4 Oracle Internet Directory Replication Management Tools
Note:
Refer Understanding Oracle Internet Directory Replication in Administering Oracle Internet Directory.
4.1 Managing Human Intervention Queue Management Tools
When a replication conflict arises, the Oracle Internet Directory replication server places the change in the retry queue and tries to apply it from there for a specified number of times.
When a replication conflict arises, the Oracle Internet Directory replication server places the change in the retry queue and tries to apply it from there for a specified number of times. If it fails after the specified number of retries, the replication server puts the change in the human intervention queue. From there, the replication server repeats the change application process at less frequent intervals while awaiting your action.
At this point, you must:
-
Examine the change in the human intervention queue.
-
Reconcile the conflicting changes using the Compare and Reconcile Tool (see Working with Oracle Internet Directory Compare and Reconcile Tool.
-
Either place the change back into the retry queue, by using
ManageHiq.retry
, or into the purge queue, by usingManageHiq.purge
.
This section describes the following topics:
Note:
The Oracle Internet Directory server parameter orclSizeLimit
, which is 1000 by default, limits the number of entries that the human intervention queue manipulation tools can process. If you have more than 1000 entries in the human intervention queue, you must increase orclSizeLimit
, or some entries will never be processed. Setting the parameter orclSizeLimit
very high impacts server performance, because orclSizeLimit
also controls the maximum number of entries to be returned by a search. The DN containing orclSizeLimit
is
cn=componentname,cn=osdldapd,cn=subconfigsubentry
4.1.1 Invoking the Human Intervention Queue Management Tools
You invoke ManageHiq.retry
and ManageHiq.purge
as PL/SQL commands at the SQL prompt.
You invoke ManageHiq.retry
and ManageHiq.purge
as PL/SQL commands at the SQL prompt, as follows:
$ sqlplus /nologSQL> connect ods; SQL> Enter password SQL> Set serveroutput ON SQL> exec ManageHiq.retry(SupplierNode, EqualChgNo, StartChgNo, EndChgNo) SQL> exit
$ sqlplus /nologSQL> connect ods; SQL> Enter password SQL> Set serveroutput ON SQL> exec (ManageHiq.purgeSupplierNode, EqualChgNo, StartChgNo, EndChgNo) SQL> exit
You must set server output ON to display the success or error message. The arguments are:
EqualChgNo–The change number to be moved to the retry queue.
StartChgNo–The starting number. All the change numbers after this should be moved to the retry queue.
EndChgNo–The ending change. All change numbers less than or equal to this change number that should be moved to the retry queue.
4.1.2 Moving the Changelogs to the Retry Queue
Move the changelog on node1, for change numbers between 300 and 1000 and supplier node2, to the retry queue
To move the changelog on node1, for change numbers between 300 and 1000 and supplier node2, to the retry queue.
exec Managehiq.retry('node2_orcl', 0, 300, 1000)
Move all the changelogs on node1 for supplier node2_orcl to the retry queue.
exec Managehiq.retry('node2_orcl', 0, 0, 0)
or
exec Managehiq.retry('node2_orcl')
4.1.3 Purging the Changelog on a Node
Purge the changelog on node1 where the change number is 2152 and the supplier is node2 (supplierNode = node2_orcl).
To purge the changelog on node1 where the change number is 2152 and the supplier is node2 (supplierNode = node2_orcl):
exec Managehiq.purge('node2_orcl', 2152)
Purge the changelog on node1 where the change number is greater than 200 and the supplier is node2_orcl.
exec Managehiq.purge('node2_orcl', 0, 200)
Or
exec Managehiq.purge('node2_orcl', 0, 200, 0)
Purge the changelog on node1 where the change number is less than 2000 and the supplier is node2_orcl.
exec Managehiq.purge('node2_orcl', 0, 0, 2000)
4.2 Working with Oracle Internet Directory Compare and Reconcile Tool
You can understand about the Oracle Internet Directory Compare and Reconcile Tool and how to perform tasks using the oidcmprec
command.
The following topics provide a contextual description and syntax of the Oracle Internet Directory Compare and Reconcile Tool:
4.2.1 Overview of the Compare and Reconcile Tool
The Compare and Reconcile Tool allows you to compare one Oracle Internet Directory with another, detect conflicts or discrepancies, and optionally resolve them.
The directories being compared can be standalone directories or part of the same replication group. You can compare two individual entries, subtrees, or entire directories. You can also compare directory schema. For more information, see in Comparing and Reconciling Inconsistent Data by Using oidcmprec in Administering Oracle Internet Directory.
Note:
-
The
oidcmprec
11g tool supports data migration from 10g to 11g. However, data migration is not supported from 11g to 10g. -
The Compare and Reconcile Tool,
oidcmprec
does not support One way or Two way Authentication and works only on the No-Authentication mode.
The oidcmprec
tool can detect and resolve the following conflict scenarios:
-
Entry only in source directory (
entos
) -
Entry only in destination directory (
entod
) -
Attribute only in source directory (
atros
) -
Attribute only in destination directory (
atrod
) -
Single-valued attribute differs (
svatrdif
) -
Multi-valued attribute differs (
mvatrdif
) -
Entry DN differs (
dndif
)
The oidcmprec
tool can also detect and resolve the following schema conflict scenarios:
-
Object class definition exists only in source directory (
odefos
) -
Object class definition exists only in destination directory (
odefod
) -
Object class definition different in source and destination directory (
odefdif
) -
Attribute definition exists only in source directory (
adefos
) -
Attribute definition exists only in destination directory (
adefod
) -
Attribute definition different in source and destination directory (
adefdif
)
For more information on the syntax and arguments of the oidcmprec
tool, see Oracle Internet Directory Compare and Reconcile Tool
4.2.2 Operating the Compare and Reconcile Tool
Using the oidcmprec
command, you can perform compare and reconcile action on individual entries, subtrees and entire directories. Apart from these, you can perform host of other actions covered in this section using the oidcmprec
command.
The following examples discuss various operations that can be performed with the oidcmprec
tool:
4.2.2.1 Comparing Individual Entries in Two Directories
This example compares the DN, "cn=Anne Smith,cn=users,dc=uk,dc=acme,dc=com"
, in the source and destination directories.
The default conflict resolution rules for the compare
operation are used. You are prompted for the source directory and destination directory passwords.
oidcmprec base="'cn=Anne Smith,cn=users,dc=uk,dc=acme,dc=com'" \ operation=compare \ source=myhost1.acme.com:3060 \ destination=myhost2.acme.com:3060 Enter replication DN password of the source directory : Enter replication DN password of the destination directory :
4.2.2.2 Reconciling Individual Entries in Two Directories
The following example compares the DN, cn=Anne Smith,cn=users,dc=uk,dc=acme,dc=com
, in the source and destination directories.
It resolves the conflicts that are detected. The default conflict resolution rules for the reconcile
operation are used.
oidcmprec base="'cn=Anne Smith,cn=users,dc=uk,dc=acme,dc=com'" \ operation=reconcile \ source=myhost1.acme.com:3060 \ destination=myhost2.acme.com:3060
4.2.2.3 Comparing Subtrees in Two Directories
This example compares the naming context, dc=com
, in the two directories. The scope
attribute has been set to subtree.
