25 Example Proxy, Distribution, and Virtualization Configurations

This chapter provides some use case examples for configuring specific proxy, distribution, and virtualization deployments by using the dsconfig command.

Note:

You can also perform these configurations by using dsconfig in interactive mode. For information, see Section 17.1.2, "Using dsconfig in Interactive Mode."

Note:

To use the virtual directory capabilities described here, you must have a valid Oracle Directory Service Plus license.

This chapter includes the following sections:

• Section 25.1, "Configuring Load Balancing Example"

• Section 25.2, "Configuring Distribution Example"

• Section 25.3, "Configuring Distribution with Load Balancing Example"

• Section 25.4, "Configuring Failover Between Data Centers Example"

• Section 25.5, "Configuring Distribution with Failover Between Data Centers Example"

25.1 Configuring Load Balancing Example

This use case describes how to configure simple load balancing with failover on two LDAP servers.

The topics in this section include:

• Section 25.1.1, "Creating the Objects for Simple Load Balancing"

• Section 25.1.2, "Configuring Simple Load Balancing"

25.1.1 Creating the Objects for Simple Load Balancing

When configuring a proxy server for simple load balancing, you must create the objects shown in Figure 25-1. You must create these objects in the order indicated.

Figure 25-1 Load Balancing

Description of ''Figure 25-1 Load Balancing''

All of the commands in this procedure specify the proxy hostname (-h), the proxy admin port (-p), the bind DN for the initial root user (-D), and the file containing the proxy password (-j). You must also indicate the authentication. If you do not specify authentication, and if the client and server are running in the same instance, then Oracle Unified Directory uses the local authentication configuration.

25.1.2 Configuring Simple Load Balancing

To configure a simple load balancing deployment:

1. Create a proxy LDAP server extension.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-extension \
   --extension-name proxy_extension1 \
   --type ldap-server \
   --set enabled:true \
   --set remote-ldap-server-address:DS1_hostname \
   --set remote-ldap-server-port:2389
   

   The LDAP server extension is a link to the remote LDAP server. For this use case, you need at least two remote LDAP server instances. Repeat this step, using a different LDAP hostname and port for each server.

2. Create a proxy workflow element for each LDAP server extension.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-workflow-element \
   --element-name proxy-we1 \
   --type proxy-ldap\ 
   --set enabled:true \
   --set client-cred-mode:use-client-identity \
   --set ldap-server-extension:proxy_extension1
   

   The property client-cred-mode indicates the type of authentication used between the proxy and remote LDAP server. The client credential mode can be: use-client-identity or use-specific-identity.

3. Create a load balancing workflow element.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-workflow-element \
   --element-name LB-we1 \
   --type load-balancing \
   --set enabled:true
   

   You only need one load balancing workflow element to route requests to either of the two remote LDAP servers.

4. Define the load balancing algorithm.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-load-balancing-algorithm \
   --element-name LB-we1 \
   --type failover
   

   The load balancing algorithm types include proportional, saturation, optimal, searchfilter or failover. You define the load balancing algorithm properties (weight, threshold, or priority) with the load balancing routes, in the next step.

5. Define the load balancing routes for each proxy.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-load-balancing-route \
   --element-name LB-we1 \
   --route-name LB-route1 \
   --type failover \
   --set workflow-element:proxy-we1 \
   --set add-priority:1 \
   --set bind-priority:2 \
   --set compare-priority:2 \
   --set delete-priority:1 \
   --set extended-priority:2 \
   --set modify-priority:1 \
   --set modifydn-priority:1 \
   --set search-priority:2 
   

   When defining the routes, you must specify the same type that you used when defining the load balancing algorithm.

   For this use case, you need two load balancing routes. Repeat this step, specifying a different priority for each route.

   Note:

   The properties in this step set the priority for failover load balancing. You use different properties for proportional or saturation load balancing.

   For more information on the setting different load balancing types, see Section 21.1.4, "Modifying Load Balancing Properties."

6. Create a workflow.

   This workflow associates the load balancing workflow element with the specified base dn.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-workflow \
   --workflow-name LB-workflow1 \
   --set enabled:true \
   --set base-dn:dc=example,dc=com \
   --set workflow-element:LB-we1 
   

7. Create the network group.

   The network group handles all the requests between the client and the proxy.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-network-group \
   --group-name network-group1 \
   --set enabled:true \
   --set workflow:LB-workflow1 \
   --set priority:1
   

25.2 Configuring Distribution Example

This use case describes how to configure a simple distribution deployment that is split over two partitions.

