Oracle Internet Directory Replication Management Tools

4 Oracle Internet Directory Replication Management Tools

You can administer Oracle Internet Directory replication using the various management command-line tools.

Note:

Refer Understanding Oracle Internet Directory Replication in Administering Oracle Internet Directory.

4.1 Managing Human Intervention Queue Management Tools

When a replication conflict arises, the Oracle Internet Directory replication server places the change in the retry queue and tries to apply it from there for a specified number of times.

When a replication conflict arises, the Oracle Internet Directory replication server places the change in the retry queue and tries to apply it from there for a specified number of times. If it fails after the specified number of retries, the replication server puts the change in the human intervention queue. From there, the replication server repeats the change application process at less frequent intervals while awaiting your action.

At this point, you must:

Examine the change in the human intervention queue.
Reconcile the conflicting changes using the Compare and Reconcile Tool (see Working with Oracle Internet Directory Compare and Reconcile Tool.
Either place the change back into the retry queue, by using ManageHiq.retry, or into the purge queue, by using ManageHiq.purge.

This section describes the following topics:

Note:

The Oracle Internet Directory server parameter orclSizeLimit, which is 1000 by default, limits the number of entries that the human intervention queue manipulation tools can process. If you have more than 1000 entries in the human intervention queue, you must increase orclSizeLimit, or some entries will never be processed. Setting the parameter orclSizeLimit very high impacts server performance, because orclSizeLimit also controls the maximum number of entries to be returned by a search. The DN containing orclSizeLimit is

cn=componentname,cn=osdldapd,cn=subconfigsubentry

4.1.1 Invoking the Human Intervention Queue Management Tools

You invoke ManageHiq.retry and ManageHiq.purge as PL/SQL commands at the SQL prompt.

You invoke ManageHiq.retry and ManageHiq.purge as PL/SQL commands at the SQL prompt, as follows:

$ sqlplus /nologSQL> connect ods;
SQL> Enter password
SQL> Set serveroutput ON
SQL> exec ManageHiq.retry(SupplierNode, EqualChgNo, StartChgNo, EndChgNo)
SQL> exit

$ sqlplus /nologSQL> connect ods;
SQL> Enter password
SQL> Set serveroutput ON
SQL> exec (ManageHiq.purgeSupplierNode, EqualChgNo, StartChgNo, EndChgNo)
SQL> exit

You must set server output ON to display the success or error message. The arguments are:

EqualChgNo–The change number to be moved to the retry queue.

StartChgNo–The starting number. All the change numbers after this should be moved to the retry queue.

EndChgNo–The ending change. All change numbers less than or equal to this change number that should be moved to the retry queue.

4.1.2 Moving the Changelogs to the Retry Queue

Move the changelog on node1, for change numbers between 300 and 1000 and supplier node2, to the retry queue

To move the changelog on node1, for change numbers between 300 and 1000 and supplier node2, to the retry queue.

exec Managehiq.retry('node2_orcl', 0, 300, 1000)

Move all the changelogs on node1 for supplier node2_orcl to the retry queue.

exec Managehiq.retry('node2_orcl', 0, 0, 0)

exec Managehiq.retry('node2_orcl')

4.1.3 Purging the Changelog on a Node

Purge the changelog on node1 where the change number is 2152 and the supplier is node2 (supplierNode = node2_orcl).

To purge the changelog on node1 where the change number is 2152 and the supplier is node2 (supplierNode = node2_orcl):

exec Managehiq.purge('node2_orcl', 2152)

Purge the changelog on node1 where the change number is greater than 200 and the supplier is node2_orcl.

exec Managehiq.purge('node2_orcl', 0, 200)

exec Managehiq.purge('node2_orcl', 0, 200, 0)

Purge the changelog on node1 where the change number is less than 2000 and the supplier is node2_orcl.

exec Managehiq.purge('node2_orcl', 0, 0, 2000)

4.2 Working with Oracle Internet Directory Compare and Reconcile Tool

You can understand about the Oracle Internet Directory Compare and Reconcile Tool and how to perform tasks using the oidcmprec command.

