mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opendj3/src/main/docbkx/admin-guide/chap-replication.xml
@@ -176,10 +176,9 @@ <screen>$ dsreplication enable -I admin -w password -X -n -b dc=example,dc=com --adminUID admin --bindPassword password --baseDN dc=example,dc=com --host1 `hostname` --port1 4444 --bindDN1 "cn=Directory Manager" @@ -190,6 +189,8 @@ --bindDN2 "cn=Directory Manager" --bindPassword2 password --replicationPort2 9989 --trustAll --no-prompt Establishing connections ..... Done. Checking registration information ..... Done. @@ -252,12 +253,13 @@ <screen>$ dsreplication initialize-all -I admin -w password -X -n -b dc=example,dc=com -h `hostname` -p 4444 --adminUID admin --bindPassword password --baseDN dc=example,dc=com --hostname `hostname` --port 4444 --trustAll --no-prompt Initializing base DN dc=example,dc=com with the contents from localhost:4444: 160 entries processed (100 % complete). @@ -288,12 +290,13 @@ initialize-all</command> command.</para> <screen>$ dsreplication initialize-all -I admin -w password -X -n -b dc=example,dc=com -h `hostname` -p 4444 --adminUID admin --bindPassword password --baseDN dc=example,dc=com --hostname `hostname` --port 4444 --trustAll --no-prompt Initializing base DN dc=example,dc=com with the contents from localhost:4444: 161 entries processed (100 % complete). Base DN initialized successfully. @@ -324,10 +327,9 @@ <para>Enable replication on the new replica.</para> <screen>$ dsreplication enable -I admin -w password -X -n -b dc=example,dc=com --adminUID admin --bindPassword password --baseDN dc=example,dc=com --host1 `hostname` --port1 4444 --bindDN1 "cn=Directory Manager" @@ -338,6 +340,8 @@ --bindDN2 "cn=Directory Manager" --bindPassword2 password --replicationPort2 10989 --trustAll --no-prompt Establishing connections ..... Done. Checking registration information ..... Done. @@ -374,11 +378,12 @@ <para>Prepare the new replica for initialization.</para> <screen>$ dsreplication pre-external-initialization -I admin -w password -X -n -p 6444 -b dc=example,dc=com --adminUID admin --bindPassword password --port 6444 --baseDN dc=example,dc=com --trustAll --no-prompt Preparing base DN dc=example,dc=com to be initialized externally ..... Done. @@ -398,11 +403,12 @@ <para>Initialize replication on the new replica.</para> <screen>$ dsreplication post-external-initialization -I admin -w password -X -n -p 6444 -b dc=example,dc=com --adminUID admin --bindPassword password --port 6444 --baseDN dc=example,dc=com --trustAll --no-prompt Updating replication information on base DN dc=example,dc=com ..... Done. @@ -431,14 +437,15 @@ <step> <para>Disable the multimaster synchronization provider.</para> <screen>$ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password set-synchronization-provider-prop -X -n --port 5444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --set enabled:false</screen> --set enabled:false --trustAll --no-prompt</screen> <para>Do NOT allow modifications on the replica for which replication is paused, as no record of such changes is kept, and the changes cause replication to diverge.</para> @@ -447,14 +454,15 @@ <para>When you are ready to resume replication, enable the multimaster synchronization provider.</para> <screen>$ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password set-synchronization-provider-prop -X -n --port 5444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --set enabled:true</screen> --set enabled:true --trustAll --no-prompt</screen> </step> </procedure> @@ -470,12 +478,13 @@ command.</para> <screen>$ dsreplication disable -a -p 5444 -h `hostname` -D "cn=Directory Manager" -w password -X -n --disableAll --port 5444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --trustAll --no-prompt Establishing connections ..... Done. Disabling replication on base DN cn=admin data of server localhost:5444 ..... Done. @@ -549,10 +558,9 @@ <option>--onlyReplicationServer</option> options.</para> <screen>$ dsreplication enable -I admin -w password -X -n -b dc=example,dc=com --adminUID admin --bindPassword password --baseDN dc=example,dc=com --host1 `hostname` --port1 4444 --bindDN1 "cn=Directory Manager" @@ -564,6 +572,8 @@ --bindPassword2 password --replicationPort2 8989 --onlyReplicationServer2 --trustAll --no-prompt Establishing connections ..... Done. Only one replication server will be defined for the following base DN's: dc=example,dc=com @@ -591,10 +601,9 @@ $ dsreplication enable -I admin -w password -X -n -b dc=example,dc=com --adminUID admin --bindPassword password --baseDN dc=example,dc=com --host1 `hostname` --port1 5444 --bindDN1 "cn=Directory Manager" @@ -606,6 +615,8 @@ --bindPassword2 password --replicationPort2 8989 --onlyReplicationServer2 --trustAll --no-prompt Establishing connections ..... Done. Only one replication server will be defined for the following base DN's: @@ -641,12 +652,13 @@ <para>Initialize replication from one of the directory servers.</para> <screen>$ dsreplication initialize-all -I admin -w password -X -n -b dc=example,dc=com -h `hostname` -p 4444 --adminUID admin --bindPassword password --baseDN dc=example,dc=com --hostname `hostname` --port 4444 --trustAll --no-prompt Initializing base DN dc=example,dc=com with the contents from localhost:4444: 160 entries processed (100 % complete). @@ -692,47 +704,51 @@ <para>Set the group ID for each group by replication domain on the directory servers.