Configured two-way cryptographic synchronization between multiple IBM Tivoli Directory Server (all versions of TDS) LDAP instances despite forgetting/losing the initially configured encryption seed value of an existing LDAP instance to be part of the cryptographic synchronization configuration.
Achieved by leveraging the encryption seed and salt values of the new LDAP instances (to be part of the cryptographic synchronization configuration) in order to enable export of data from the existing LDAP instance using the 'idsdb2ldif' TDS command line utility. Successful replication configuration between all the LDAP instances ensued.
All the IBM TDS InfoCenter documentation refers to the fact that if you forget/lose the initially configured encryption seed value on an existing LDAP instance, you will need to completely replace that existing LDAP instance with a newly configured LDAP instance (remembering the encryption seed value this time) in order to enable it's participation in replication with other LDAP instances.
My solution eliminates replacing the existing LDAP instance with a newly configured LDAP instance despite forgetting/losing the encryption seed value of the existing LDAP instance, which is a huge cost/effort saving and risk mitigation for a customer.
IBM was contacted and has offered official support for my solution to customers.