Note:

For information about the supported distribution types, see Section 12.3, "Understanding Data Distribution Using the Proxy."

The topics in this section include:

• Section 25.2.1, "Creating the Objects for Simple Distribution"

• Section 25.2.2, "Configuring a Simple Distribution Deployment"

25.2.1 Creating the Objects for Simple Distribution

When configuring a proxy server for simple distribution, you must create the objects shown in Figure 25-2. You must create these objects in the order indicated.

Figure 25-2 Configuring Distribution

Description of ''Figure 25-2 Configuring Distribution''

All of the commands in this procedure specify the proxy hostname (-h), the proxy admin port (-p), the bind DN for the initial root user (-D) and the proxy password you want to configure (-w). You must also indicate the authentication. If you do not specify authentication, and if the client and server are running in the same instance, then Oracle Unified Directory uses the local authentication configuration.

25.2.2 Configuring a Simple Distribution Deployment

To configure a simple distribution deployment:

1. Create a proxy LDAP server extension.

   $ dsconfig -h localhost -p 4444 -D "cn=Directory Manager" -j pwd-file -X \
   create-extension \
   --extension-name proxy_extension1 \
   --type ldap-server \
   --set enabled:true \
   --set remote-ldap-server-address:DS1_hostname \
   --set remote-ldap-server-port:2389
   

   The LDAP server extension is a link to the remote LDAP server. For this use case, you need two remote LDAP server instances. Repeat this step, using a different LDAP hostname and port for each server.

2. Create a proxy workflow element for each LDAP server extension.

   $ dsconfig -h localhost -p 4444 -D "cn=Directory Manager" -j pwd-file -X \
   create-workflow-element \
   --element-name proxy-we1 \
   --type proxy-ldap\ 
   --set enabled:true \
   --set client-cred-mode:use-client-identity \
   --set ldap-server-extension:proxy_extension1
   

   You need at least two remote LDAP servers for a distribution architecture. Repeat this step for each server. Use the same LDAP server extension names that you created in step 1.

   The property client-cred-mode indicates the type of authentication used between the proxy and remote LDAP server. The client credential mode can be: use-client-identity or use-specific-identity.

3. Set up distribution by creating a distribution workflow element.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-workflow-element \
   --element-name distrib-we \
   --type distribution \ 
   --set base-dn:dc=example,dc=com \
   --set enabled:true 
   

4. Set the distribution algorithm.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-distribution-algorithm \
   --element-name distrib-we \
   --type numeric \ 
   --set distribution-attribute:uid
   

   The distribution algorithm types include capacity, numeric, lexico, or dnpattern. You define the algorithm properties when you create the distribution partitions, in the next step.

5. Define the distribution partitions.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-distribution-partition \
   --element-name distrib-we \
   --partition-name distrib-part1\
   --type numeric \ 
   --set lower-bound:0 \
   --set upper-bound:1000 \
   --set partition-id:1 \
   --set workflow-element:proxy-we1
   

   For this use case, you must create two partitions. You must use unique partition IDs and partition names for each workflow element. When defining the partitions, you must specify the same type that you used when defining the distribution algorithm.

   Note:

   The upper boundary is exclusive, which means if you specify upper-bound:1000 as the upper boundary, then the partition only includes values from 0 to 999, inclusive.

   • If you created a capacity distribution algorithm, then you must create a global index.

   • If you created a lexico, numeric, or dnpattern distribution algorithm, then creating a global index is optional.

   To create a global index:

   1. Create a global index catalog.

      $ gicadm -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
      create-catalog \
      --catalogName gi-catalog
      

   2. Add a global index that indexes the dn attribute to the catalog.

      $ gicadm -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
      add-index \
      --catalogName gi-catalog \
      --attributeName dn 
      

   3. Associate the global index catalog to the distribution.

      $ gicadm -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
      associate \
      --catalogName gi-catalog \
      --distributionWorkflowElement distrib-we
      

6. Create a workflow.

   This workflow associates the distribution workflow element with the distribution partition.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-workflow \
   --workflow-name distrib-workflow \
   --set enabled:true \
   --set base-dn:dc=example,dc=com \
   --set workflow-element:distrib-we
   

7. Create the network group.

   The network group handles all the requests between the client and the proxy.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-network-group \
   --group-name network-group1 \
   --set enabled:true \
   --set workflow:distrib-workflow \
   --set priority:1
   

25.3 Configuring Distribution with Load Balancing Example

This use case describes how to configure distribution with load balancing.

