Synchronizing Directory Servers in a replicated environment

If Directory Servers in a replicated environment are out of synch, the replication queues might get blocked. To resolve this problem, you must resynchronize your replicated environment.

About this task

Consider a scenario where M1 is the master server with the most recent updated data. R1 and R2 are the two replica servers of the master server, M1. To resynchronize the Directory Servers, complete the following steps.

Procedure

  1. Take R1 and R2 offline by stopping the R1 and R2 servers.
  2. Quiesce M1 for all queues.
  3. Clear the queues on M1 to R1 and M1 to R2. Repeat this process for all the queues. Using the Web Administration Tool, click Manage queues under the Replication management category in the navigation area. On the Manage queues wizard, click Queue details. On the Queue details panel, click Pending changes and then click Skip All Blocking Entries.
  4. Export the data of M1 to a file. Issue the following command: 
    idsdb2ldif -o /tmp/M1.ldif
  5. Unquiesce the M1 server.
  6. Unconfigure and drop the database on R1 and R2. Make sure that you answer yes to remove the database. Issue the command of the following format: 
    idsucfgdb -I instance_name -r
  7. Configure the database on R1 and R2. Issue the command of the following format: 
    idscfgdb -I instance_name -a dbadminDN -w dbadminPW -t databasename \
-l dblocation -n
  8. Synchronize the modified schema. Copy the V3.modifiedschema from M1 over to R1 and R2. The modified schema, V3.modifiedschema, is in the instance_home/idsslapd-instance_name/etc directory.
  9. Synchronize the ibmslapddir.ksf file. To know more about Synchronizing two-way cryptography between server instances, see the Administering section in the IBM® Security Directory Suite documentation.
    Note: Only if the master and the replicas are on the same hardware and operating system, the ibmslapddir.ksf file can be copied over from master to replicas. The ibmslapddir.ksf file is in the instance_home/idsslapd-instance_name/etc directory.
  10. Copy the M1.ldif file to replicas and load the data of M1 onto R1 and R2. Issue the following command: 
    idsldif2db -i /tmp/Master.ldif -r no
  11. Start the R1 and R2 servers.

Results

Note: On Windows platform, change the paths accordingly.
Alternatively, you can use the ldapdiff or idsideploy utility to synchronize between a master and replica server, depending on your Directory Server environment. The ldapdiff utility identifies differences in a replica server and its master, and can be used to synchronize replicas. The idsideploy utility with the -r and -Lm options can be used to synchronize a peer-peer or peer-replica servers. User can create the target instance either as a peer or replica of the master server with the -r option. The -L option provides the restore location from which the source instance's backed up database can be restored on to the target instance (peer or replica). To know more about the ldapdiff or idsideploy utility, see the Command Reference section in the IBM Security Directory Suite documentation.
Parent topic: Information for troubleshooting replication