This allows the entire directory information tree (DIT) under the base
DN, dc=com
, to be compared. The threads
and dnThreads
arguments specify the number of worker threads and DN threads. The cmpres
file is used to store the report for the operation.
oidcmprec base="'dc=com'" \ operation=compare scope=subtree \ source=myhost1.mycom.com:3060 \ destination=myhost2.mycom.com:3060 \ threads=5 dnthreads=2 filename=cmpres
4.2.2.4 Reconciling Subtrees in Two Directories
The following example performs the reconcile operation on two subtrees namely, dc=com
and dc=org
.
The dns2exclude
argument is used to exclude the c=us,dc=mycom,dc=com
and c=uk,dc=myorg,dc=org
subtrees from the operation.
oidcmprec base="'dc=com' 'dc=org'" \ dns2exclude="'c=us,dc=mycom,dc=com' 'c=uk,dc=myorg,dc=org'" operation=reconcile scope=subtree \ source=myhost1.mycom.com:3060 \ destination=myhost2.mycom.com:3060 \
4.2.2.5 Comparing Entire Directories
The following example compares a directory residing on host1
with another directory residing on host2
.
The base
argument is set to " " and the scope
argument is set to subtree.
oidcmprec operation=compare source=host1:3060 \ destination=host2:3070 \ base="' '" scope=subtree
Note:
When you compare entire directories, the following DNs and their subtrees are excluded:
-
root DSE entry
-
cn=auditlog
-
cn=baseschema
-
cn=catalogs
-
cn=events
-
cn=oracle internet directory
-
cn=replication configuration
-
cn=server configuration
-
cn=subconfigsubentry
-
cn=subregistrysubentry
-
cn=subschemasubentry
You can include these entries by specifying them explicitly in the base argument.
4.2.2.6 Reconciling Entire Directories
The following example reconciles a directory residing on myhost1
with another directory residing on myhost2
.
Entire directories are compared except the DN, c=us,dc=mycom,dc=com.
oidcmprec base="' '" \ dns2exclude="'c=us,dc=mycom,dc=com'" operation=reconcile scope=subtree \ source=myhost1.mycom.com:3060 \ destination=myhost2.mycom.com:3060 \ threads=5 dnthreads=2 file=cmpres
4.2.2.7 Performing User-Defined Compare and Reconcile Operations
This example makes use of user-defined values for the -entos
, -entod
, -atros
, -svatrdif
, -mvatrdif
, and -dndif
arguments.
This example makes use of user-defined values for the -entos
, -entod
, -atros
, -svatrdif
, -mvatrdif
, and -dndif
arguments. Conflict resolution arguments not specified on the command line, like -atrod
, are set to ignore
.
oidcmprec operation=userdefinedcr scope=subtree \ base="'dc=com' 'dc=org'" \ source=myhost1.mycom.com:3060 \ destination=myhost2.mycom.com:3060 \ entos=add entod=ignore atros=add \ svatrdif=usesrc mvatrdif=usesrc dndif=ignore \ threads=5 dnthreads=2 file=myreconcile
4.2.2.8 Merging Two Directories
This example synchronizes the dc=com
subtree in two directories.
The merge operation updates both the source and destination directories.
oidcmprec operation=merge scope=subtree base="'dc=com'" \ source=myhost1.mycom.com:3060 \ destination=myhost2.mycom.com:3060 \ file=merge
4.2.2.9 Including and Excluding Attributes
The following example performs a compare
operation.
This uses the exclattr
argument to exclude the orclguid
, category
, userpassword
, and authpassword
attributes. The example makes use of wildcard pattern matching to exclude the authpassword
attribute subtypes.
oidcmprec operation=compare scope=subtree base="'dc=com' 'dc=org'" \ source=myhost1.mycom.com:3060 \ destination=myhost2.mycom.com:3060 \ exclattr="userpassword authpassword authpassword;* orclguid category" threads=5 dnthreads=2 file=compare
The following example makes use of the inclattr
argument to include the userpassword
, cn
, sn
givenname
, and mail
attributes.
oidcmprec operation=compare scope=subtree base="'dc=com'" \ source=myhost1.mycom.com:3060 \ destination=myhost2.mycom.com:3060 \ inclattr="userpassword cn sn givenname mail" file=cmpr
The following example includes all attributes for the compare operation except orclguid
, creatorsname
, and modifiersname
attributes.
oidcmprec operation=compare scope=subtree base="'dc=com'" \ source=myhost1.mycom.com:3060 \ destination=myhost2.mycom.com:3060 \ inclattr="*" exclattr="orclguid creatorsname modifiersname" file=compare
4.2.2.10 Using a Filter
The following example restricts the comparison to entries that match the filter (cn=*)
.
The following example restricts the comparison to entries that match the filter (cn=*)
.
oidcmprec source=stadd54:3060 destination=stadd54:3060 \ base="' '" scope=sub operation=compare file=test \ filter="'(cn=*)'"
4.2.2.11 Overriding Default Conflict Resolution Rules
This example performs a compare operation on two directories. It overrides the default conflict resolution rules used for the dndif
and mvatrdif
arguments. The conflict resolution rule for these arguments is set to ignore
.
Execute the following command:
oidcmprec source=host1:3060 destination=host2:3070 \ base="' '" scope=subtree file=temp operation=compare \ dndif=ignore mvatrdif=ignore
4.2.2.12 Using a Parameter File
This example performs a compare
operation on two directories. It uses a parameter file, comp_param
to specify command-line arguments.
The dnThreads
argument is specified both in the file and at the command line. The command-line value of dnThreads
overrides the value specified in the parameter file.
oidcmprec paramfile=comp_param dnthreads=3
The following displays the parameter file that is used:
############################################# #Parameter file for compare and reconcile tool #Creator : John #Date : 21-Mar-2006 #File Name : comp_param ############################################# operation=compare source=staqj13:3060 destination=staqj13:3070 base="cn=oraclecontext" base="c=uk,dc=mycom,dc=com" base="c=us,dc=mycom,dc=com" verbose=false force=true threads=6 dnthreads=2 exclattr="orclguid userpassword authpassword authpassword;*" filename=cmp2006Feb01
4.2.2.13 Using a Parameter File in XML Format
This example performs a compare
operation on two directories.
Execute the following command:
oidcmprec xmlParameterFile=param.xml
The following is an example of an XML parameter file:
<?xml version="1.0" standalone="yes" ?> - <input> <operation>compare</operation> - <source> <host>stadd54</host> <port>3060</port> <binddn>cn=orcladmin</binddn> <password>source-password</password> <isSSLPort>false</isSSLPort> </source> - <destination> <host>stadd54</host> <port>3060</port> <binddn>cn=orcladmin</binddn> <password>destination-password</password> <isSSLPort>true</isSSLPort> </destination> <base> <dn>dc=myhost,dc=example,dc=com</dn> <dn>cn=OracleSchemaVersion</dn> </base> <dns2exclude> <dn>cn=test instance,cn=oraclecontext</dn> <dn>ou=support,o=us</dn> </dns2exclude> <scope>subtree</scope> <filter /> <threads>1</threads> <dnthreads>1</dnthreads> <inclattr /> <exclattr> <attribute>orclguid</attribute> <attribute>userpassword</attribute> <attribute>authpassword</attribute> </exclattr> <compareby>tool</compareby> <filename>test</filename> <genchglog>default</genchglog> <force>true</force> <verbose>false</verbose> <contonerr>true</contonerr> - <!-- <entod>ignore</entod> <entos>ignore</entos> <atros>ignore</atros> <atrod>ignore</atrod> <svatrdif>ignore</svatrdif> <mvatrdif>ignore</mvatrdif> <dndif>ignore</dndif> <adefos>ignore</adefos> <adefod>ignore</adefod> <adefdif>ignore</adefdif> <odefos>ignore</odefos> <odefod>ignore</odefod> <odefdif>ignore</odefdif> --> </input>
Substitute the password for password
in the example. Because the file contains a password, ensure that it is not readable by unauthorized users.
