Page created: 22 Jul 2020 |
Page updated: 1 Feb 2021
This section describes how to set up a two-server replication topology. The example uses the LDAP and replication server ports 1389 and 8989 respectively.
|Host Name||LDAP Port||Replication Port|
Install the first directory server with 2000
$ ./setup --cli --acceptLicense --baseDN "dc=example,dc=com" --ldapPort 1389 \ --rootUserPassword pass --sampleData 10000 --no-prompt
Install the second directory server either on a
separate host or the same host as the first, but with a different LDAP port.
$ ./setup --cli --acceptLicense --baseDN "dc=example,dc=com" --ldapPort 1389 \ --rootUserPassword pass --no-prompt
From the first server, run the bin/dsreplication command in
interactive mode to configure a replication topology:
From the Replication Main menu, select the Manage the topology option.
>>>> Replication Main Menu What do you want to do? 1) Display replication status 2) Manage the topology (add and remove servers) 3) Initialize replica data over the network 4) Initialize replica data manually 5) Replace existing data on all servers q) quit Enter choice: 2
From the Manage Replication Topology menu, choose the Enable Replication
>>>> Manage Replication Topology Select an operation for more information. 1) Enable Replication -- add or re-attach a server to the topology 2) Disable Replication -- permanently remove a running replica from the topology 3) Remove Defunct Server -- permanently remove an unavailable server from the topology 4) Cleanup Server -- remove replication artifacts from an offline, local server (allowing it to be re-added to a topology) b) back q) quit Enter choice [b]: 1
- On the Enable Replication menu, read the brief introduction on what will take place during the setup, and then, enter "c" to continue the enable process.
- Next, enter the LDAP connection parameters for the first of the two replicas that you are configuring. First, enter the host name or IP address of the first server.
- Next, enter the type of LDAP connection to the first server: 1) LDAP, 2) LDAP with SSL, or 3) LDAP with StartTLS.
- Type the LDAP listener port for the first replica. If you are a root user, you will see port 389 as the default. Others will see port 1389.
- Authenticate as a root DN, such as cn=Directory Manager. You will be prompted later in the process to set up a global administrator and password. The global administrator is the user ID that manages the replication topology group.
- Repeat steps 7–10 for the second replica.
Next, the dsreplication tool checks for the base DN on both
servers. In order to enable replication, data must be present on at least one of the
servers. For this example, press Enter to select the default base DN,
Choose one or more available base DNs for which to enable replication: 1) dc=example,dc=com c) cancel Enter one or more choices separated by commas :Note: If you see the following message:
There are no base DNs available to enable replication between the two servers.In most cases, a base DN was not set up on one of the directory servers or the backend is disabled.
Next, the prompt asks if you want to set up entry balancing using the Directory Proxy Server. Press Enter to accept the default (no), since
we are not setting up replication in an entry-balanced environment in this scenario.
For more information, see the
PingDirectoryProxy Server Administration Guide.
Do you plan to configure entry balancing using the Directory Proxy Server? (yes / no) [no]:
- Next, enter the replication port for the first replica (default, 8989). The port must be free.
If the first server did not have a pre-defined location setting,
dsreplication will prompt you to enter a location. Press Enter
to accept the default (yes) to set up a Location for the first server. Enter the name
of the server's location.
The first server has not been configured with a location. Assigning a location to each server in the replication topology reduces network traffic in multi-site deployments. Would you like to set the location in the first server? (yes / no) [yes] The location of the first server: Austin
- Repeat the previous steps for the second directory server. Again, if you did not pre-define a location setting for the second server, you will be prompted to enter this information.
At this time, set up the Global Administrator user ID (default is "admin") and a
password for this account. The Global Administrator user ID manages the directory servers used in the replication
Specify the user ID of the global administrator account that will be used to manage the Ping Identity Directory Server instances to be replicated [admin]: Password for the global administrator: Confirm Password:
- Return to the Replication Main Menu and enter the number corresponding to initializing data over the network.
- On the Initialize Replica Data over the Network menu, select Initialize to initialize data on a single server, and then enter c to continue.
- Next, specify a server in the replication topology. For this example, enter the host name or IP address, LDAP connection type, LDAP port, Global Admin user ID and password of the first server.
- Next, select the source server that is hosting the data to which the target server will be initialized. For this example, select the first server, since the sample dataset has been loaded onto this server.
- Next, select the base DN that will be initialized. In most cases, the base DN for the root suffix will be replicated. In this example, dc=example,dc=com.
- Next, select the second server in this example that will have its data initialized, and then enter the Global Admin user ID and password for the target server. Any data present on the target server will be over-written.
Press Enter to confirm that you want to initialize data on the target server. When
completed, you should see "Base DN initialized successfully."
Initializing the contents of a base DN removes all the existing contents of that base DN. Do you want to remove the contents of the selected base DNs on server server2.example.com:1389 and replace them with the contents of server server1.example.com:1389? (yes / no) [yes]:
On the Initialize Replica Data Over Network menu, enter b to
back out one level to the main menu. Then, on the Replication Main menu, enter the
number to view the replication status.
--- Replication Servers: dc=example,dc=com --- Server : Location : Conflict Entries : Backlog : Recent Change Rate -------------------------:----------:------------------:---------:-------------------- ds1 (example.com:1389) : austin : 0 : 0 : 0 ds2 (example.com:1389) : austin : 0 : 0 : 0