This example illustrates configuring a variety of assured replication policies. In practice it's common for all servers to have the same policy. The following example assumes that three servers are configured on localhost, on ports 1389, 2389 and 3389. Note that each server has a default Replication Assurance Policy with no assurance levels set.

  1. On server 1, use dsconfig to create request criteria for add operations. This request criteria will be used to match any add operation with the Replication Assurance Policy that will be configured in the next step.
    $ bin/dsconfig create-request-criteria \
      --criteria-name Adds \
      --type simple \
      --set operation-type:add
  2. On server 1, set up the Replication Assurance Policy to make all add operations assured with a level of processed-all-servers, which indicates that all local servers in the topology must complete replay of the replication update before the response is sent to the client. Specify the Adds request criteria configured in the previous step.
    $ bin/dsconfig create-replication-assurance-policy \
      --policy-name "Adds Processed All Locally" \
      --set evaluation-order-index:1 \
      --set local-level:processed-all-servers \
      --set "timeout:500ms" \
      --set request-criteria:Adds
  3. On server 1, repeat the previous two steps for modify operations. The Replication Assurance Policy "Mods Received Any Locally" ensures that at least one available local server must receive a replication modify update before a response is sent to the client.
    $ bin/dsconfig create-request-criteria \
      --criteria-name Mods \
      --type simple \
      --set operation-type:modify
    
    $ bin/dsconfig create-replication-assurance-policy \
      --policy-name "Mods Received Any Locally" \
      --set evaluation-order-index:2 \
      --set local-level:received-any-server \
      --set "timeout:500ms" \
      --set request-criteria:Mods
  4. On server 2, repeat steps 1-3 to set up the Adds and Mods request criteria and its respective Replication Assurance Policy.
    $ bin/dsconfig create-request-criteria \
      --criteria-name Adds \
      --type simple \
      --set operation-type:add
    
    $ bin/dsconfig create-request-criteria \
      --criteria-name Mods \
      --type simple \
      --set operation-type:modify
    
    $ bin/dsconfig create-replication-assurance-policy \
      --policy-name "Adds Received Any Locally" \
      --set evaluation-order-index:1 \
      --set local-level:received-any-server \
      --set "timeout:500ms" \
      --set request-criteria:Adds
    
    $ bin/dsconfig create-replication-assurance-policy \
      --policy-name "Mods Processed All Locally" \
      --set evaluation-order-index:2 \
      --set local-level:processed-all-servers \
      --set "timeout:500ms" \
      --set request-criteria:Mods
  5. Leave server 3 with the default Replication Assurance Policy configured with no assurance levels or criteria. In practice it is common for all servers to have the same assurance levels or criteria.
  6. On server 1, list the policies on the server using the dsconfig command to confirm that they exist on the server.
    $ bin/dsconfig list-replication-assurance-policies
  7. Repeat the previous step on server 2 and server 3. Server 3 should only show the Default Replication Assurance Policy.
  8. Check the Replication Assurance counters on all servers before any add or modify operation using ldapsearch. They should be set to zero. These counters are on the replica server, which is where the policy is matched and assigned. On server 1, run the following command:
    $ bin/ldapsearch --baseDN "cn=Replica dc_example_dc_com,cn=monitor" \
      "(objectclass=*)" | grep replication-assurance
    
    replication-assurance-local-completed-normally: 0
    replication-assurance-local-completed-abnormally: 0
    replication-assurance-local-completed-with-timeout: 0
    replication-assurance-local-completed-with-shutdown: 0
    replication-assurance-local-completed-with-unavailable-server: 0
    replication-assurance-remote-completed-normally: 0
    replication-assurance-remote-completed-abnormally: 0
    replication-assurance-remote-completed-with-timeout: 0
    replication-assurance-remote-completed-with-shutdown: 0
    replication-assurance-remote-completed-with-unavailable-server: 0
  9. Check the Replication Summary table on all of the servers. For example, on server 1, run the following command:
    $ bin/ldapsearch --baseDN "cn=Replication Summary dc_example_dc_com,cn=monitor" \
      "(objectclass=*)" | grep replication-assurance
    
    replication-assurance-submitted-operations: 0
    replication-assurance-local-completed-normally: 0
    replication-assurance-local-completed-abnormally: 0
    replication-assurance-local-completed-with-timeout: 0
    replication-assurance-local-completed-with-shutdown: 0
    replication-assurance-local-completed-with-unavailable-server: 0
    replication-assurance-remote-completed-normally: 0
    replication-assurance-remote-completed-abnormally: 0
    replication-assurance-remote-completed-with-timeout: 0
    replication-assurance-remote-completed-with-shutdown: 0
    replication-assurance-remote-completed-with-unavailable-server: 0
  10. Add an entry to the server 1 Directory Server. Check that the counters matched the newly added entry to the "Adds Processed All Locally" Policy and that it completed assured.
    $ bin/ldapmodify --filename add-user.ldif --defaultAdd
    
