<?xml version="1.0" encoding="utf-8"?>
|
<!--
|
! CDDL HEADER START
|
!
|
! The contents of this file are subject to the terms of the
|
! Common Development and Distribution License, Version 1.0 only
|
! (the "License"). You may not use this file except in compliance
|
! with the License.
|
!
|
! You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
|
! or http://forgerock.org/license/CDDLv1.0.html.
|
! See the License for the specific language governing permissions
|
! and limitations under the License.
|
!
|
! When distributing Covered Code, include this CDDL HEADER in each
|
! file and include the License file at legal-notices/CDDLv1_0.txt.
|
! If applicable, add the following below this CDDL HEADER, with the
|
! fields enclosed by brackets "[]" replaced with your own identifying
|
! information:
|
! Portions Copyright [yyyy] [name of copyright owner]
|
!
|
! CDDL HEADER END
|
!
|
!
|
! Copyright 2007-2010 Sun Microsystems, Inc.
|
! Portions Copyright 2011-2013 ForgeRock AS
|
! -->
|
<adm:managed-object name="replication-domain"
|
plural-name="replication-domains"
|
package="org.opends.server.admin.std"
|
xmlns:adm="http://www.opends.org/admin"
|
xmlns:ldap="http://www.opends.org/admin-ldap">
|
<adm:synopsis>
|
A
|
<adm:user-friendly-name />
|
comprises of several Directory Servers sharing the same synchronized
|
set of data.
|
</adm:synopsis>
|
<adm:tag name="replication" />
|
<adm:profile name="ldap">
|
<ldap:object-class>
|
<ldap:name>ds-cfg-replication-domain</ldap:name>
|
<ldap:superior>top</ldap:superior>
|
</ldap:object-class>
|
</adm:profile>
|
<adm:relation name="external-changelog-domain">
|
<adm:one-to-one />
|
<adm:profile name="ldap">
|
<ldap:rdn-sequence>
|
cn=External ChangeLog
|
</ldap:rdn-sequence>
|
</adm:profile>
|
</adm:relation>
|
<adm:property name="replication-server" multi-valued="true"
|
mandatory="true">
|
<adm:synopsis>
|
Specifies the addresses of the Replication Servers within the
|
<adm:user-friendly-name />
|
to which the directory server should try to connect at startup
|
time.
|
</adm:synopsis>
|
<adm:description>
|
Addresses must be specified using the syntax: hostname:port
|
</adm:description>
|
<adm:syntax>
|
<adm:string>
|
<adm:pattern>
|
<adm:regex>^.+:[0-9]+$</adm:regex>
|
<adm:usage>HOST:PORT</adm:usage>
|
<adm:synopsis>
|
A host name followed by a ":" and a port number.
|
</adm:synopsis>
|
</adm:pattern>
|
</adm:string>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-replication-server</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="server-id" mandatory="true" read-only="true">
|
<adm:synopsis>
|
Specifies a unique identifier for the directory server within the
|
<adm:user-friendly-name />.
|
</adm:synopsis>
|
<adm:description>
|
Each directory server within the same
|
<adm:user-friendly-name />
|
must have a different server ID. A directory server which is a
|
member of multiple
|
<adm:user-friendly-plural-name />
|
may use the same server ID for each of its
|
<adm:user-friendly-name />
|
configurations.
|
</adm:description>
|
<adm:syntax>
|
<adm:integer lower-limit="1" upper-limit="65535"></adm:integer>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-server-id</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="base-dn" mandatory="true" read-only="true">
|
<adm:synopsis>
|
Specifies the base DN of the replicated data.
|
</adm:synopsis>
|
<adm:syntax>
|
<adm:dn />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-base-dn</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="window-size" advanced="true">
|
<adm:synopsis>
|
Specifies the window size that the directory server will use when
|
communicating with Replication Servers.
|
</adm:synopsis>
|
<adm:description>
|
This option may be deprecated and removed in future releases.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>100000</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:integer />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-window-size</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="heartbeat-interval">
|
<adm:synopsis>
|
Specifies the heart-beat interval that the directory server will
|
use when communicating with Replication Servers.
|
</adm:synopsis>
|
<adm:description>
|
The directory server expects a regular heart-beat coming from
|
the Replication Server within the specified interval. If a
|
heartbeat is not received within the interval, the Directory
|
Server closes its connection and connects to another
|
Replication Server.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>10000ms</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:duration base-unit="ms" lower-limit="100" />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-heartbeat-interval</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="changetime-heartbeat-interval" advanced="true">
|
<adm:synopsis>
|
Specifies the heart-beat interval that the directory server will
|
use when sending its local change time to the Replication Server.
|
</adm:synopsis>
|
<adm:description>
|
The directory server sends a regular heart-beat to the Replication
|
within the specified interval. The heart-beat indicates the
|
change time of the directory server to the Replication Server.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>1000ms</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:duration base-unit="ms" lower-limit="0" />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-changetime-heartbeat-interval</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="isolation-policy">
|
<adm:synopsis>
|
Specifies the behavior of the directory server if a write
|
operation is attempted on the data within the
|
<adm:user-friendly-name />
|
when none of the configured Replication Servers are available.