Note:

Although you can add a global index to any distribution deployment, this example does not include instructions for adding a global index.

The topics in this section include:

• Section 25.3.1, "Creating the Objects for Distribution with Load Balancing"

• Section 25.3.2, "Configuring a Distribution with Load Balancing Deployment"

Note:

For information about creating a global index, see Section 23.7, "Configuring Global Indexes Using the Command Line."

25.3.1 Creating the Objects for Distribution with Load Balancing

When configuring a proxy server for distribution and load balancing, you must create the objects shown in Figure 25-3. You must create these objects in the order indicated.

Figure 25-3 Configuring Distribution and Load Balancing

Description of ''Figure 25-3 Configuring Distribution and Load Balancing''

This example illustrates a deployment with distribution over two partitions, with each partition load balanced onto two replicated LDAP servers. The example uses a numeric distribution algorithm to partition the data.

All of the commands in this procedure specify the proxy hostname (-h), the proxy admin port (-p), the bind DN for the initial root user (-D), and the file containing the proxy password (-j). You must also indicate the authentication. If you do not specify authentication, and if the client and server are running in the same instance, then Oracle Unified Directory uses the local authentication configuration.

25.3.2 Configuring a Distribution with Load Balancing Deployment

To configure a distribution and load balancing deployment:

1. Create the proxy LDAP server extensions.

   $ dsconfig -h localhost -p 4444 -D "cn=Directory Manager" -j pwd-file -X \
   create-extension \
   --extension-name proxy_extension1 \
   --type ldap-server \
   --set enabled:true \
   --set remote-ldap-server-address:DS1_hostname \
   --set remote-ldap-server-port:2389
   

   The LDAP server extension is a link to the remote LDAP server. For this use case, you need four remote LDAP server instances. Repeat this step for each remote LDAP server, using a different LDAP hostname and port for each server.

2. Create a proxy workflow element for each LDAP server extension.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-workflow-element \
   --element-name proxy-we1 \
   --type proxy-ldap\ 
   --set enabled:true \
   --set client-cred-mode:use-client-identity \
   --set ldap-server-extension:proxy_extension1
   

   For this use case, you need four remote LDAP server instances. Repeat this step for each remote server, using the same LDAP server extension names as those created in step 1.

   The property client-cred-mode indicates the type of authentication used between the proxy and remote LDAP server. The client credential mode can be: use-client-identity or use-specific-identity.

3. Create a load balancing workflow element.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-workflow-element \
   --element-name LB-we1 \
   --type load-balancing \
   --set enabled:true
   

   You only need one load balancing workflow element to route requests to either of the two remote LDAP servers. You must create two load balancing workflow elements because you are using two load balancers.

4. Define the load balancing algorithm.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-load-balancing-algorithm \
   --element-name LB-we1 \
   --type failover
   

   The load balancing algorithm types include proportional, optimal, saturation, searchfilter, or failover. You define the load balancing algorithm properties (weight, threshold, or priority) with the load balancing routes, in the next step. For this use case, you need two load balancing algorithms.

5. Define the load balancing routes for each proxy.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-load-balancing-route \
   --element-name LB-we1 \
   --route-name LB-route1 \
   --type failover \
   --set workflow-element:proxy-we1 \
   --set add-priority:1 \
   --set bind-priority:1 \
   --set compare-priority:1 \
   --set delete-priority:1 \
   --set extended-priority:1 \
   --set modify-priority:1 \
   --set modifydn-priority:1 \
   --set search-priority:1 
   

   For this use case, you need four load balancing routes. Set two routes per load balancing workflow element (created in step 4). For example, set one route with priority 1 for all operations and set the other route with priority 2 for all operations.

   Note:

   The properties in this step set the priority for failover load balancing. You use different properties for proportional or saturation load balancing.