    $ bin/ldapsearch --baseDN "cn=Replica dc_example_dc_com,cn=monitor" \
      "(objectclass=*)" | grep replication-assurance
    
    replication-assurance-submitted-operations: 1
    replication-assurance-local-completed-normally: 1
    replication-assurance-local-completed-abnormally: 0
    replication-assurance-local-completed-with-timeout: 0
    replication-assurance-local-completed-with-shutdown: 0
    replication-assurance-local-completed-with-unavailable-server: 0
    replication-assurance-remote-completed-normally: 0
    replication-assurance-remote-completed-abnormally: 0
    replication-assurance-remote-completed-with-timeout: 0
    replication-assurance-remote-completed-with-shutdown: 0
    replication-assurance-remote-completed-with-unavailable-server: 0
    replication-assurance-policy-matches: Adds Processed All Locally: 1
    replication-assurance-policy-matches: Default Replication Assurance Policy: 0
    replication-assurance-policy-matches: Mods Received Any Locally: 0
    replication-assurance-local-level-uses: processed-all-servers: 1
    replication-assurance-remote-level-uses: none: 1
    
    $ bin/ldapsearch --baseDN "cn=Replication Summary dc_example_dc_com,cn=monitor" \
      "(objectclass=*)" | grep replication-assurance
    
    replication-assurance-submitted-operations: 1
    replication-assurance-local-completed-normally: 1
    replication-assurance-local-completed-abnormally: 0
    replication-assurance-local-completed-with-timeout: 0
    replication-assurance-local-completed-with-shutdown: 0
    replication-assurance-local-completed-with-unavailable-server: 0
    replication-assurance-remote-completed-normally: 0
    replication-assurance-remote-completed-abnormally: 0
    replication-assurance-remote-completed-with-timeout: 0
    replication-assurance-remote-completed-with-shutdown: 0
    replication-assurance-remote-completed-with-unavailable-server: 0
  11. Perform a modify of an entry under dc=example,dc=com on server 1. Check that the counters matched the modify operation to the "Mods Processed All Locally" policy and that the operations completed assured.
    $ bin/ldapsearch --baseDN "cn=Replica dc_example_dc_com,cn=monitor" \
      "(objectclass=*)" | grep replication-assurance
    
    replication-assurance-submitted-operations: 2
    replication-assurance-local-completed-normally: 2
    replication-assurance-local-completed-abnormally: 0
    replication-assurance-local-completed-with-timeout: 0
    replication-assurance-local-completed-with-shutdown: 0
    replication-assurance-local-completed-with-unavailable-server: 0
    replication-assurance-remote-completed-normally: 0
    replication-assurance-remote-completed-abnormally: 0
    replication-assurance-remote-completed-with-timeout: 0
    replication-assurance-remote-completed-with-shutdown: 0
    replication-assurance-remote-completed-with-unavailable-server: 0
    replication-assurance-policy-matches: Adds Processed All Locally: 1
    replication-assurance-policy-matches: Default Replication Assurance Policy: 0
    replication-assurance-policy-matches: Mods Received Any Locally: 1
    replication-assurance-local-level-uses: processed-all-servers: 1
    replication-assurance-local-level-uses: received-any-server: 1
    replication-assurance-remote-level-uses: none: 2 
    
    $ bin/ldapsearch --baseDN "cn=Replication Summary dc_example_dc_com,cn=monitor" \
      "(objectclass=*)" | grep replication-assurance
    
    replication-assurance-submitted-operations: 2
    replication-assurance-local-completed-normally: 2
    replication-assurance-local-completed-abnormally: 0
    replication-assurance-local-completed-with-timeout: 0
    replication-assurance-local-completed-with-shutdown: 0
    replication-assurance-local-completed-with-unavailable-server: 0
    replication-assurance-remote-completed-normally: 0
    replication-assurance-remote-completed-abnormally: 0
    replication-assurance-remote-completed-with-timeout: 0
    replication-assurance-remote-completed-with-shutdown: 0
    replication-assurance-remote-completed-with-unavailable-server: 0
    You have successfully configured Assured Replication.