4.2.2.14 Generating Change Logs
The following example uses the genchglog
argument to ensure that change logs are generated for the operation.
When genchglog
is set to true
, change logs are generated at both the source and destination directories.
oidcmprec operation=merge scope=subtree base="'dc=com'" \ source=myhost1.mycom.com:3060 \ destination=myhost2.mycom.com:3060 \ inclattr="*" exclattr="orclguid creatorsname modifiersname" file=merge genchglog=true
4.2.2.15 Performing Directory Schema Operations
The following example includes the schema for the selected operation by adding the cn=subschemasubentry
DN to the base
argument.
The following example includes the schema for the selected operation by adding the cn=subschemasubentry
DN to the base
argument.
oidcmprec operation=merge scope=subtree \ base="'dc=com' 'cn=subschemasubentry'" \ source=myhost1.mycom.com:3060 \ destination=myhost2.mycom.com:3060 \ inclattr="*" exclattr="orclguid creatorsname modifiersname" \ file=merge genchglog=false
4.3 Oracle Internet Directory Compare and Reconcile Tool
"oidcmprec" includes the syntax and arguments of the Oracle Internet Directory Compare and Reconcile Tool.
4.3.1 oidcmprec
Understand about the syntax and arguments of the Oracle Internet Directory Compare and Reconcile Tool. You can use the oidcmprec
tool to compare and reconcile attribute values, and merge attribute values between source and destination directories. To use this command, you need to provide the arguments, source, destination and base values as a mandatory parameters. Learn about the various optional parameters which offer different functionalities.
Note:
The Compare and Reconcile Tool,oidcmprec
does not support One way or Two way Authentication and works only on the No-Authentication mode.
Syntax
oidcmprec operation=compare | reconcile | merge | merge_dryrun |userdefinedcr source=host:port destination=host:port base="'dn1' 'dn2' 'dn3' ..." [ ssslport=true | false ] [ dsslport=true | false ] [ dns2exclude="'edn1' 'edn2' 'edn3' ..."] [ scope=base | subtree | onelevel ] [ filter=filter_that_conforms_to_RFC_2254] [ threads=number_of_worker_threads ] [ dnthreads=number_of_dn_threads ] [ exclattr=space_separated_list_of_attributes_to_be_excluded | inclattr=space_separated_list_of_attributes_to_be_included ] [ compareby=tool | ldapserver ] [ filename=file_name_without_extension_to_store_compare_report] [ genchglog=d[efault] | t[rue] | f[alse] ] [ reconaver=t[rue] | f[alse]] [ verbose=t[rue] | f[alse] ] [ force=t[rue] | f[alse] ] [ contonerr = t[rue] | f[alse] [ logrpt = t[rue] | f[alse] [ logs2d = t[rue] | f[alse] [ logd2s = t[rue] | f[alse] [ logeos = t[rue] | f[alse] [ logeod = t[rue] | f[alse] [ logdif = t[rue] | f[alse] [ logerr = t[rue] | f[alse] [ qlogfreq=frequency ] [ help=t[rue] | f[alse] ] sbinddn='("dn")' dbinddn='("dn")' [schemafile=<Schema_filename for compare/merge/userdefinedcr against destination schema>] [ entos=ignore | add | del | log2add | log2del | log ] [ entod=ignore | add | del | log2add | log2del | log ] [ atros=ignore | add | del | log2add | log2del | usenewer | log2usenewer | useolder | log2useolder | usesmallguid | log2usesmallguid | usebigguid | log2usebigguid | log ] [ atrod=ignore | add | del | log2add | log2del | usenewer | log2usenewer | useolder | log2useolder | usesmallguid | log2usesmallguid | usebigguid | log2usebigguid | log ] [ svatrdif=ignore | usesrc | log2usesrc | usedest | log2usedest | usenewer | log2usenewer | useolder | log2useolder | usesmallguid | log2usesmallguid | usebigguid | log2usebigguid | log ] [ mvatrdif=ignore | usesrc | log2usesrc | usedest | log2usedest | merge | log2merge | usenewer | log2usenewer | useolder | log2useolder | usesmallguid | log2usesmallguid | usebigguid | log2usebigguid | log ] [ dndif=ignore | usesrc | log2usesrc | usedest | log2usedest | log ] [ odefos=ignore | add | log2add | del | log2del | log ] [ odefod=ignore | add | log2add | del | log2del | log ] [ odefdif=ignore | usesrc | log2usesrc | usedest | log2usedest | merge | log2merge | log ] [ adefos=ignore | add | log2add | del | log2del | log ] [ adefod=ignore | add | log2add | del | log2del | log ] [ adefdif=ignore | usesrc | log2usesrc | usedest | log2usedest | log ]
oidcmprec paramfile=file_containing_parameters]
oidcmprec [ xmlparamfile=file_containing_parameters_in_XML_format]
Arguments
operation=compare | reconcile | merge | merge_dryrun | userdefinedcr
Required. The operation
to perform. The operation
argument can take the following values:
-
compare
: Compares the two directories, reports conflicts, and logs the changes that must be applied to the destination directory to resolve conflicts. -
reconcile
: Compares the two directories, resolves conflicts, and logs the changes applied to the destination directory to resolve conflicts. -
merge
: Compares the two directories and synchronizes them, updates both the source and destination directories. The source directory wins in case of a conflict. -
merge_dryrun
: Performs a dry run of the merge operation. Logs all changes that must be made to synchronize the source and destination directories. -
userdefinedcr
: Performs a user-definedcompare
andreconcile
operation. Allows the user to choose the conflict resolution rules.
By default, the oidcmprec
tool excludes operational attributes during comparison.That is, oidcmprec
does not compare the operational attributes values in source and destination directory entries. During reconciliation of user defined attributes however, operational attributes might be changed.
source=host:port
Required. The connection string used to bind to the source Oracle Internet Directory node. You are prompted for the replication DN password. If you do not supply the hostname or port information on the command-line, the tool prompts you for the information. The connection string is composed of the following elements:
-
The host name of the directory server that acts as the source directory
-
The LDAP listening port of the directory server
destination=host:port
Required. The connection string used to bind to the source Oracle Internet Directory node. You are prompted for the replication DN password. If you do not supply the hostname or port information on the command-line, the tool prompts you for the information. The connection string is composed of the following elements:
-
The host name of the directory server that acts as the destination directory
-
The LDAP listening port of the directory server
base=" 'dn1' 'dn2' 'dn3'..."