   For more information on the setting different load balancing types, see Section 21.1.4, "Modifying Load Balancing Properties."

6. Set up distribution by creating a distribution workflow element.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-workflow-element \
   --element-name distrib-we \
   --type distribution \ 
   --set base-dn:dc=example,dc=com \
   --set enabled:true 
   

   For this use case, you need only one distribution workflow element that points to the distribution algorithm.

7. Set the distribution algorithm.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-distribution-algorithm \
   --element-name distrib-we \
   --type numeric \ 
   --set distribution-attribute:uid
   

   The distribution algorithm types include capacity, numeric, lexico, or dnpattern. You define the boundaries when you create the distribution partitions, in the next step.

8. Define the distribution partitions.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-distribution-partition \
   --element-name distrib-we \
   --partition-name distrib-part1\
   --type numeric \ 
   --set lower-bound:0 \
   --set upper-bound:1000 \
   --set partition-id:1 \
   --set workflow-element:LB-we1
   

   For this use case, you must create two partitions. You must use unique partition IDs and partition names for each workflow element and that each partition uses a different load balancing workflow element. When defining the partitions, you must specify the same type that you used when defining the distribution algorithm.

   Note:

   The upper boundary is exclusive, which means if you specify upper-bound:1000 as the upper boundary, then the partition only includes values from 0 to 999, inclusive.

   • If you created a capacity distribution algorithm, then you must create a global index.

   • If you created a lexico, numeric, or dnpattern distribution algorithm, then creating a global index is optional.

   To create a global index.

   1. Create a global index catalog:

      $ gicadm -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
      create-catalog \
      --catalogName gi-catalog
      

   2. Add a global index which indexes the dn attribute to the catalog.

      $ gicadm -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
      add-index \
      --catalogName gi-catalog \
      --attributeName dn 
      

   3. Associate the global index catalog to the distribution.

      $ gicadm -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
      associate \
      --catalogName gi-catalog \
      --distributionWorkflowElement distrib-we
      

9. Create a workflow.

   This workflow associates the distribution workflow element with the base DN.

   $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
   create-workflow \
   --workflow-name workflow \
   --set enabled:true \
   --set base-dn:dc=example,dc=com \
   --set workflow-element:distrib-we
   

10. Create the network group.

    The network group handles all the requests between the client and the proxy.

    $ dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file \
    create-network-group \
    --group-name network-group1 \
    --set enabled:true \
    --set workflow:workflow \
    --set priority:1
    

25.4 Configuring Failover Between Data Centers Example

This use case describes how to set up a failover deployment between two data centers, as presented in Section 3.2.3, "Configuration 3: Failover Between Data Centers."

To configure a failover deployment between two data centers, use the following commands:

#Create a proxy LDAP extension for each remote LDAP server
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension1 \
  --set enabled:true \
  --set remote-ldap-server-address:DS1_hostname \
  --set remote-ldap-server-port:3189 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension2 \
  --set enabled:true \
  --set remote-ldap-server-address:DS2_hostname \
  --set remote-ldap-server-port:3289 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension3 \
  --set enabled:true \
  --set remote-ldap-server-address:DS3_hostname \
  --set remote-ldap-server-port:3389 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension4 \
  --set enabled:true \
  --set remote-ldap-server-address:DS4_hostname \
  --set remote-ldap-server-port:3489 

#Create a proxy workflow element for each LDAP server extension
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we1 \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension1 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we2 \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension2 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we3 \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension3 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we4 \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension4 

# Create a load balancing workflow element for each data center
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name LB-we1 \
  --type load-balancing \
  --set enabled:true 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name LB-we2 \
  --type load-balancing \
  --set enabled:true 

# Define the load balancing algorithm for each data center
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-algorithm \
  --element-name LB-we1 \
  --type proportional 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-algorithm \
  --element-name LB-we2 \
  --type proportional 

# Define the load balancing routes for each proxy 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we1 \
  --route-name LB-route1 \
  --type proportional \
  --set workflow-element:proxy-we1 
 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we1 \
  --route-name LB-route2 \
  --type proportional \
  --set workflow-element:proxy-we2 
 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we2 \
  --route-name LB-route3 \
  --type proportional \
  --set workflow-element:proxy-we3 
 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we2 \
  --route-name LB-route4 \
  --type proportional \
  --set workflow-element:proxy-we4 

