Replication Overview
8.1.1. What Directory Units Are Replicated
8.1.2. Read-Write and Read-Only Replicas
8.1.3. Suppliers and Consumers
8.1.4. Changelog
8.1.5. Replication Identity
8.1.6. Replication Agreement
8.1.7. Replicating Attributes with Fractional Replication
8.1.8. Compatibility with Earlier Versions of Directory Server
8.2. Replication Scenarios
8.2.1. Single-Master Replication
8.2.2. Multi-Master Replication
8.2.3. Cascading Replication
8.3. Creating the Supplier Bind DN Entry
8.4. Configuring Single-Master Replication
8.4.1. Configuring the Read-Write Replica on the Supplier Server
8.4.2. Configuring the Read-Only Replica on the Consumer
8.4.3. Create the Replication Agreement
8.5. Configuring Multi-Master Replication
8.5.1. Configuring the Read-Write Replicas on the Supplier Servers
8.5.2. Configuring the Read-Only Replicas on the Consumer Servers
8.5.3. Setting up the Replication Agreements
8.5.4. Preventing Monopolization of the Consumer in Multi-Master Replication
8.6. Configuring Cascading Replication
8.6.1. Configuring the Read-Write Replica on the Supplier Server
8.6.2. Configuring the Read-Only Replica on the Consumer Server
8.6.3. Configuring the Read-Only Replica on the Hub
8.6.4. Setting up the Replication Agreements
8.7. Configuring Replication from the Command Line
8.7.1. Configuring Suppliers from the Command Line
8.7.2. Configuring Consumers from the Command Line
8.7.3. Configuring Hubs from the Command Line
8.7.4. Configuring Replication Agreements from the Command Line
8.7.5. Initializing Consumers Online from the Command Line
8.8. Making a Replica Updatable
8.9. Deleting the Changelog
8.9.1. Removing the Changelog
8.9.2. Moving the Changelog to a New Location
8.10. Initializing Consumers
8.10.1. When to Initialize a Consumer
8.10.2. Online Consumer Initialization Using the Console
8.10.3. Initializing Consumers Online Using the Command Line
8.10.4. Manual Consumer Initialization Using the Command Line
8.10.5. Filesystem Replica Initialization
8.11. Forcing Replication Updates
8.11.1. Forcing Replication Updates from the Console
8.11.2. Forcing Replication Updates from the Command-Line
8.12. Replicating Account Lockout Attributes
8.12.1. Configuring Directory Server to Replicate Password Policy Attributes
8.12.2. Configuring Fractional Replication for Password Policy Attributes
8.13. Replication over SSL
8.14. Replicating o=NetscapeRoot for Administration Server Failover
8.15. Replication with Earlier Releases
8.16. Using the Retro Changelog Plug-in
8.16.1. Enabling the Retro Changelog Plug-in
8.16.2. Trimming the Retro Changelog
8.16.3. Searching and Modifying the Retro Changelog
8.16.4. Retro Changelog and the Access Control Policy
8.17. Monitoring Replication Status
8.17.1. Monitoring Replication Status from the Directory Server Console
8.17.2. Monitoring Replication Status from Administration Express
8.18. Solving Common Replication Conflicts
8.18.1. Solving Naming Conflicts
8.18.2. Solving Orphan Entry Conflicts
8.18.3. Solving Potential Interoperability Problems
8.19. Troubleshooting Replication-Related Problems
Replication is the mechanism by which directory data is automatically copied from one Red Hat Directory Server instance to another; it is an important mechanism for extending the directory service beyond a single server configuration. This chapter describes the tasks to be performed on the master and consumer servers to set up single-master replication, multi-master replication, and cascading replication.

8.1. Replication Overview

Replication is the mechanism by which directory data is automatically copied from one Directory Server to another. Updates of any kind — entry additions, modifications, or even deletions — are automatically mirrored to other Directory Servers using replication. This section contains information on the following replication concepts:

8.1.5. Replication Identity

When replication occurs between two servers, the replication process uses a special entry, called the replication manager entry, to identify replication protocol exchanges and to control access to the directory data. The replication manager entry, or any entry used during replication, must meet the following criteria:
  • It is created on the consumer server (or hub) and not on the supplier server.
  • Create this entry on every server that receives updates from another server, meaning on every hub or dedicated consumer.
  • When a replica is configured as a consumer or hub (a replica which receives updates from another server), this entry must be specified as the one authorized to perform replication updates.
  • The replication agreement is created on the supplier server, the DN of this entry must be specified in the replication agreement.
  • The supplier bind DN entry must not be part of the replicated database for security reasons.
  • This entry, with its special user profile, bypasses all access control rules defined on the consumer server for the database involved in that replication agreement.

NOTE

In the Directory Server Console, this replication manager entry is referred to as the supplier bind DN, which may be misleading because the entry does not actually exist on the supplier server. It is called the supplier bind DN because it is the entry which the supplier uses to bind to the consumer. This entry actually exists, then, on the consumer.