Required. Specifies the Distinguished Names (DNs) from where the comparison operation begins. The scope
argument determines if child entries and subtrees of the base DNs would be compared as well.
ssslport=true | false
Optional. Specifies whether the source directory port is SSL or not. The default value is false
. To specify this in an XML parameter file, use the isSSLPort
parameter. See the example in Using a Parameter File in XML Format.
dsslport=true | false
Optional. Specifies whether the destination port is SSL or not. The default value is false
. To specify this in an XML parameter file, use the isSSLPort
parameter. See the example in Using a Parameter File in XML Format.
dns2exclude=" 'edn1' 'edn2' 'edn3'..."
Optional. Specifies DNs that are to be excluded from the comparison operation. These DNs must be child entries or subtrees of the DNs specified in the base
argument.
scope=base | subtree | onelevel
Optional. Specifies whether the child entries and subtrees of a base DN are also compared. The scope
argument can take the following values:
-
base
: Only the DNs specified in thebase
argument are compared. This is the default value. -
subtree
: Directory information trees (DITs) identified by the DNs specified in thebase
argument are compared. -
onelevel
: Only the immediate children of the DNs specified in thebase
argument are compared.
filter=filter_that_conforms_to_RFC_2254
Optional. Only the entries that match the filter conditions are compared. The filter must be in the same format you would specify for ldapsearch
. That is, it must conform to RFC 2254.
threads=number_of_worker_threads
Optional. Specifies the number of worker threads that should be created. Worker threads are responsible for comparing entries, and reconciling the differences. One worker thread is created, by default.
If the scope
is base
, then the threads
argument is ignored and it spawns one worker thread and one DN thread.
dnthreads=number_of_dn_threads
Optional. Specifies the number of DN threads that should be created. DN threads are responsible for collecting all DNs that must be compared.
One DN thread is created, by default. The total number of DN threads and worker threads cannot exceed "6 * Number of CPUs - 2". If the total number of DN threads and worker threads exceeds the maximum value, the tool reduces both values proportionately to "6 * Number of CPUs - 2".
exclattr=space_separated_list_of_attributes_to_be_excluded | inclattr=space_separated_list_of_attributes_to_be_included
Optional. Specifies the list of attributes to be excluded or included for comparison. You can either specify a list of attributes to be excluded, using exclattrclattr
, or specify a list of attributes to be included, using inclattr
.
All attributes are included by default, except the following operational attributes:
-
creatorsname
-
createtimestamp
-
modifiersname
-
modifytimestamp
-
orclentrydn
-
orclnormdn
Note:
-
The
exclattr
andinclattr
attributes cannot be used together, except when you use "*" forinclattr
. -
By default, the
oidcmprec
tool excludes operational attributes during comparison.That is,oidcmprec
does not compare the operational attributes values in source and destination directory entries. During reconciliation of user defined attributes however, operational attributes might be changed.
The option allows limited pattern matching. You can use attributename
*
to match all attributes starting with attributename
. You can also use attributename
;*
to match all subtypes of attributename
.
compareby=tool | ldapserver
Optional. Specifies whether the compare
operation is performed by the tool
or ldapserver
. A compare
operation performed by the tool
is several times faster than a compare
operation performed by ldapserver
. The default value is tool
.
filename=file_name
Optional. Specifies a base name for the report files that would be generated by the tool. Do not specify an extension with the file name. The tool generates the following files:
-
file_name
.rpt
: This file contains the DNs of all entries compared and the compare results. This file is known as therpt
file. -
file_name
.s2d.ldif
: This file contains all changes that were applied (or to be applied) to the destination directory.s2d
stands for source directory to destination directory. This file is known as thes2d
file. -
file_name
.d2s.ldif
: This file contains all changes that were applied (or to be applied) to the source directory.d2s
stands for destination directory to source directory. This file is known as thed2s
file. -
file_name
.eos.rpt
: This file lists DNs of entries that exist only in the source directory.eos
stands for entries available only in the source directory. This file is known as theeos
file. -
file_name
.eod.rpt
: This file lists DNs of entries that exist only in the destination directory.eod
stands for entries available only in the destination directory. This file is known as theeod
file. -
file_name
.dif.rpt
: This file lists the DNs that are different in the source and destination directories along with the names of the DN attributes that differ. This file is known as thedif
file. -
file_name
.err
: This file contains all the error messages. It is known as theerr
file.
genchglog=d[efault] | t[rue] | f[alse]
Optional. Determines whether a change log is created for the changes made by the oidcmprec
tool. The genchglog
argument can have the following values:
-
default
: The OID server settings decide whether a change log is generated or not. Change logs are generated if the root entry'sorcldiprepository
attribute is set totrue
. A value offalse
means that change logs are not generated. The same rule applies for both the source and destination directories.default
is the default value forgechglog
. -
true
: Change logs are always generated irrespective of the settings on the source and destination directories. -
false
: Change logs are never generated irrespective of the settings on the source and destination directories.
reconaver=t[rue] | f[alse]
Optional. Determines whether attribute version reconciliation support is provided. The default value is false. Source and destination directory versions must be greater than 11.1.1.0.0 or directories must have the appropriate patch.
verbose=t[rue] | f[alse]
Optional. Determines whether the rpt
file is shown on the screen. The default value is false
. When set to true
, verbose
displays the report file on the screen as it is generated. When verbose
is set to false
, the tool shows its progress on the screen by displaying the count of entries it has processed.
force=t[rue] | f[alse]
Optional. Determines whether the tool prompts the user for confirmation before performing the specified operation. The default value is false
. When set to true
, the tool does not prompt the user for confirmation before performing the specified operation.
contonerr=t[rue] | f[alse]
Optional. Determines whether the tool shall continue when it encounters an error. The contonerr
argument can have the following values:
-
true
: The tool continues to process other entries even if there is an error. This is the default value forcontonerr
. -
false
: The tool stops if it encounters an error.
Note:
If the tool encounters a critical error, it stops irrespective of the value passed to contonerr
.
logrpt=t[rue] | f[alse]
Optional. Controls whether the tool generates the file_name
.rpt
file. The logrpt argument can have the following values:
-
true
: The tool generates the file. This is the default. -
false
: The tool does not generate the file.
logs2d=t[rue] | f[alse]
Optional. Controls whether the tool generates the file_name
.s2d.ldif
file. The logs2d argument can have the following values:
-
true
: The tool generates the file. This is the default. -
false
: The tool does not generate the file.
logd2s=t[rue] | f[alse]
Optional. Controls whether the tool generates the file_name
.d2s.ldif
file. The logs2d argument can have the following values:
-
true
: The tool generates the file. This is the default. -
false
: The tool does not generate the file.
logeos=t[rue] | f[alse]
Optional. Controls whether the tool generates the file_name
.eos.rpt
file. The logeos argument can have the following values:
-
true
: The tool generates the file. This is the default. -
false
: The tool does not generate the file.
logeod=t[rue] | f[alse]
Optional. Controls whether the tool generates the file_name
.eod.rpt
file. The logeod argument can have the following values:
-
true
: The tool generates the file. This is the default. -
false
: The tool does not generate the file.
logdif=t[rue] | f[alse]
Optional. Controls whether the tool generates the file_name
.dif.rpt
file. The logdif argument can have the following values:
-
true
: The tool generates the file. This is the default. -
false
: The tool does not generate the file.
logerr=t[rue] | f[alse]
Optional. Controls whether the tool generates the file_name
.err
file. The logdif argument can have the following values:
-
true
: The tool generates the file. This is the default. -
false
: The tool does not generate the file.
