This section describes setting up the replication feature in three common scenarios. It by no means attempts to describe setting up replication in each imaginable scenario, but rather in scenarios that Sun anticipates a majority of customer sites will use.
ANIL: Does the change to a DC-centric DIT change this chapter?
This section walks you through the process of setting up a replication scenario in which data is replicated from a master server to one replica server. (A master server contains the data that is to be replicated; a replica server (also called a slave server) receives the replicated data from the master server.) This replication example assumes the following:
|
|
A data store was created during the installation of the mail server software and its subsequent initialization. |
|
|
All attributes will be replicated rather than customizing which attributes will or will not be replicated. |
| |
1. |
Bring up the Admin console on the slave host (the host which will hold a replicated LDAP directory). |
| |
|
In this example the slave host is called slave1. Load http://slave1.eng/sims |
FIGURE B-1 SIMS Directory Interface
| |
|
Directory information is organized in a tree structure called the Directory Information Tree (DIT). A naming context refers to a particular branch or subtree of the DIT. A data store is where directory information is stored in naming contexts. |
FIGURE B-2 Data Store
| |
4. |
Double click the data store name (o=adagio,c=US) to bring up the data store property book. Then click on Naming Contexts section. |
FIGURE B-3 Naming Contexts
| |
|
Although two naming contexts are shown, they actually refer to the same subtree. The top one is called the OSI tree and the bottom one is called the Domain Component tree, and they are mapped to each other. The reason for having two naming contexts referring to the same subtree has to do with dual standards. You must configure both as Slaves if they are not already configured as such. |
| |
5. |
Modify the naming contexts to be slaves. |
FIGURE B-4 Modify Naming Context Window
| |
|
Leave Subtree type as Subtree and leave suffix as o=adagio,c=US--unless you wish to only replicate a branch of the such as ou=eng,o=adagio,c=US or ou=mktg,o=adagio,c=US. Change the mode to Slave. Next to Referral hostname, enter the fully qualified name of the master LDAP directory host is entered. |
| |
|
Update DN is the distinguished name of a user under whom the master server will login to the slave server to modify entries. This DN must have the appropriate ACL to modify entries in the specified suffix of the slave server. Remember this DN because you will have to enter it when you configure the master server, which must be configured to update this new slave. The example shows that Update DN is set to cn=admin,o=adagio,c=US. After making all changes, press OK to save. |
| |
|
Now double click the second naming context (Domain Component or DC subtree) dc=adagio,dc=com. In the Modify Naming Context window, repeat the above steps for the Domain Component subtree (naming context: dc=adagio,dc=com). After making both naming contexts slaves, press Apply on the property book. The directory server on the replicated system is now set up as a slave. |
| |
|
The next step is to set up a new replica on the master LDAP server. Many of the steps are similar to the setting up the slave server. |
| |
6. |
On a HotJava browser, go to the Naming Context section of the Data Store property book on the LDAP master host. |
| |
|
Load http://themaster.eng/sims, go to Sun Directory Services->Data Store, and double click on the Data Store "o=adagio,c=US" |
| |
7. |
Create a directory replica for the OSI data tree. |
FIGURE B-5 Add an LDAP Replica from Master Server Admin Console
| |
|
Set Subtree to naming contest that you want replicated to the slave server (slave1.eng.adagio.com). In our example, we are replicating the entire directory, so type "o=adagio,c=US" in the subtree field. If you only wish to replicate a branch of the tree such as ou=eng,o=adagio,c=US or ou=mktg,o=adagio,c=US, then enter that as the naming context. |
| |
|
Select All attributes. In the Host field, enter the fully qualified domain name of the slave server (slave1.eng) and the port number on which the slave LDAP server is listening (default=389). Update DN field should be the same name of Update DN that you entered in the slave server (in this example cn=admin,o=adagio,c=US). The password must be the password for the Update DN on the slave. This is the password used by the master server to make updates to the slave server, so make sure that this DN has the appropriate access control permissions for making the changes to the slave. |
| |
8. |
Create a directory replica for the DC data tree. |
| |
|
Since you need updates to both the OSI tree and the Domain component tree, define another replica, this time entering dc=adagio,dc=com in the subtree field and dc=admin,dc=adagio,dc=com in the Update DN field. |
| |
9. |
Apply the replica modifications. |
FIGURE B-6 Applying Modifications to the Data Store.
| |
10. |
Synchronize the replica and set synchronization schedule. |
FIGURE B-7 Applying Modifications to the Data Store.
