--- title: Replication Service Discovery Mechanism description: A Replication Service Discovery Mechanism returns the set of directory servers participating in a replication topology. component: pingds version: 8.1 page_id: pingds:configref:objects-replication-service-discovery-mechanism canonical_url: https://docs.pingidentity.com/pingds/8.1/configref/objects-replication-service-discovery-mechanism.html section_ids: parent: Parent dependencies: Dependencies replication_service_discovery_mechanism_properties: Replication Service Discovery Mechanism properties basic_properties: Basic properties bind-dn: bind-dn bind-password: bind-password bootstrap-replication-server: bootstrap-replication-server discovery-interval: discovery-interval key-manager-provider: key-manager-provider primary-group-id: primary-group-id ssl-cert-nickname: ssl-cert-nickname ssl-cipher-suite: ssl-cipher-suite ssl-protocol: ssl-protocol trust-manager-provider: trust-manager-provider use-sasl-external: use-sasl-external use-ssl: use-ssl use-start-tls: use-start-tls advanced_properties: Advanced properties java-class: java-class --- # Replication Service Discovery Mechanism A Replication Service Discovery Mechanism returns the set of directory servers participating in a replication topology. The Replication Service Discovery Mechanism specifies the replication servers whose configuration is periodically read to discover available replicas. ## Parent The Replication Service Discovery Mechanism object inherits from [Service Discovery Mechanism](objects-service-discovery-mechanism.html). ## Dependencies Replication Service Discovery Mechanisms depend on the following objects: * [Key Manager Provider](objects-key-manager-provider.html) * [Trust Manager Provider](objects-trust-manager-provider.html) ## Replication Service Discovery Mechanism properties You can use configuration expressions to set property values at startup time. For details, see [Property value substitution](expressions.html). | Basic Properties | Advanced Properties | | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | | [bind-dn](#bind-dn) [bind-password](#bind-password) [bootstrap-replication-server](#bootstrap-replication-server) [discovery-interval](#discovery-interval) [key-manager-provider](#key-manager-provider) [primary-group-id](#primary-group-id) [ssl-cert-nickname](#ssl-cert-nickname) [ssl-cipher-suite](#ssl-cipher-suite) [ssl-protocol](#ssl-protocol) [trust-manager-provider](#trust-manager-provider) [use-sasl-external](#use-sasl-external) [use-ssl](#use-ssl) [use-start-tls](#use-start-tls) | [java-class](#java-class) | ### Basic properties Use the `--advanced` option to access advanced properties. ### bind-dn | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | The bind DN for periodically reading replication server configurations | | *Description* | The bind DN must be present on all replication servers and directory servers, it must be able to read the server configuration. | | *Default value* | None | | *Allowed values* | A valid DN. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### bind-password | | | | ----------------------- | ---------------------------------------------------------------------------------------- | | *Synopsis* | The clear-text bind password for periodically reading replication server configurations. | | *Description* | The bind password must be the same on all replication and directory servers. | | *Default value* | None | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### bootstrap-replication-server | | | | ----------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | The addresses of one or more replication servers within the topology which this server should connect to in order to discover the rest of the topology. | | *Description* | Addresses must be specified using the administration port of the remote replication servers using the syntax "hostname:admin-port". When using an IPv6 address as the hostname, put brackets around the address as in "\[IPv6Address]:admin-port". | | *Default value* | None | | *Allowed values* | A host name or an IP address followed by a ":" and a port number.Port number must be greater than 1 and less than 65535. | | *Multi-valued* | Yes | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### discovery-interval | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | | *Synopsis* | Interval between two replication server configuration discovery queries. | | *Description* | Specifies how frequently to query a replication server configuration in order to discover information about available directory server replicas. | | *Default value* | 60s | | *Allowed values* | Uses [duration syntax](duration-syntax.html).Lower limit: 1 seconds. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### key-manager-provider | | | | ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the name of the key manager that should be used with this Replication Service Discovery Mechanism. | | *Default value* | None | | *Allowed values* | The name of an existing [key-manager-provider](objects-key-manager-provider.html).The referenced key manager provider must be enabled when the Replication Service Discovery Mechanism is enabled and configured to use SASL/External certificate authentication. