Red Hat Summit Red Hat SummitSuporteConsoleDesenvolvedoresComeçar um testeContato

Este conteúdo não está disponível no idioma selecionado.

Chapter 8. Comparing two Directory Server instances

You can verify that two Directory Server instances are synchronized using ds-replcheck utility. You can compare two servers either online or using two LDIF-formatted files in offline mode.

8.1. Displaying the replication status of two Directory Server instances
Copiar o link

You can use the ds-replcheck utility to display the replication status of two Directory Server instances.

Procedure

  • Use the following command to display the replication status of two Directory Server instances: 

    # ds-replcheck state -D "cn=Directory Manager" -W -m ldap://server1.example.com:389 -r ldap://server2.example.com:389 -b "dc=example,dc=com"
Replication State: Replica is behind Supplier by: 264 seconds
    Copy to Clipboard Toggle word wrap

8.2. Comparing two onlineDirectory Server instances
Copiar o link

If you compare two online servers, the contents of the databases usually differ, if they are under heavy load. To work around this problem, the ds-replcheck uses a lag time value by passing the -l time_in_seconds parameter to ds-replcheck. By default, this value is set to 300 seconds (5 minutes). If the utility detects an inconsistency that is within the lag time, the utility does not report it. This helps to reduce false positives.

By default, if you have excluded certain attributes in the replication agreement from being replicated, ds-replcheck reports these attributes as different. To ignore these attributes, pass the -i attribute_list parameter to the utility.

Procedure

  • To compare the dc=example,dc=com suffix of supplier.example.com and replica.example.com online, enter: 

    # ds-replcheck online -D "cn=Directory Manager" -W -m ldap://supplier.example.com:389 -r ldap://replica.example.com:389 -b "dc=example,dc=com"
    Copy to Clipboard Toggle word wrap

    The -m and -r parameters set the URLs to the supplier and replica.

8.3. Comparing offline two Directory Server instances
Copiar o link

To compare two offline Directory Server instances, export the databases on both hosts and compare them using ds-replcheck.

By default, if you have excluded certain attributes in the replication agreement from being replicated, ds-replcheck reports these attributes as different. To ignore these attributes, pass the -i attribute_list parameter to the utility.

Procedure

  1. On the supplier, list the suffixes and their corresponding databases: 

    # dsconf <instance_name> backend suffix list
dc=example,dc=com (userroot)
o=test (test_database)
    Copy to Clipboard Toggle word wrap

    Note the name or suffix of the database you want to compare.

  2. Export the database while the instance is running: 

    # dsconf <instance_name> backend export -r -l /var/lib/dirsrv/slapd-<instance_name>/ldif/export-supplier.ldif userRoot
    Copy to Clipboard Toggle word wrap

    The -r parameter ensures that the export includes replication state information, and -l sets the path to the export file. Note that the dirsrv user must have write permissions in the destination directory to create that file.

  3. Repeat the previous steps on the replica you want to compare with the supplier.

  4. Copy the exported file from one host to the other. For example, to copy the LDIF file from replica.example.com to supplier.example.com, enter the following command on the replica: 

    # scp /var/lib/dirsrv/slapd-<instance_name>/ldif/export-replica.ldif supplier.example.com:/var/lib/dirsrv/slapd-<instance_name>/ldif/
    Copy to Clipboard Toggle word wrap

    Note that this command requires that you can access the supplier using SSH.

  5. On the supplier, compare the two LDIF files: 

    # ds-replcheck offline -m /var/lib/dirsrv/slapd-<instance_name>/ldif/export-supplier.ldif -r /var/lib/dirsrv/slapd-instance_name/ldif/export-replica.ldif -rid 1 -b "dc=example,dc=com"
    Copy to Clipboard Toggle word wrap

    The -m and -r parameters set the paths to the supplier and replica, and -rid sets the replica identifier of the supplier.