| |
|
At Replica Synchronization, above the Naming Context table, select "immediate" for immediate updates (every time an entry is modified, added, or deleted, the change is sent to the slave) or if you choose Delayed, specify a schedule for the updates. You can also perform a complete synchronization of the master with the slave by pressing the "synchronize" button. |
| |
11. |
When synchronization occurs, the slave server is operational. |
This section walks you through the process of replicating data from a master server to two replica servers. (A master server contains the data that is to be replicated; a replica server receives the replicated data from the master server.) This replication example assumes the following:
|
|
A data store was created during the installation of the mail server software and its subsequent initialization. |
|
|
All attributes will be replicated rather than customizing which attributes will or will not be replicated. |
| |
1. |
Bring up the Admin console on the first slave host (the host which will hold a replicated LDAP directory). |
| |
|
In this example the slave host is called slave1. Load http://slave1.eng/sims |
FIGURE B-8 SIMS Directory Interface
| |
|
Directory information is organized in a tree structure called the Directory Information Tree (DIT). A naming context refers to a particular branch or subtree of the DIT. A data store is where directory information is stored in naming contexts. |
FIGURE B-9 Data Store
| |
4. |
Double click the data store name (o=adagio,c=US) to bring up the data store property book. Then click on Naming Contexts section. |
FIGURE B-10 Naming Contexts
| |
|
Although two naming contexts are shown, they actually refer to the same subtree. The top one is called the OSI tree and the bottom one is called the Domain Component tree, and they are mapped to each other. The reason for having two naming contexts referring to the same subtree has to do with dual standards. You must configure both as Slaves if they are not already configured as such. |
| |
5. |
Modify the naming contexts to be slaves. |
FIGURE B-11 Modify Naming Context Window
| |
|
Leave Subtree type as Subtree and leave suffix as o=adagio,c=US, unless you wish to only replicate a branch of the such as ou=eng,o=adagio,c=US or ou=mktg,o=adagio,c=US. Change the mode to Slave. Next to Referral hostname, enter the fully qualified name of the master LDAP directory host is entered. |
| |
|
Update DN is the distinguished name of a user under whom the master server will login to the slave server to modify entries. This DN must have the appropriate ACL to modify entries in the specified suffix of the slave server. Remember this DN because you will have to enter it when you configure the master server, which must be configured to update this new slave. The example shows that Update DN is set to cn=admin,o=adagio,c=US. After making all changes, press OK to save. |
| |
|
Now double click the Domain Component subtree naming context (dc=adagio,dc=com). In the Modify Naming Context window, repeat the above steps for the Domain Component subtree (naming context: dc=adagio,dc=com). After making both naming contexts slaves, press Apply on the property book. The directory server on the replicated system is now set up as a slave. |
| |
6. |
Repeat the same steps on the second slave server (slave2.eng). |
| |
|
After setting up both slave servers, set up two new replicas on the master LDAP server. Many of the steps are similar to the setting up the slave server. |
| |
7. |
On a HotJava browser, go to the Naming Context section of the Data Store property book on the LDAP master host. |
| |
|
Load http://themaster/sims |
| |
a. |
Click on the Sun Directory Services icon.
|
| |
b. |
From the property book, select the Data Store section and double click on the
Data Store "o=adagio,c=US".
|
| |
8. |
Create a directory replica for the first slave server. |
FIGURE B-12 Add an LDAP Replica from Master Server Admin Console
| |
|
Set Subtree to the naming context that you want replicated to the slave server (slave1.eng.adagio.com). In our example, we are replicating the entire directory, so type "o=adagio,c=US" in the subtree field. Select All attributes. If you only wish to replicate a branch of the tree such as ou=eng,o=adagio,c=US or ou=mktg,o=adagio,c=US, then enter that as the naming context. In the Host field, enter the fully qualified domain name of the slave server (slave1.eng) and the port number on which the slave LDAP server is listening (default=389). Update DN field should be the same name of Update DN that you entered in the slave server (in this example cn=admin,o=adagio,c=US). The password must be the password for the Update DN on the slave. This is the password used by the master server to make updates to the slave server, so make sure that this DN has the appropriate access control permissions for making the changes to the slave. |
| |
|
Since you need updates to both the OSI tree and the Domain component tree, define another replica, this time entering dc=adagio,dc=com in the subtree field, and dc=admin,dc=adagio,dc=com in the Update DN field. |
| |
9. |
Create a directory replica for the second slave server. |
| |
|
Follow the same instructions as described in the previous step for slave2.eng. |
| |
10. |
Apply the replica modifications. |
FIGURE B-13 Applying Modifications to the Data Store.
| |
11. |
Synchronize the replica and set synchronization schedule. |
FIGURE B-14 Applying Modifications to the Data Store.
| |
|
At Replica Synchronization, above the Naming Context table, select "immediate" for immediate updates (every time an entry is modified, added, or deleted, the change is sent to the slave) or if you choose Delayed, specify a schedule for the updates. You can also perform a complete synchronization of the master with the slave by pressing the "synchronize" button. |
| |
12. |
When synchronization occurs, the slave server is operational. |
You can configure one directory server to act as both a master server and a slave server. A master server contains the data that is to be replicated; a slave server receives the replicated data from the master server.