# Set failover between the two data centers
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name FO-we \
  --type load-balancing \
  --set enabled:true 
  
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-algorithm \
  --element-name FO-we \
  --type failover 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name FO-we \
  --route-name FO-route1 \
  --type failover \
  --set workflow-element:LB-we1 \
  --set add-priority:1 \
--set bind-priority:1 \
--set compare-priority:1 \
--set delete-priority:1 \
--set extended-priority:1 \
--set modify-priority:1 \
--set modifydn-priority:1 \
--set search-priority:1 \ 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name FO-we \
  --route-name FO-route2 \
  --type failover \
  --set workflow-element:LB-we2 \
  --set add-priority:2 \
--set bind-priority:2 \
--set compare-priority:2 \
--set delete-priority:2 \
--set extended-priority:2 \
--set modify-priority:2 \
--set modifydn-priority:2 \
--set search-priority:2 \ 

# Create workflow
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow \
  --workflow-name FO-workflow \
  --set enabled:true \
  --set base-dn:dc=example,dc=com \
  --set workflow-element:FO-we 

# Create network group
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-network-group \
  --group-name network-group1 \
  --set enabled:true \
  --set workflow:FO-workflow \
  --set priority:1

25.5 Configuring Distribution with Failover Between Data Centers Example

This use case describes how to set up a failover deployment between two data centers, as presented in Section 3.2.5, "Configuration 5: Distribution with Failover Between Data Centers."

To configure distribution with failover between two data centers, use the following commands:

#Create the first failover route
#Create a proxy LDAP extension for each remote LDAP server
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension-1a \
  --set enabled:true \
  --set remote-ldap-server-address:DS1a_hostname \
  --set remote-ldap-server-port:3189 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension-2a \
  --set enabled:true \
  --set remote-ldap-server-address:DS2a_hostname \
  --set remote-ldap-server-port:3289 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension-1b \
  --set enabled:true \
  --set remote-ldap-server-address:DS1b_hostname \
  --set remote-ldap-server-port:3389 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension-2b \
  --set enabled:true \
  --set remote-ldap-server-address:DS2b_hostname \
  --set remote-ldap-server-port:3489 

#Create a proxy workflow element for each LDAP server extension
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we-1a \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension-1a 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we-2a \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension-2a 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we-1b \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension-1b 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we-2b \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension-2b 

# Create a load balancing workflow element for each data center
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name LB-we-1a \
  --type load-balancing \
  --set enabled:true 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name LB-we-1b \
  --type load-balancing \
  --set enabled:true 

# Define the load balancing algorithm for each data center
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-algorithm \
  --element-name LB-we-1a \
  --type proportional 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-algorithm \
  --element-name LB-we-1b \
  --type proportional 

# Define the load balancing routes for each proxy 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we-1a \
  --route-name LB-route-1a \
  --type proportional \
  --set workflow-element:proxy-we-1a 
 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we-1a \
  --route-name LB-route-2a \
  --type proportional \
  --set workflow-element:proxy-we-2a 
 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we-1b \
  --route-name LB-route-1b \
  --type proportional \
  --set workflow-element:proxy-we-1b 
 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we-1b \
  --route-name LB-route-2b \
  --type proportional \
  --set workflow-element:proxy-we-2b 

# Set failover between the two data centers
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name FO-we1 \
  --type load-balancing \
  --set enabled:true 
  
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-algorithm \
  --element-name FO-we1 \
  --type failover 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name FO-we1 \
  --route-name FO-route-1a \
  --type failover \
  --set workflow-element:LB-we-1a \
  --set add-priority:1 \
  --set bind-priority:1 \
  --set compare-priority:1 \
  --set delete-priority:1 \
  --set extended-priority:1 \
  --set modify-priority:1 \
  --set modifydn-priority:1 \
  --set search-priority:1  

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name FO-we1 \
  --route-name FO-route-1b \
  --type failover \
  --set workflow-element:LB-we-1b \
  --set add-priority:2 \
  --set bind-priority:2 \
  --set compare-priority:2 \
  --set delete-priority:2 \
  --set extended-priority:2 \
  --set modify-priority:2 \
  --set modifydn-priority:2 \
  --set search-priority:2  

