Each replica has a generation ID, which is an integer that summarizes the replica. It provides replication with a quick and simple means of determining if two replicas contain the same data. If they do contain the same data, they'll have the same generation ID.

When replication is operating correctly, all of the replicas for each replicated base DN will have the same generation ID. The generation ID is stored on each replica as the operational attribute ds-sync-generation-id. For example:

ldapsearch -b 'dc=example,dc=com' -s base '(&)' ds-sync-generation-id
 dn: dc=example,dc=com
 ds-sync-generation-id: 2058329333
When the server starts, or when replication is enabled, the generation ID is computed for each affected replica that does not already have a generation ID stored as ds-sync-generation-id. The following is used to calculate the generation ID:
  • The total number of entries in the replica. This is referred to as "the count."
  • The first 1000 entries in the replica are converted to normalized LDIF, which is referred to as "the LDIF." Normalized LDIF only includes attributes objectclass, sn, cn and ds-entry-unique-id, and uses OIDs in place of attribute names.
  • The Adler-32 checksum is calculated with the string produced by concatenating the count and the LDIF as input. This Adler-32 checksum is the generation ID.
  • The generation ID is stored on the base DN as ds-sync-generation-id. This is so that the ID does not need to be computed the next time the replica is loaded.