In this example we have a company, Adagio, with two domains and two servers in
different locations. One is in Texas (domain: texas.adagio.com, host: yellowrose) and
the other in California (domain: calif.adagio.com, host: surfergirl). The directory
FIGURE 13-1 DIT Structure for Adagio Corporation
In each domain, we want the local servers to have a complete copy of the SIMS LDAP directory. However, on yellowrose we want the naming context
ou=texas,o=adagio,c=US to be master, and the naming context ou=calif,o=adagio,c=US be a replicated slave. On surfergirl we want the naming context ou=texas,o=adagio,c=US to be a replicated slave, and the naming context ou=calif,o=adagio,c=US be the master.
| |
1. |
Bring up the Admin console on the yellowrose. |
| |
|
Log in to http://yellowrose.texas/sims |
FIGURE B-15 SIMS Directory Interface
FIGURE B-16 Data Store
| |
4. |
Double click the data store name (o=adagio,c=US) to bring up the data store property book. Then click on Naming Contexts section. |
FIGURE B-17 Naming Contexts
| |
|
Although two naming contexts are shown, they actually refer to the same subtree. The top one is called the OSI tree and the bottom one is called the Domain Component tree, and they are mapped to each other. The reason for having two naming contexts referring to the same subtree has to do with dual standards. |
| |
5. |
Modify the OSI naming context to be ou=texas,o=adagio,c=US. Designate it to be a master. |
FIGURE B-18 Modify Naming Context Window
| |
6. |
Modify the Domain Component (DC) naming context to be dc=texas,dc=adagio,dc=com. Designate it to be a master. |
| |
|
Double click the DC naming context dc=adagio,dc=com. In the Modify Naming Context window, repeat the above steps for the DC subtree. Change dc=adagio,dc=com to dc=texas,dc=adagio,dc=com. After making all changes, press OK to save. |
| |
7. |
Create OSI naming context called ou=calif,o=adagio,c=US. Designate it to be a slave. |
| |
|
Click on Create-->Naming Context. |
| |
|
The Add Naming Context window appears. Change the mode from Master to Slave. Enter the name of the new naming context. Enter the master hostname for the naming context next to Referral hostname. |
FIGURE B-19 Modify Naming Context Window
| |
8. |
Create DC naming context called dc=calif,dc=adagio,dc=com. Designate it to be a slave. |
| |
|
Click on Create-->Naming Context. Use the following parameters: |
| |
|
Suffix: dc=calif,dc=adagio,dc=com
Referral hostname: calif.adagio.com
Update DN: dc=admin,dc=adagio,dc=com |
FIGURE B-20 Completed Naming Context Window for yellowrose
| |
9. |
Create a directory replica for ou=texas,o=adagio,c=US. |
| |
|
Select the "Create->Replica" menu option. Select Subtree and fill in the subtree that you want to replicate, i.e., ou=texas,o=adagio,c=US. Select All attributes. In the Host field, enter the fully qualified domain name of the slave server (surfergirl.eng) and the port number on which the slave LDAP server is listening (default=389). Update DN field should be the same name of Update DN that you entered in the slave server (in this example cn=admin,o=adagio,c=US). The password must be the password for the Update DN on the slave. This is the password used by the master server to make updates to the slave server, so make sure that this DN has the appropriate access control permissions for making the changes to the slave. |
FIGURE B-21 Add an LDAP Replica from Master Server Admin Console
| |
10. |
Create a directory replica for dc=texas,dc=adagio,dc=com |
| |
|
You need updates for the DC tree as well as the OSI tree. Define another replica using the procedures described in Step 9 with the following parameters: |
| |
|
Subtree: dc=texas,dc=adagio,dc=com
Host: surfergirl.eng
Update DN: dc=admin,dc=adagio,dc=com |
| |
11. |
Press Apply on the property book. |
| |
|
The master and slave directory servers are now set up on host yellowrose. |
| |
12. |
On host surfergirl, set up slave and master naming contexts. |
| |
|
Use the same procedure described from Step 1 through Step 8 on surfergirl. However, make the naming context ou=texas,o=adagio,c=US to be a replicated slave and ou=calif,o=adagio,c=US be the master. The Naming Context section look as follows. |
FIGURE B-22 Completed Naming Context Window for surfergirl
| |
13. |
Create directory replicas for ou=calif,o=adagio,c=US and dc=calif,dc=adagio,dc=com. |
| |
|
Host: yellowrose.eng
Update DN: dc=admin,dc=adagio,dc=com (DC) and cn=admin,o=adagio,c=US (OSI) |
| |
14. |
Press Apply on the property book. |
| |
|
The master and slave directory servers are now set up on host yellowrose. |
| |
15. |
Synchronize both replicas and set synchronization schedule. |
FIGURE B-23 Applying Modifications to the Data Store.
| |
|
Next to Replica Synchronization select Immediate for immediate directory updates (every time an entry is modified, added, or deleted, change is sent to the slave) or choose Delayed and specify an update schedule. You can also perform a complete synchronization of the master with the slave by pressing the "synchronize" button. |
| |
16. |
When synchronization occurs, the bidirectional replicas will be operational. |
Copyright© 1999 Sun Microsystems, Inc. All Rights Reserved.