The following topics provide a contextual description and syntax of the Oracle Internet Directory Compare and Reconcile Tool:

4.2.1 Overview of the Compare and Reconcile Tool

The Compare and Reconcile Tool allows you to compare one Oracle Internet Directory with another, detect conflicts or discrepancies, and optionally resolve them.

The directories being compared can be standalone directories or part of the same replication group. You can compare two individual entries, subtrees, or entire directories. You can also compare directory schema. For more information, see in Comparing and Reconciling Inconsistent Data by Using oidcmprec in Administering Oracle Internet Directory.

Note:

The oidcmprec 11g tool supports data migration from 10g to 11g. However, data migration is not supported from 11g to 10g.
The Compare and Reconcile Tool, oidcmprec does not support One way or Two way Authentication and works only on the No-Authentication mode.

The oidcmprec tool can detect and resolve the following conflict scenarios:

Entry only in source directory (entos)
Entry only in destination directory (entod)
Attribute only in source directory (atros)
Attribute only in destination directory (atrod)
Single-valued attribute differs (svatrdif)
Multi-valued attribute differs (mvatrdif)
Entry DN differs (dndif)

The oidcmprec tool can also detect and resolve the following schema conflict scenarios:

Object class definition exists only in source directory (odefos)
Object class definition exists only in destination directory (odefod)
Object class definition different in source and destination directory (odefdif)
Attribute definition exists only in source directory (adefos)
Attribute definition exists only in destination directory (adefod)
Attribute definition different in source and destination directory (adefdif)

For more information on the syntax and arguments of the oidcmprec tool, see Oracle Internet Directory Compare and Reconcile Tool

4.2.2 Operating the Compare and Reconcile Tool

Using the oidcmprec command, you can perform compare and reconcile action on individual entries, subtrees and entire directories. Apart from these, you can perform host of other actions covered in this section using the oidcmprec command.

The following examples discuss various operations that can be performed with the oidcmprec tool:

4.2.2.1 Comparing Individual Entries in Two Directories

This example compares the DN, "cn=Anne Smith,cn=users,dc=uk,dc=acme,dc=com", in the source and destination directories.

The default conflict resolution rules for the compare operation are used. You are prompted for the source directory and destination directory passwords.

oidcmprec base="'cn=Anne Smith,cn=users,dc=uk,dc=acme,dc=com'" \
          operation=compare \
          source=myhost1.acme.com:3060 \
          destination=myhost2.acme.com:3060

Enter replication DN password of the source directory      : 
Enter replication DN password of the destination directory :

4.2.2.2 Reconciling Individual Entries in Two Directories

The following example compares the DN, cn=Anne Smith,cn=users,dc=uk,dc=acme,dc=com, in the source and destination directories.

It resolves the conflicts that are detected. The default conflict resolution rules for the reconcile operation are used.

oidcmprec base="'cn=Anne Smith,cn=users,dc=uk,dc=acme,dc=com'" \
          operation=reconcile \
          source=myhost1.acme.com:3060 \
          destination=myhost2.acme.com:3060

4.2.2.3 Comparing Subtrees in Two Directories

This example compares the naming context, dc=com, in the two directories. The scope attribute has been set to subtree.

This allows the entire directory information tree (DIT) under the base DN, dc=com, to be compared. The threads and dnThreads arguments specify the number of worker threads and DN threads. The cmpres file is used to store the report for the operation.

oidcmprec base="'dc=com'" \
          operation=compare scope=subtree \
          source=myhost1.mycom.com:3060 \
          destination=myhost2.mycom.com:3060 \
          threads=5 dnthreads=2 filename=cmpres

4.2.2.4 Reconciling Subtrees in Two Directories

The following example performs the reconcile operation on two subtrees namely, dc=com and dc=org.

The dns2exclude argument is used to exclude the c=us,dc=mycom,dc=com and c=uk,dc=myorg,dc=org subtrees from the operation.

oidcmprec base="'dc=com'  'dc=org'" \
          dns2exclude="'c=us,dc=mycom,dc=com' 'c=uk,dc=myorg,dc=org'"
          operation=reconcile scope=subtree \
          source=myhost1.mycom.com:3060 \
          destination=myhost2.mycom.com:3060 \

4.2.2.5 Comparing Entire Directories

The following example compares a directory residing on host1 with another directory residing on host2.

