PingDirectory

What happens when you enable replication

The dsreplication enable subcommand is used to set up replication. The enable subcommand carries out the following functions:

  • If it does not already exist, the global administrator user is created. The global administrator user has all the rights and privileges to update replication-related configuration objects. Most dsreplication subcommands require the global administrator.

  • The server instances are registered in the cn=topology,cn=config tree. The registration includes basic host name, port information, and the public key used during the replication authentication process.

    If both servers are already participating in replication, the cn=topology,cn=config is merged to retain the server information from existing topologies.

  • The embedded replication server is enabled. Servers already in replication see their replication server configuration updated with the information of the new replication server.

  • A replication domain is created for the requested base distinguished names (DNs). If the first base DN is enabled, the replication domains for two additional base DNs are also enabled: cn=topology,cn=config and cn=schema.

  • Initialization for the cn=schema base DN is executed. This ensures that a uniform schema is present in the replication topology.

  • Initialization must be performed for the enabled base DNs.

The dsreplication enable subcommand removes all existing topology administrative users except for the default uid=admin that is provided to enable replication. Administrative users must be re-added after enabling replication.