8.4. Explanation of the ds-replcheck output
Copiar o link

The output of the ds-replcheck utility contains the following sections:

Database RUV’s

Lists the Replication Update Vectors (RUV) of the databases including the minimum and maximum Change Sequence Numbers (CSN). For example: 

  Supplier RUV:
    {replica 1 ldap://supplier.example.com:389} 58e53b92000200010000 58e6ab46000000010000
    {replica 2 ldap://replica.example.com:389} 58e53baa000000020000 58e69d7e000000020000
    {replicageneration} 58e53b7a000000010000

  Replica RUV:
    {replica 1 ldap://supplier.example.com:389} 58e53ba1000000010000 58e6ab46000000010000
    {replica 2 ldap://replica.example.com:389} 58e53baa000000020000 58e7e8a3000000020000
    {replicageneration} 58e53b7a000000010000
Copy to Clipboard Toggle word wrap
Entry Count

Displays the total number of entries on the both servers, including tombstone entries. For example: 

  Supplier:  12
  Replica: 10
Copy to Clipboard Toggle word wrap
Tombstones

Displays the number of tombstone entries on each replica. These entries are added to the total entry count. For example: 

  Supplier:  4
  Replica: 2
Copy to Clipboard Toggle word wrap
Conflict Entries

Lists the Distinguished Names (DN) of each conflict entry, the conflict type, and the date it was created. For example: 

  Supplier Conflict Entries: 1

   - nsuniqueid=48177227-2ab611e7-afcb801a-ecef6d49+uid=user1,dc=example,dc=com
      - Conflict:   namingConflict (add) uid=user1,dc=example,dc=com
      - Glue entry: no
      - Created:    Wed Apr 26 20:27:40 2021


  Replica Conflict Entries: 1

   - nsuniqueid=48177227-2ab611e7-afcb801a-ecef6d49+uid=user1,dc=example,dc=com
      - Conflict:   namingConflict (add) uid=user1,dc=example,dc=com
      - Glue entry: no
      - Created:    Wed Apr 26 20:27:40 2021
Copy to Clipboard Toggle word wrap
Missing Entries

Lists the DNs of each missing entry and the creation date from the other server where the entry resides. For example: 

  Entries missing on Supplier:
   - uid=user2,dc=example,dc=com (Created on Replica at: Wed Apr 12 14:43:24 2021)
   - uid=user3,dc=example,dc=com (Created on Replica at: Wed Apr 12 14:43:24 2021)

  Entries missing on Replica:
   - uid=user4,dc=example,dc=com (Created on Supplier at: Wed Apr 12 14:43:24 2021)
Copy to Clipboard Toggle word wrap
Entry Inconsistencies

Lists the DNs of the entry that contain attributes that are different to those on the other server. If a state information is available, it is also displayed. If no state information for an attribute is available, it is listed as an origin value. This means that the value was not updated since the replication was initialized for the first time. For example: 

  cn=group1,dc=example,dc=com
  ---------------------------
  Replica missing attribute "objectclass":

   - Supplier's State Info: objectClass;vucsn-58e53baa000000020000: top
   - Date: Wed Apr  5 14:47:06 2021

   - Supplier's State Info: objectClass;vucsn-58e53baa000000020000: groupofuniquenames
   - Date: Wed Apr  5 14:47:06 2021
Copy to Clipboard Toggle word wrap
Voltar ao topo
Red Hat logoGithubredditYoutubeTwitter

Aprender

Experimente, compre e venda

Comunidades

Sobre a documentação da Red Hat

Ajudamos os usuários da Red Hat a inovar e atingir seus objetivos com nossos produtos e serviços com conteúdo em que podem confiar. Explore nossas atualizações recentes.

Tornando o open source mais inclusivo

A Red Hat está comprometida em substituir a linguagem problemática em nosso código, documentação e propriedades da web. Para mais detalhes veja o Blog da Red Hat.

Sobre a Red Hat

Fornecemos soluções robustas que facilitam o trabalho das empresas em plataformas e ambientes, desde o data center principal até a borda da rede.

Theme

© 2025 Red Hat