</para> <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password set-replication-domain-prop --port 4444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "MultimasterSynchronization" --domain-name "dc=example,dc=com" --set group-id:1 -X -n --trustAll --no-prompt $ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password set-replication-domain-prop --port 5444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --domain-name "dc=example,dc=com" --set group-id:2 -X -n</screen> --trustAll --no-prompt</screen> </step> <step> <para>Set the group ID for each group on the replication servers.</para> <screen>$ dsconfig -p 6444 -h `hostname` -D "cn=Directory Manager" -w password set-replication-server-prop --port 6444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --set group-id:1 -X -n --trustAll --no-prompt $ dsconfig -p 7444 -h `hostname` -D "cn=Directory Manager" -w password set-replication-server-prop --port 7444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --set group-id:2 -X -n</screen> --trustAll --no-prompt</screen> </step> </procedure> @@ -760,13 +776,14 @@ applications.</para> <screen>$ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password set-global-configuration-prop --port 5444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --set writability-mode:internal-only -X -n</screen> --trustAll --no-prompt</screen> </section> <section xml:id="repl-assured"> @@ -806,28 +823,30 @@ domain, and also set the safe data level.</para> <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password set-replication-domain-prop --port 4444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --domain-name "dc=example,dc=com" --set assured-type:safe-data --set assured-sd-level:1 -X -n --trustAll --no-prompt $ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password set-replication-domain-prop --port 5444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --domain-name "dc=example,dc=com" --set assured-type:safe-data --set assured-sd-level:1 -X -n</screen> --trustAll --no-prompt</screen> </step> </procedure> @@ -842,26 +861,28 @@ domain.</para> <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password set-replication-domain-prop --port 4444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --domain-name "dc=example,dc=com" --set assured-type:safe-read -X -n --trustAll --no-prompt $ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password set-replication-domain-prop --port 5444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --domain-name "dc=example,dc=com" --set assured-type:safe-read -X -n</screen> --trustAll --no-prompt</screen> </step> </procedure> @@ -917,14 +938,15 @@ attributes.</para> <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password set-replication-domain-prop --port 4444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --domain-name "dc=example,dc=com" -X -n --trustAll --no-prompt --set fractional-include:inetorgperson:cn,givenname,mail,mobile,sn,telephonenumber</screen> @@ -932,15 +954,16 @@ <literal>sessionToken</literal> from being replicated.</para> <screen>dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password set-replication-domain-prop --port 4444 --hostname `hostname` --bindDN "cn=Directory Manager" --bindPassword password --provider-name "Multimaster Synchronization" --domain-name "dc=example,dc=com" --set fractional-exclude:*:sessionToken -X -n</screen> --trustAll --no-prompt</screen> <para>This last example only works if you first define a <literal>sessionToken</literal> attribute in the directory server @@ -985,7 +1008,7 @@ the publicly visible data available before any changes have been made.</para> <screen>$ ldapsearch -b cn=changelog -p 1389 "(objectclass=*)" \* + <screen>$ ldapsearch --baseDN cn=changelog --port 1389 "(objectclass=*)" \* + dn: cn=changelog cn: changelog objectClass: top @@ -1023,11 +1046,11 @@ for the last of the two changes.</para> <screen>$ ldapsearch -b cn=changelog -p 1389 -D "cn=Directory Manager" -w password -J "1.3.6.1.4.1.26027.1.5.4:false" --baseDN cn=changelog --port 1389 --bindDN "cn=Directory Manager" --bindPassword password --control "1.3.6.1.4.1.26027.1.5.4:false" "(objectclass=*)" \* + dn: cn=changelog @@ -1095,7 +1118,7 @@ <para>Here the changes are base64 encoded, so you can decode them using the <command>base64</command> command.</para> <screen>$ base64 decode -d b2JqZW...ZmlnCg== <screen>$ base64 decode --encodedData b2JqZW...ZmlnCg== objectClass: person objectClass: top cn: Horace Velmont @@ -1114,11 +1137,11 @@ <para>In this example, a description was added to Babs Jensen's entry.</para> <screen>$ ldapsearch -b cn=changelog -p 1389 -D "cn=Directory Manager" -w password -J "1.3.6.1.4.1.26027.1.5.4:false: --baseDN cn=changelog --port 1389 --bindDN "cn=Directory Manager" --bindPassword password --control "1.3.6.1.4.1.26027.1.5.4:false: dc=example,dc=com:0000013087cbc34a12d100000002;" "(objectclass=*)" \* + @@ -1157,7 +1180,7 @@ <para>If we base64-decode the changes, we see the following.</para> <screen>$ base64 decode -d YWRkO...gotCg== <screen>$ base64 decode --encodedData YWRkO...gotCg== add: description description: A third change -