qlogfreq=frequency
Optional. The tool can dump the total number of entries loaded by the tool in memory and the number of entries in each of oidcmprec
's various queues. The entry counts are logged in the file oidcmprec.log
. Use the qlogfreq
argument to specify how frequently oidcmprec
logs this information. Possible values are from 1 to 5000. The lower the value, the shorter the interval. For frequent entry counts, use a value between 5 and 10.
help=t[rue] | f[alse]
Optional. When set to true
, the tool displays help on the oidcmprec
command. The default value is false
.
sbinddn='("dn")'
Optional. Specifies the DN to bind with the source directory. This argument is used if Oracle Virtual Directory is the source.
dbinddn='("dn")'
Optional. Specifies the DN to bind with the destination directory. This argument is used if Oracle Virtual Directory is the destination.
entos=ignore | add | del | log2add | log2del | log
Optional. Specifies the conflict resolution rule to use in case an entry exists only in the source directory. The following values are allowed:
-
ignore
: Ignore the conflict and take no action -
add
: Add the entry to the peer directory -
del
: Delete the entry from the directory -
log2add
: Same asadd
except that the change is logged to an LDIF file and not directly effected in the peer directory -
log2del
: Same asdel
except that the change is logged to an LDIF file and not directly effected in the directory -
log
: Log the conflict in the report file and take no other action
The default value depends on the operation specified. Table 4-1 shows the default values of the entos
argument, corresponding to the operations specified.
Table 4-1 Default Values for the entos Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
entod=ignore | add | del | log2add | log2del | log
Optional. Specifies the conflict resolution rule to use in case an entry exists only in the destination directory. The values allowed are the same as the entos
argument.
The default value depends on the operation specified. Table 4-2 shows the default values of the entod
argument, corresponding to the operations specified.
Table 4-2 Default Values for the entod Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
atros=ignore | add | del | log2add | log2del | usenewer | log2usenewer | useolder | log2useolder | usesmallguid | log2usesmallguid | usebigguid | log2usebigguid | log
Optional. Specifies the conflict resolution rule to use in case an attribute exists only in the source directory. The following values are allowed:
-
ignore
: Ignore the conflict and take no action -
add
: Add the attribute to the corresponding entry in the peer directory -
del
: Delete the attribute from the directory -
log2add
: Same asadd
, except that the change is logged into an LDIF file and not directly effected in the peer directory. -
log2del
: Same asdel
except that the change is logged into an LDIF file and not directly effected in the directory. -
usenewer
: Check themodifytimestamp
value to determine if the attribute should be deleted from the directory or added to the peer directory. The directory with the newermodifytimestamp
value wins. If themodifytimestamp
values are the same, then the source directory wins. -
log2usenewer
: Same asusenewer
except that the change is logged into an LDIF file and not directly effected in the directory. -
useolder
: Check themodifytimestamp
value to determine if the attribute should be deleted from the directory or added to the peer directory. The directory with the oldermodifytimestamp
value wins. If themodifytimestamp
values are the same, then the source directory wins. -
log2useolder
: Same asuseolder
except that the change is logged to an LDIF file and not directly effected in the directory. -
usesmallguid
: Check theGUID
value to determine if the attribute should be deleted from the directory or added to the peer directory. The directory with the smallerGUID
value wins. TheGUID
values would be the same in the same replication group. This rule is intended for non replication environments. If theGUID
values are the same in both directories, then the source directory wins. -
log2usesmallguid
: Same asusesmallguid
except that the change is logged into an LDIF file and not directly effected in the directory. -
usebigguid
: Check theGUID
value to determine if the attribute should be deleted from the directory or added to the peer directory. The directory with the biggerGUID
value wins. TheGUID
values would be the same in the same replication group. This rule is intended for non replication environments. If theGUID
values are the same in both directories, then the source directory wins. -
log2usebigguid
: Same asusebigguid
except that the change is logged into an LDIF file and not directly effected in the directory. -
log
: Log the conflict in the report file and take no other action.
The default value depends on the operation specified. Table 4-3 shows the default values of the atros
argument, corresponding to the operations specified.
Table 4-3 Default Values for the atros Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
atrod=ignore | add | del | log2add | log2del | usenewer | log2usenewer | useolder | log2useolder | usesmallguid | log2usesmallguid | usebigguid | log2usebigguid | log
Optional. Specifies the conflict resolution rule to use in case an attribute exists only in the destination directory. The values allowed are the same as the atros
argument.
The default value depends on the operation specified. Table 4-4 shows the default values of the atrod
argument, corresponding to the operations specified.
Table 4-4 Default Values for the atrod Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
svatrdif=ignore | usesrc | log2usesrc | usedest | log2usedest | usenewer | log2usenewer | useolder | log2useolder | usesmallguid | log2usesmallguid | usebigguid | log2usebigguid | log
Optional. Specifies the conflict resolution rule to use when a single-valued attribute for an entry is different in the two directories. The following values are allowed for the svatrdif
argument:
-
ignore
: Ignore the conflict and take no action -
usesrc
: Replace the value of the attribute in the destination directory with the value of the attribute in the source directory -
log2usesrc
: Same asusesrc
, except that the change is logged into an LDIF file and not directly effected in the destination directory -
usedest
: Replace the value of the attribute in the source directory with the value of the attribute in the destination directory -
log2usedest
: Same asusedest
except that the change is logged into an LDIF file and not directly effected in the source directory -
usenewer
: If themodifystamp
value of the attribute in the source directory is newer than the destination directory, then update the attribute value in the destination directory. If themodifystamp
value of the attribute in the destination directory is newer, then change the attribute value in the source directory. If themodifystamp
values in both directories are the same, then the source directory wins. -
log2usenewer
: Same asusenewer
except that the change is logged into an LDIF file and not directly effected in the directory. -
useolder
: If themodifystamp
value of the attribute in the source directory is older than the destination directory, then update the attribute value in the destination directory. If themodifystamp
value of the attribute in the destination directory is older, then change the attribute value in the source directory. If themodifystamp
values in both directories are the same, then the source directory wins. -
log2useolder
: Same asuseolder
except that the change is logged into an LDIF file and not directly effected in the directory. -
usesmallguid
: If the source directory entry'sGUID
is smaller than the destination directory entry'sGUID
, then update the attribute in the destination directory. If the destination directory entry'sGUID
is smaller, then update the attribute in the source directory. If theGUID
values are the same, then the source directory wins. This rule is meant for nonreplication environments, as theGUID
values would be the same in the same replication group. -
log2usesmallguid
: Same asusesmallguid
except that the change is logged into an LDIF file and not directly effected in the directory. -
usebigguid
: If the source directory entry'sGUID
is bigger than the destination directory entry'sGUID
, then update the attribute in the destination directory. If the destination directory entry'sGUID
is bigger, then update the attribute in the source directory. If the GUID values are the same, then the source directory wins. This rule is meant for nonreplication environments, as theGUID
values would be the same in the same replication group. -
log2usebigguid
: Same asusebigguid
except that the change is logged into an LDIF file and not directly effected in the directory. -
log
: Log the conflict in the report file and take no other action
The default value depends on the operation specified. Table 4-5 shows the default values of the svatrdif
argument, corresponding to the operations specified.
