You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
On all consumer (destination) replicated suffixes, create a new replication manager and password.
$ ldapmodify -a -h host -p port -D cn=admin,cn=Administrators,cn=config -w - Enter bind password: dn:"cn=new-replication-manager,cn=replication,cn=config" objectclass: top objectclass: person userpassword:password sn:new-replication-manager |
For example:
$ ldapmodify -a -h host1 -p 1389 -D cn=admin,cn=Administrators,cn=config -w - Enter bind password: dn:"cn=ReplicationManager3,cn=replication,cn=config" objectclass: top objectclass: person userpassword:secret sn:ReplicationManager3 |
On all consumer (destination) replicated suffixes, set the replication manager bind DN.
$ dsconf set-suffix-prop -h host -p port suffix-DN \ repl-manager-bind-dn:"cn=new-replication-manager,cn=replication,cn=config" |
For example:
$ dsconf set-suffix-prop -h host1 -p 1389 dc=example,dc=com \ repl-manager-bind-dn:"cn=ReplicationManager3,cn=replication,cn=config" |
For all replication agreements that you have created on all supplier (source) replicated suffixes, set the replication manager bind DN.
Create a temporary file for setting the new replication manager password.
This file is read once, and the password is stored for future use.
$ echo password > password-file |
Set the replication manager bind DN and password to be used by the replication mechanism when performing updates.
$ dsconf set-repl-agmt-prop -h host -p port suffix-DN host:port \ auth-bind-dn:"cn=new-replication-manager,cn=replication,cn=config" \ auth-pwd-file:password-file |
For example:
$ dsconf set-repl-agmt-prop -h host2 -p 1389 dc=example,dc=com host1:1389 \ auth-bind-dn:"cn=ReplicationManager3,cn=replication,cn=config" \ auth-pwd-file:pwd.txt |
Remove the temporary password file.
$ rm password-file |