|
</adm:synopsis>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>reject-all-updates</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:enumeration>
|
<adm:value name="accept-all-updates">
|
<adm:synopsis>
|
Indicates that updates should be accepted even though it is
|
not possible to send them to any Replication Server. Best
|
effort is made to re-send those updates to a
|
Replication Servers when one of them is available, however
|
those changes are at risk because they are only
|
available from the historical information. This mode can
|
also introduce high replication latency.
|
</adm:synopsis>
|
</adm:value>
|
<adm:value name="reject-all-updates">
|
<adm:synopsis>
|
Indicates that all updates attempted on this
|
<adm:user-friendly-name />
|
are rejected when no Replication Server is available.
|
</adm:synopsis>
|
</adm:value>
|
</adm:enumeration>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-isolation-policy</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="assured-type" mandatory="false">
|
<adm:synopsis>
|
Defines the assured replication mode of the replicated domain.
|
</adm:synopsis>
|
<adm:description>
|
The assured replication can be disabled or enabled. When enabled, two
|
modes are available: Safe Data or Safe Read modes.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>not-assured</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:enumeration>
|
<adm:value name="not-assured">
|
<adm:synopsis>
|
Assured replication is not enabled. Updates sent for replication
|
(for being replayed on other LDAP servers in the topology) are sent
|
without waiting for any acknowledgment and the LDAP client call
|
returns immediately.
|
</adm:synopsis>
|
</adm:value>
|
<adm:value name="safe-data">
|
<adm:synopsis>
|
Assured replication is enabled in Safe Data mode: updates sent for
|
replication are subject to acknowledgment from the replication
|
servers that have the same group ID as the local server (defined
|
with the group-id property). The number of acknowledgments to expect
|
is defined by the assured-sd-level property. After acknowledgments
|
are received, LDAP client call returns.
|
</adm:synopsis>
|
</adm:value>
|
<adm:value name="safe-read">
|
<adm:synopsis>
|
Assured replication is enabled in Safe Read mode: updates sent for
|
replication are subject to acknowledgments from the LDAP servers in
|
the topology that have the same group ID as the local server
|
(defined with the group-id property). After acknowledgments are
|
received, LDAP client call returns.
|
</adm:synopsis>
|
</adm:value>
|
</adm:enumeration>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-assured-type</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="assured-sd-level" mandatory="false">
|
<adm:synopsis>
|
The level of acknowledgment for Safe Data assured sub mode.
|
</adm:synopsis>
|
<adm:description>
|
When assured replication is configured in Safe Data mode, this value
|
defines the number of replication servers (with the same group ID of the
|
local server) that should acknowledge the sent update before the LDAP
|
client call can return.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>1</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:integer lower-limit="1" upper-limit="127"></adm:integer>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-assured-sd-level</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="assured-timeout" mandatory="false">
|
<adm:synopsis>
|
The timeout value when waiting for assured replication acknowledgments.
|
</adm:synopsis>
|
<adm:description>
|
Defines the amount of milliseconds the server will wait for assured
|
acknowledgments (in either Safe Data or Safe Read assured replication
|
modes) before returning anyway the LDAP client call.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>2000ms</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:duration base-unit="ms" lower-limit="1" />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-assured-timeout</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="group-id" mandatory="false">
|
<adm:synopsis>
|
The group ID associated with this replicated domain.
|
</adm:synopsis>
|
<adm:description>
|
This value defines the group ID of the replicated domain. The replication
|
system will preferably connect and send updates to replicate to a
|
replication server with the same group ID as its own one (the local server
|
group ID).
|
</adm:description>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>1</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:integer lower-limit="1" upper-limit="127"></adm:integer>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-group-id</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="referrals-url" multi-valued="true" mandatory="false">
|
<adm:synopsis>
|
The URLs other LDAP servers should use to refer to the local server.
|
</adm:synopsis>
|
<adm:description>
|
URLs used by peer servers in the topology to refer to the local server
|
through LDAP referrals. If this attribute is not defined, every URLs
|
available to access this server will be used. If defined, only URLs
|
specified here will be used.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:undefined/>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:string>
|
<adm:pattern>
|
<adm:regex>^[lL][dD][aA][pP][sS]?://.+$</adm:regex>
|
<adm:usage>LDAP URL</adm:usage>
|
<adm:synopsis>
|
A LDAP URL compliant with RFC 2255.
|
</adm:synopsis>
|
</adm:pattern>
|
</adm:string>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-referrals-url</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="fractional-include" multi-valued="true" mandatory="false">
|
<adm:synopsis>
|
Allows to include some attributes to replicate to this server.