Table 4-5 Default Values for the svatrdif Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
mvatrdif=ignore | usesrc | log2usesrc | usedest | log2usedest | merge | log2merge | usenewer | log2usenewer | useolder | log2useolder | usesmallguid | log2usesmallguid | usebigguid | log2usebigguid | log
Optional. Specifies the conflict resolution rule to use when a multivalued attribute for an entry is different in the two directories. The values allowed are the same as the svatrdif
argument. This argument also has other values that do not exist for the svatrdif
argument. The following are values specific to the mvatrdif
argument:
-
merge
: The missing attribute values in the destination directory are added from the source directory and those missing in the source directory are added from the destination directory. -
log2merge
: Same asmerge
except that the changes are logged into an LDIF file and not directly effected in the directory.
The default value depends on the operation specified. Table 4-6 shows the default values of the mvatrdif
argument, corresponding to the operations specified.
Table 4-6 Default Values for the mvatrdif Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
dndif=ignore | usesrc | log2usesrc | usedest | log2usedest | log
Optional. Specifies the conflict resolution rule to use when an entry has different DNs in the source and destination directories. The following values are allowed for the dndif
argument:
-
ignore
: Ignore the conflict and take no action -
usesrc
: Change the DN of the entry in the destination directory to that of the source directory -
log2usesrc
: Same asusesrc
except that the change is logged into an LDIF file, and not directly effected in the destination directory -
usedest
: Change the DN of the entry in the source directory to that of the destination directory -
log2usedest
: Same as usedest except that the change is logged into an LDIF file, and not directly effected in the source directory
The default value depends on the operation specified. Table 4-7 shows the default values of the mvatrdif
argument, corresponding to the operations specified.
Table 4-7 Default Values for the mvatrdif Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
odefos=ignore | add | log2add | del | log2del | log
Optional. Specifies the conflict resolution rule to use when an object class definition exists only in the source directory. The following values are allowed for the odefos
argument:
-
ignore
: Ignore the conflict and do not take any action -
add
: Add the object class definition to the peer directory -
log2add
: Same asadd
except that the changes are logged into an LDIF file and not directly effected in the directory. -
del
: Delete the object class definition from the directory -
log2del
: Same asdel
except that the changes are logged into an LDIF file and not directly effected in the directory -
log
: Log the conflict in the report file and take no other action
The default value depends on the operation specified. Table 4-8 shows the default values of the odefos
argument, corresponding to the operations specified.
Table 4-8 Default Values for the odefos Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
odefod=ignore | add | log2add | del | log2del | log
Optional. Specifies the conflict resolution rule to use when an object class definition exists only in the destination directory. The values allowed for the odefod
argument are the same as the odefos
argument.
The default value depends on the operation specified. Table 4-9 shows the default values of the odefod
argument, corresponding to the operations specified.
Table 4-9 Default Values for the odefod Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
odefdif=ignore | usesrc | log2usesrc | usedest | log2usedest | merge | log2merge | log
Optional. Specifies the conflict resolution rule to use when an object class definition is different in the source and destination directories. The following values are allowed for the odefdif
argument:
-
ignore
: Ignore the conflict and take no action -
usesrc
: Replace the object class definition in the destination directory with the object class definition in the source directory -
log2usesrc
: Same asusesrc
except that the changes are logged in an LDIF file and not directly effected in the destination directory -
usedest
: Replace the object class definition in the source directory with the object class definition in the destination directory -
log2usedest
: Same asusedest
except that the changes are logged in an LDIF file and not directly effected in the source directory -
merge
: Merge the object class definitions. This involves adding optional and mandatory attributes available in one directory to the other directory -
log2merge
: Same as merge except that the changes are logged into an LDIF file and not directly effected in the directory -
log
: Log the conflicts in the report file and take no other action
The default value depends on the operation specified. Table 4-10 shows the default values of the odefdif
argument, corresponding to the operation specified.
Table 4-10 Default Values for the odefdif Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
adefos=ignore | add | log2add | del | log2del | log
Optional. Specifies the conflict resolution rule to use when an attribute definition exists only in the source directory. The following values are allowed for the adefos
argument:
-
ignore
: Ignore the conflict and do not take any action -
add
: Add the attribute definition to the peer directory -
log2add
: Same as add except that the changes are logged into an LDIF file and not directly effected in the directory. -
del
: Delete the attribute definition from the directory -
log2del
: Same as del except that the changes are logged into an LDIF file and not directly effected in the directory -
log
: Log the conflict in the report file and take no other action
The default value depends on the operation specified. Table 4-11 shows the default values of the adefos
argument, corresponding to the operation specified.
Table 4-11 Default Values for the adefos Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
adefod=ignore | add | log2add | del | log2del | log
Optional. Specifies the conflict resolution rule to use when an attribute definition exists only in the destination directory. The values allowed for the adefod
argument are the same as the adefos
argument.
The default value depends on the operation specified. Table 4-12 shows the default values of the adefod
argument, corresponding to the operation specified.
Table 4-12 Default Values for the adefod Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
adefdif=ignore | usesrc | log2usesrc | usedest | log2usedest | log
Optional. Specifies the conflict resolution rule to use when an attribute definition is different in the source and destination directories. The following values are allowed for the adefdif
argument:
-
ignore
: Ignore the conflict and take no action -
usesrc
: Replace the attribute definition in the destination directory with the attribute definition in the source directory -
log2usesrc
: Same asusesrc
except that the changes are logged in an LDIF file and not directly effected in the destination directory -
usedest
: Replace the attribute definition in the source directory with the attribute definition in the destination directory -
log2usedest
: Same asusedest
except that the changes are logged in an LDIF file and not directly effected in the source directory -
log
: Log the conflicts in the report file and take no other action
The default value depends on the operation specified. Table 4-13 shows the default values of the adefdif
argument, corresponding to the operation specified.
Table 4-13 Default Values for the adefdif Argument
Operation | Default Value |
---|---|
|
|
|
|
|
|
|
|
|
|
paramfile=filename_that_contains_the_above_parameters
Optional. Specifies a parameter file to supply argument values. A parameter file can be used to supply arguments that are normally entered at the command line. The file should contain argument=
value
pairs either separated by whitespace characters or entered on separate lines. If an argument is contained in the parameter file and also supplied through the command line, then the command line value overrides the parameter file value for that argument.
xmlParamFile=file_containing_parameters_in_XML_format
Optional. Specifies an XML parameter file to supply argument values. If an argument is contained in the parameter file and also supplied through the command line, then the command line value overrides the parameter file value for that argument.
4.4 Replication Environment Management Tool
You can use the remtool
and its arguments to perform various operations.
"remtool" includes the syntax and arguments of the Replication Environment Management Tool.
The Replication Environment Management Tool includes the following operations:
4.4.1 remtool
Learn about the remtool
syntax and the various command-specific syntax, arguments, and usage.