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | NoneChanges to this property take effect immediately, but only for subsequent attempts to access the key manager provider for associated client connections. | | *Advanced* | No | | *Read-only* | No | ### primary-group-id | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | *Synopsis* | Replication domain group ID of preferred directory server replicas. | | *Description* | Directory server replicas with this replication domain group ID will be preferred over other directory server replicas. Secondary server replicas will only be used when all primary server replicas become unavailable. | | *Default value* | All the server replicas will be treated the same. | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### ssl-cert-nickname | | | | ----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the nicknames (also called the aliases) of the keys or key pairs that the Replication Service Discovery Mechanism should use when performing SSL communication. | | *Description* | The property can be used multiple times (referencing different nicknames) when server certificates with different public key algorithms are used in parallel (for example, RSA, DSA, and ECC-based algorithms). When a nickname refers to an asymmetric (public/private) key pair, the nickname for the public key certificate and associated private key entry must match exactly. A single nickname is used to retrieve both the public key and the private key. This is only applicable when the Replication Service Discovery Mechanism is configured to use SSL. | | *Default value* | Let the server decide. | | *Allowed values* | A string. | | *Multi-valued* | Yes | | *Required* | No | | *Admin action required* | The object must be disabled and re-enabled for changes to take effect. | | *Advanced* | No | | *Read-only* | No | ### ssl-cipher-suite | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the names of the SSL cipher suites that are allowed for use in SSL or TLS communication. | | *Default value* | Uses the default set of SSL cipher suites provided by the server's JVM. | | *Allowed values* | A string. | | *Multi-valued* | Yes | | *Required* | No | | *Admin action required* | NoneChanges to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change. | | *Advanced* | No | | *Read-only* | No | ### ssl-protocol | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the names of the SSL protocols that are allowed for use in SSL or TLS communication. | | *Default value* | Uses the default set of SSL protocols provided by the server's JVM. | | *Allowed values* | A string. | | *Multi-valued* | Yes | | *Required* | No | | *Admin action required* | NoneChanges to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change. | | *Advanced* | No | | *Read-only* | No | ### trust-manager-provider | | | | ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the name of the trust manager that should be used with the Replication Service Discovery Mechanism. | | *Default value* | None | | *Allowed values* | The name of an existing [trust-manager-provider](objects-trust-manager-provider.html).The referenced trust manager provider must be enabled when this Replication Service Discovery Mechanism is configured to use SSL or StartTLS. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | NoneChanges to this property take effect immediately, but only for subsequent attempts to access the trust manager provider for associated client connections. | | *Advanced* | No | | *Read-only* | No | ### use-sasl-external | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | *Synopsis* | Indicates whether the Replication Service Discovery Mechanism should use certificate based authentication when communicating with backend servers. | | *Description* | If enabled, the Replication Service Discovery Mechanism will use mutual TLS when connecting to backend servers. Once the TLS handshake has completed, a SASL/External LDAP bind request will be sent in order to associate the TLS client certificate with an LDAP account on the remote backend server. A key manager provider containing the client certificate must be configured in order to use this feature. | | *Default value* | false | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | The object must be disabled and re-enabled for changes to take effect. | | *Advanced* | No | | *Read-only* | No | ### use-ssl | | | | ----------------------- | --------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Indicates whether the Replication Service Discovery Mechanism should use SSL. | | *Description* | If enabled, the Replication Service Discovery Mechanism will use SSL to encrypt communication with the clients. | | *Default value* | false | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | The object must be disabled and re-enabled for changes to take effect. | | *Advanced* | No | | *Read-only* | No | ### use-start-tls | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------ | | *Synopsis* | Indicates whether the Replication Service Discovery Mechanism should use Start TLS. | | *Description* | If enabled, the Replication Service Discovery Mechanism will use Start TLS to encrypt communication with remote servers. | | *Default value* | false | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | The object must be disabled and re-enabled for changes to take effect. | | *Advanced* | No | | *Read-only* | No | ## Advanced properties Use the `--advanced` option to access advanced properties. ### java-class | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------ | | *Synopsis* | Specifies the fully-qualified name of the Java class that provides the Replication Service Discovery Mechanism implementation. | | *Default value* | org.opends.server.discovery.ReplicationServiceDiscoveryMechanism | | *Allowed values* | A Java class that extends or implements:- org.opends.server.discovery.ServiceDiscoveryMechanism | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | The object must be disabled and re-enabled for changes to take effect. | | *Advanced* | Yes | | *Read-only* | No |