#Create the second failover route
#Create a proxy LDAP extension for each remote LDAP server
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension-3a \
  --set enabled:true \
  --set remote-ldap-server-address:DS3a_hostname \
  --set remote-ldap-server-port:3189 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension-4a \
  --set enabled:true \
  --set remote-ldap-server-address:DS4a_hostname \
  --set remote-ldap-server-port:3289 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension-3b \
  --set enabled:true \
  --set remote-ldap-server-address:DS3b_hostname \
  --set remote-ldap-server-port:3389 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-extension \
  --type ldap-server \
  --extension-name proxy-extension-4b \
  --set enabled:true \
  --set remote-ldap-server-address:DS4b_hostname \
  --set remote-ldap-server-port:3489 

#Create a proxy workflow element for each LDAP server extension
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we-3a \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension-3a 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we-4a \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension-4a 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we-3b \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension-3b 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name proxy-we-4b \
  --type proxy-ldap \
  --set enabled:true \
  --set client-cred-mode:use-client-identity \
  --set ldap-server-extension:proxy-extension-4b 

# Create a load balancing workflow element for each data center
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name LB-we-2a \
  --type load-balancing \
  --set enabled:true 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name LB-we-2b \
  --type load-balancing \
  --set enabled:true 

# Define the load balancing algorithm for each data center
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-algorithm \
  --element-name LB-we-2a \
  --type proportional 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-algorithm \
  --element-name LB-we-2b \
  --type proportional 

# Define the load balancing routes for each proxy 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we-2a \
  --route-name LB-route-3a \
  --type proportional \
  --set workflow-element:proxy-we-3a 
 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we-2a \
  --route-name LB-route-4a \
  --type proportional \
  --set workflow-element:proxy-we-4a 
 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we-2b \
  --route-name LB-route-3b \
  --type proportional \
  --set workflow-element:proxy-we-3b 
 
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name LB-we-2b \
  --route-name LB-route-4b \
  --type proportional \
  --set workflow-element:proxy-we-4b 

# Set failover between the two data centers
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name FO-we2 \
  --type load-balancing \
  --set enabled:true 
  
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-algorithm \
  --element-name FO-we2 \
  --type failover 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name FO-we2 \
  --route-name FO-route-2a \
  --type failover \
  --set workflow-element:LB-we-2a \
  --set add-priority:1 \
  --set bind-priority:1 \
  --set compare-priority:1 \
  --set delete-priority:1 \
  --set extended-priority:1 \
  --set modify-priority:1 \
  --set modifydn-priority:1 \
  --set search-priority:1  

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-load-balancing-route \
  --element-name FO-we2 \
  --route-name FO-route-2b \
  --type failover \
  --set workflow-element:LB-we-2b \
  --set add-priority:2 \
  --set bind-priority:2 \
  --set compare-priority:2 \
  --set delete-priority:2 \
  --set extended-priority:2 \
  --set modify-priority:2 \
  --set modifydn-priority:2 \
  --set search-priority:2  

# Create distribution to the two failover routes
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow-element \
  --element-name distrib-we \
  --type distribution \
  --set base-dn:dc=example,dc=com \
  --set enabled:true 

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-distribution-algorithm \
  --element-name distrib-we \
  --type numeric \
  --set distribution-attribute:uid

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-distribution-partition \
  --element-name distrib-we \
  --partition-name distrib-part1\
  --type numeric \
  --set lower-bound:0 \
  --set upper-bound:1000 \
  --set partition-id:1 \
  --set workflow-element:FO-we1

dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-distribution-partition \
  --element-name distrib-we \
  --partition-name distrib-part2\
  --type numeric \
  --set lower-bound:1000 \
  --set upper-bound:2000 \
  --set partition-id:2 \
  --set workflow-element:FO-we2


# Create workflow
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-workflow \
  --workflow-name Distrib-workflow \
  --set enabled:true \
  --set base-dn:dc=example,dc=com \
  --set workflow-element:distrib-we 

# Create network group
dsconfig -p 4444 -h localhost -D"cn=Directory Manager" -j pwd-file -X -n \
create-network-group \
  --group-name network-group1 \
  --set enabled:true \
  --set workflow:Distrib-workflow \
  --set priority:1