Syntax
The remtool syntax is as follows:
remtool operation [connection_argument] [-v]
operation := { -paddnode | -pdelnode | -pcleanup | -pchgpwd | -pdisplay | -pchgmaster [ -multimaster]| -pchgwalpwd | -pdispqstat | -pverify | -presetpwd | -psuspendrepl -fromnode host1:port1 [-tonode host2:port2] | -presumerepl -fromnode host1:port1 [-tonode host2:port2]| -pthput [-interval time_in_seconds] [-file filename] }
connection_argument := { -bind supplier_hostname:ldap_port }
Arguments
operation
Required. The name of the operation to perform using remtool
. See the appropriate operation documentation for command-specific syntax, arguments, and usage. The following operations are available:
-
-paddnode
- Adds a partial replica to an LDAP-based DRG. See "-paddnode" for more information about this operation. -
-pdelnode
- Deletes a partial replica from an LDAP-based DRG. See "-pdelnode" for more information about this operation. -
-pcleanup
- Cleans up the partial replication setup of an LDAP-based DRG. See "-pcleanup" for more information about this operation. -
-pchgpwd
- Changes the password of a replication DN for a replica in an LDAP-based DRG. See "-pchgpwd" for more information about this operation. -
-pdisplay
- Displays all replica details in a partial replication group. See "-pdisplay" for more information about this operation. -
pchgmaster
- Breaks agreement with an old LDAP-based supplier (master copy of the naming context) and reestablishes agreement with a new supplier. See "-pchgmaster" for more information about this operation. -
-pchgwalpwd
- Changes the wallet password of a replication DN for a replica in an LDAP-based DRG. See "-pchgwalpwd" for more information about this operation. -
-pdispqstat
- Displays the queue statistics for a directory replication group (DRG) that uses LDAP-based replication. See "-pdispqstat" for more information about this operation. -
-pverify
- Verifies the replication configuration for a DRG node that uses LDAP-based replication. See "-pverify" for more information about this operation. -
-presetpwd
- Resets the password of a replication DN for a replica in an LDAP-based DRG. See "-presetpwd" for more information about this operation. -
-pilotreplica
- Begins or ends pilot mode for a replica. See "-pilotreplica" for more information about this operation. -
-backupmetadata
- Adds the metadata of a pilot replica to a master replica or backs up the metadata of a pilot replica into a file. This operation must be executed at the pilot replica. See "-backupmetadata" for more information about this operation. -
-psuspendrepl -fromnode
host1
:
port1
[-tonode
host2
:
port2
] - Only used during rolling upgrade. For more information, see the appendix in Performing a Rolling Upgrade in Administering Oracle Internet Directory. -
-presumerepl -fromnode
host1
:
port1
[-tonode
host2
:
port2
] - Only used during rolling upgrade. For more information, see the appendix in Performing a Rolling Upgrade in Administering Oracle Internet Directory. -
-pthput
[-interval
time_in_seconds
] [-file
filename
] - Enables you to monitor replication progress in a directory replication group. See "-pthput" for more information.
connection_argument
The connection information to be supplied to remtool
. The following connection details are available:
-
-bind
- Used with LDAP-based replication operations to specify the hostname and port of the supplier. See "-bind Connection" for more information.
-v
Optional. Runs the command in verbose mode. Shows detailed output for the command on the screen and also logs all operations in the remtool.log
file created in $DOMAIN_HOME
/tools/OID/logs
.
Related Command-Line Tools
4.4.2 connection_argument
Understand about the -bind
connection arguments in the Replication Environment Management Tool.
The Replication Environment Management Tool includes the -bind
connection arguments:
-bind Connection
This argument is used with LDAP-based operations to supply the host and port of the supplier. The syntax is:
bind supplier_hostname:ldap_port
You are prompted for the replication DN password. If you omit either the hostname or port or both, remtool
uses the local host name or default port (3060) or both as arguments. If you omit the -bind argument, you are prompted for the missing information.
4.4.3 -backupmetadata
The backupmetadata
operation adds the metadata of a pilot replica to the master replica, or backs up the metadata of a pilot replica into a file.
Note:
The -backupmetadata
option does not work if anonymous bind is disabled at the pilot replica or master replica.
Syntax
remtool -backupmetadata -replica pilot_hostname:port {-master master_hostname:port | -bkup file_name} [-nwurl file:wallet_location] [-wurl file:wallet_location] [-nsslauth auth_mode] [-sslauth auth_mode]
Arguments
-replica pilot_hostname:port
Required. The connection string for the pilot replica. You are prompted for the password for the replication DN of the pilot replica.The string is comprised of the following elements:
-
The host name where the pilot replica's LDAP server is running.
-
The pilot replica's LDAP listening port, for example 3060.
-master master_hostname:port
Either -master
or -bkup
argument is required. (You can provide both arguments.) The connection string for the master replica. You are prompted for the password for the replication DN of the master replica. The string is comprised of the following elements:
-
The host name where the master replica's LDAP server is running.
-
The master replica's LDAP listening port, for example 3060.
-bkup file_name
Either -master
or -bkup
argument is required. (You can provide both arguments.) The full path and file name of the LDIF output file. The metadata entries are written to this file in LDIF format.
-nwurl file:wallet_location
Optional. Specifies the wallet location for SSL connection to the pilot replica (one-way or two-way).
-wurl file:wallet_location
Optional. Specifies the wallet location for SSL connection to the master replica (one-way or two-way).
-nsslauth auth_mode
Optional. Specifies the SSL authentication mode for the pilot replica. You can use SSL in one of three authentication modes:
-
1 – SSL No Authentication mode
-
2 – SSL Server Authentication Only mode
-
3 – SSL Client and Server Authentication mode
-sslauth auth_mode
Optional. Specifies the SSL authentication mode for the master replica. You can use SSL in one of three authentication modes:
-
1 – SSL No Authentication mode
-
2 – SSL Server Authentication Only mode
-
3 – SSL Client and Server Authentication mode
4.4.4 -paddnode
The paddnode
operation adds a replica or partial replica to a directory replication group (DRG).
This operation has the following usage rules:
-
The supplier node (the master copy) can be part of a DRG that uses LDAP-based replication.
-
The new replica to be added should not be a member of any DRG.
-
A consumer node (the destination of replication updates) can be any node that uses LDAP-based replication.
-
After adding a replica, you can choose the naming context(s) to participate in replication, or choose the entire directory by selecting
*
(asterisk). Choosing specific naming contexts replicates only that portion of the directory. Choosing the entire directory replicates all directory data except for directory-specific entries (DSE). -
The
cn=oraclecontext
naming context is included for replication whether or not any naming contexts are specified by the user.
Syntax
remtool -paddnode [-bind supplier_hostname:ldap_port] [-v]
Arguments
You are prompted for the password for the replication DN on the consumer node. You are prompted for the following arguments if you do not specify them:
-
Consumer Host Name of Host Running OID Server - The host name of the Oracle Internet Directory server where you want to create the replica. This node can be added to the DRG as a read-only or updateable replica.
-
Consumer Port - The LDAP listening port of the consumer node.
In addition, the tool prompts you for the following information:
-
Replica ID of Supplier - If the DRG contains multiple nodes that can be used as the supplier, you are prompted to enter the replica ID of the one you want to use.
-
Naming Context - For a partial replica, you can enter the name(s) of the naming context you want to replicate. To select the entire directory, enter
*
(asterisk). To select none, entere
(end).
-bind supplier_hostname:ldap_port
See "-bind Connection" for information.
4.4.5 -pdisplay
The pdisplay operation displays all replica details in a partial replication group.
Syntax
N/A
4.4.6 -pchgmaster
The pchgmaster
operation is used to break the agreement with the old supplier and reestablish the agreement with a new supplier. This operation is part of configuring replication failover.