|
</adm:synopsis>
|
<adm:description>
|
If fractional-include configuration attribute is used, only attributes
|
specified in this attribute will be added/modified/deleted when an
|
operation performed from another directory server is being replayed in the
|
local server. Note that the usage of this configuration attribute is
|
mutually exclusive with the usage of the fractional-exclude attribute.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:undefined/>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:string>
|
<adm:pattern>
|
<!-- This java regex is mostly derived from keystring BNF definition
|
that can be found in RFC 2252, section "4.1. Common Encoding Aspects".
|
This can be read as: (oid|\*):oid(,oid)*+
|
-->
|
<adm:regex>^((([a-zA-Z]([a-zA-Z]|[0-9]|-|;)*+)|(0|([1-9]([0-9])*+))(\\.(0|([1-9]([0-9])*+)))*+)|\\*):(([a-zA-Z]([a-zA-Z]|[0-9]|-|;)*+)|(0|([1-9]([0-9])*+))(\\.(0|([1-9]([0-9])*+)))*+)(,(([a-zA-Z]([a-zA-Z]|[0-9]|-|;)*+)|(0|([1-9]([0-9])*+))(\\.(0|([1-9]([0-9])*+)))*+))*+$</adm:regex>
|
<adm:usage>OC:AT[,...,AT]</adm:usage>
|
<adm:synopsis>
|
The name of one or more attribute types in the named object class to
|
be included. The object class may be "*" indicating that the
|
attribute type(s) should be included regardless of the type of entry
|
they belong to.
|
</adm:synopsis>
|
</adm:pattern>
|
</adm:string>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-fractional-include</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="fractional-exclude" multi-valued="true" mandatory="false">
|
<adm:synopsis>
|
Allows to exclude some attributes to replicate to this server.
|
</adm:synopsis>
|
<adm:description>
|
If fractional-exclude configuration attribute is used, attributes
|
specified in this attribute will be ignored (not added/modified/deleted)
|
when an operation performed from another directory server is being
|
replayed in the local server. Note that the usage of this configuration
|
attribute is mutually exclusive with the usage of the fractional-include
|
attribute.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:undefined/>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:string>
|
<adm:pattern>
|
<!-- This java regex is mostly derived from keystring BNF definition
|
that can be found in RFC 2252, section "4.1. Common Encoding Aspects".
|
This can be read as: (oid|\*):oid(,oid)*+
|
-->
|
<adm:regex>^((([a-zA-Z]([a-zA-Z]|[0-9]|-|;)*+)|(0|([1-9]([0-9])*+))(\\.(0|([1-9]([0-9])*+)))*+)|\\*):(([a-zA-Z]([a-zA-Z]|[0-9]|-|;)*+)|(0|([1-9]([0-9])*+))(\\.(0|([1-9]([0-9])*+)))*+)(,(([a-zA-Z]([a-zA-Z]|[0-9]|-|;)*+)|(0|([1-9]([0-9])*+))(\\.(0|([1-9]([0-9])*+)))*+))*+$</adm:regex>
|
<adm:usage>OC:AT[,...,AT]</adm:usage>
|
<adm:synopsis>
|
The name of one or more attribute types in the named object class to
|
be excluded. The object class may be "*" indicating that the
|
attribute type(s) should be excluded regardless of the type of entry
|
they belong to.
|
</adm:synopsis>
|
</adm:pattern>
|
</adm:string>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-fractional-exclude</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="solve-conflicts" advanced="true">
|
<adm:synopsis>
|
Indicates if this server solves conflict.
|
</adm:synopsis>
|
<adm:description>
|
This boolean indicates if this domain keeps the historical information
|
necessary to solve conflicts.
|
When set to false the server will not maintain historical information
|
and will therefore not be able to solve conflict. This should therefore
|
be done only if the replication is used in a single master type
|
of deployment.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>true</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:boolean />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-solve-conflicts</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="log-changenumber" advanced="false">
|
<adm:synopsis>
|
Indicates if this server logs the ChangeNumber in access log.
|
</adm:synopsis>
|
<adm:description>
|
This boolean indicates if the domain should log the ChangeNumber
|
of replicated operations in the access log.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>false</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:boolean />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-log-changenumber</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="initialization-window-size">
|
<adm:synopsis>
|
Specifies the window size that this directory server may use when
|
communicating with remote Directory Servers for initialization.
|
</adm:synopsis>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>100</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:integer />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-initialization-window-size</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="conflicts-historical-purge-delay">
|
<adm:synopsis>
|
This delay indicates the time (in minutes) the domain keeps the historical
|
information necessary to solve conflicts.When a change stored in the
|
historical part of the user entry has a date (from its replication ChangeNumber)
|
older than this delay, it is candidate to be purged.
|
The purge is applied on 2 events: modify of the entry, dedicated purge task.
|
</adm:synopsis>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>1440m</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:duration base-unit="m" allow-unlimited="false" />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-conflicts-historical-purge-delay</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
</adm:managed-object>
|