See Also:
"Configuring Replication Failover" in Oracle Internet Directory Administrator's Guide for details on performing the replication failover process
The pchgmaster
operation has the following usage rules:
-
If you do not supply consumer directory details using the
-bind
option, then you are prompted to specify consumer details. -
If the consumer details are valid, then
remtool
identifies all nodes in the DRG, if any, and displays their details. -
You are next prompted for the retiring and new supplier details.
-
After the change master operation completes successfully, you might need to use
remtool -pcleanup -agrmt
on the old supplier to remove the old agreement. This would be the case if the old supplier was offline during the change master operation. See "-pcleanup" for details about thepcleanup
operation.
Syntax
remtool -pchgmaster [-bind replica_hostname:ldap_port] [ multimaster ] [-v]
Arguments
The tool prompts you for the host names and port numbers of the retiring supplier and the new supplier.
-bind replica_hostname:port_number
See "-bind Connection" for information.
-multimaster
This suboption causes changeMaster
to change the primary replica in a multimaster agreement.
4.4.7 -pchgpwd
The pchgpwd
operation changes the replication DN password for an Oracle Internet Directory server. The password is changed in both the directory and in wallet.
If the replica is taking part in replication, the password is changed in other replicas for the local replica's replication DN. Note that, unlike Advanced Replication, the replication DN password for each replica can be different.
The operation must be run on the host of the Oracle Internet Directory server whose password you are changing in order to update the wallet password at the same time. You can also update the wallet password separately using the "-pchgwalpwd" operation.
Syntax
remtool -pchgpwd [-bind oid_hostname:ldap_port] [-v]
Arguments
In addition to the arguments specified on the command-line, the tool also prompts you for the new replication DN password for the host specified in the bind connection string.
-bind supplier_hostname:ldap_port
See "-bind Connection" for information.
4.4.8 -pchgwalpwd
The pchgwalpwd
operation is used to change the replication
DN password only in the wallet of an Oracle Internet Directory
server. It sets the wallet password to the same replication DN password stored in
the Oracle Internet Directory repository for the host specified in
the bind connection string.
Syntax
remtool -pchgwalpwd [-bind oid_hostname:ldap_port] [-v]
4.4.9 -pcleanup
The pcleanup
operation is used to clean up an LDAP-based directory replication group (DRG) setup. It cleans up a replica which has incomplete or flawed LDAP-based DRG setup. It only cleans up the replica identified by the bind connection string.
If replication configuration information is corrupted, or the replication DN entry is not available, then the tool prompts for the Oracle Internet Directory superuser DN and password.
This operation only cleans up LDAP-based DRG setup.
Syntax
remtool -pcleanup [-bind oid_hostname:ldap_port] [-agrmt] [-v]
Arguments
-bind supplier_hostname:ldap_port
See "-bind Connection" for information.
-agrmt
Optional. Use this option to clean up dead LDAP agreements at a node. Dead agreements might exist if:
-
A node in the DRG was offline when you ran
remtool -pcleanup
. -
The node being deleted was offline when you ran
remtool -delnode
. -
The supplier node was offline when you ran remtool
-pchgmaster
.
Alternatively, in the first two cases, you could run remtool -pcleanup
(without -agrmt
) to delete all the agreements.
4.4.10 -pdelnode
The pdelnode
operation deletes an LDAP-based replica or partial replica from a directory replication group (DRG).
Syntax
remtool -pdelnode [-bind hostname:ldap_port] [-v]
Arguments
In addition to the arguments specified on the command-line, the tool prompts you for the following information:
-
The replica ID of the replica to be deleted - The replica ID of the LDAP-based replica you want to delete.
-bind hostname:ldap_port
See "-bind Connection" for information.
4.4.11 -pdispqstat
The pdispqstat
operation displays the queue statistics for a directory replication group (DRG) that uses LDAP-based replication.
Syntax
remtool -pdispqstat [-bind hostname:ldap_port] [-v]
4.4.12 -pilotreplica
The pilotreplica
operation begins or ends pilot mode for a replica.
Syntax
remtool -pilotreplica {begin|end} -bind hostname:ldap_port [-bkup file_name]
Arguments
begin | end
Required. Begin or end pilot mode.
-bind hostname:ldap_port
See "-bind Connection" for information.
-bkup file_name
Name of backup file in which entries modified after pilot mode is started are to be stored in LDIF format.
4.4.13 -presetpwd
The presetpwd
operation resets the replication DN password
for the given Oracle Internet Directory server in both the directory
repository and wallet. It does not reset the passwords for any other directories of
the directory replication group (DRG) of which this directory is a
member.
You need the Oracle Internet Directory superuser DN and password to reset the replication DN password.
Syntax
remtool -presetpwd -bind hostname:ldap_port [-v]
Arguments
You are prompted for the new replication DN password. In addition to the password and arguments supplied on the command-line, the tool prompts you for the following information:
-
The superuser DN, for example
cn=orcladmin
. -
The superuser password.
-bind hostname:ldap_port
See "-bind Connection" for information.
4.4.14 -pthput
The -pthput
option enables you to monitor replication progress in a directory replication group. The tool binds to the specified node and collects information about all the nodes in the directory replication group. It displays this information at intervals of specified duration.
Syntax
remtool -pthput [-bind hostname:ldap_port_number] [-interval time_in_seconds] [-file filename]
Arguments
-bind hostname:ldap_port_number
See "-bind Connection" for information.
-interval time_in_seconds
The interval for displaying information. This is an optional parameter. Provide its value in seconds. Its default value is 60 seconds.
-file filename
The file to write information to. This is an optional argument. If you specify a file
argument, the output shown on the command line is logged to that file. Otherwise, the output is logged to a file name based on the timestamp.
4.4.15 -pverify
The pverify
operation verifies the replication configuration for a directory replication group (DRG) that uses LDAP-based replication. This operation cannot be used for a DRG that uses ASR based replication. If a DRG uses both ASR and LDAP-based replication, then this option verifies the replication configuration between nodes that use LDAP-based replication only.
The pverify
operation has the following usage rules:
-
This option only verifies agreements that involve the node specified in the command argument.
-
The
remtool_VERIFY_LOG.rpt
report contains the verification results.
Syntax
remtool -pverify [-bind hostname:ldap_port_number] [-hiqmax hiqmax] [-tbtmax tbtmax] [-v]
Arguments
-bind hostname:ldap_port_number
See "-bind Connection" for information.
-hiqmax hiqmax
The maximum number of change logs in the Human Intervention Queue (HIQ) after which warnings are generated.
-tbtmax tbtmax
The maximum number of logs to be transported (tbt) after which warnings are generated.
4.4.16 -psuspendrepl and -presumerepl
The -psuspendrepl
and -presumerepl
operations provide rolling upgrade support for multimaster replication DRGs by suspending and resuming replication, respectively.
Syntax
remtool -psuspendrepl -fromnode host1:port1 [-tonode host2:port2]
remtool -presumerepl -fromnode host1:port1 [-tonode host2:port2]
Note:
You must apply all required patches before starting the rolling upgrade procedure.
Arguments
-fromnode host1:port1
Specifies the host and port of the node from which replication is to be suspended.
-tonode host2:port2
Specifies the host and port of the node to which replication is to be suspended
If you do not specify the -tonode
parameter with -psuspendrepl
or -presumerepl
, remtool
displays the replicaids of all the replicas and prompts you for the replica to which to replication is to be suspended or resumed. To suspend or resume replication to all the replicas, enter all
.