The base argument is set to " " and the scope argument is set to subtree.

oidcmprec operation=compare source=host1:3060 \
          destination=host2:3070 \ base="' '" scope=subtree

Note:

When you compare entire directories, the following DNs and their subtrees are excluded:

root DSE entry
cn=auditlog
cn=baseschema
cn=catalogs
cn=events
cn=oracle internet directory
cn=replication configuration
cn=server configuration
cn=subconfigsubentry
cn=subregistrysubentry
cn=subschemasubentry

You can include these entries by specifying them explicitly in the base argument.

4.2.2.6 Reconciling Entire Directories

The following example reconciles a directory residing on myhost1 with another directory residing on myhost2.

Entire directories are compared except the DN, c=us,dc=mycom,dc=com.

oidcmprec base="' '" \
          dns2exclude="'c=us,dc=mycom,dc=com'"
          operation=reconcile scope=subtree \
          source=myhost1.mycom.com:3060 \
          destination=myhost2.mycom.com:3060 \
          threads=5 dnthreads=2 file=cmpres

4.2.2.7 Performing User-Defined Compare and Reconcile Operations

This example makes use of user-defined values for the -entos, -entod, -atros, -svatrdif, -mvatrdif, and -dndif arguments.

This example makes use of user-defined values for the -entos, -entod, -atros, -svatrdif, -mvatrdif, and -dndif arguments. Conflict resolution arguments not specified on the command line, like -atrod, are set to ignore.

oidcmprec operation=userdefinedcr scope=subtree \
          base="'dc=com'  'dc=org'" \
          source=myhost1.mycom.com:3060 \
          destination=myhost2.mycom.com:3060 \
          entos=add entod=ignore atros=add \
          svatrdif=usesrc mvatrdif=usesrc dndif=ignore \
          threads=5 dnthreads=2 file=myreconcile

4.2.2.8 Merging Two Directories

This example synchronizes the dc=com subtree in two directories.

The merge operation updates both the source and destination directories.

oidcmprec operation=merge scope=subtree base="'dc=com'" \
          source=myhost1.mycom.com:3060 \
          destination=myhost2.mycom.com:3060 \
          file=merge

4.2.2.9 Including and Excluding Attributes

The following example performs a compare operation.

This uses the exclattr argument to exclude the orclguid, category, userpassword, and authpassword attributes. The example makes use of wildcard pattern matching to exclude the authpassword attribute subtypes.

oidcmprec operation=compare scope=subtree base="'dc=com'  'dc=org'" \
          source=myhost1.mycom.com:3060 \
          destination=myhost2.mycom.com:3060 \
          exclattr="userpassword authpassword authpassword;* orclguid category"
          threads=5 dnthreads=2 file=compare

The following example makes use of the inclattr argument to include the userpassword, cn, sn givenname, and mail attributes.

oidcmprec operation=compare scope=subtree base="'dc=com'" \
          source=myhost1.mycom.com:3060 \
          destination=myhost2.mycom.com:3060 \
          inclattr="userpassword cn sn givenname mail"
          file=cmpr

The following example includes all attributes for the compare operation except orclguid, creatorsname, and modifiersname attributes.

oidcmprec operation=compare scope=subtree base="'dc=com'" \
          source=myhost1.mycom.com:3060 \
          destination=myhost2.mycom.com:3060 \
          inclattr="*" exclattr="orclguid creatorsname modifiersname"
          file=compare

4.2.2.10 Using a Filter

The following example restricts the comparison to entries that match the filter (cn=*).

oidcmprec source=stadd54:3060 destination=stadd54:3060 \
         base="' '" scope=sub operation=compare file=test \
         filter="'(cn=*)'"

4.2.2.11 Overriding Default Conflict Resolution Rules

This example performs a compare operation on two directories. It overrides the default conflict resolution rules used for the dndif and mvatrdif arguments. The conflict resolution rule for these arguments is set to ignore.

Execute the following command:

oidcmprec source=host1:3060 destination=host2:3070 \
          base="' '" scope=subtree file=temp operation=compare \
          dndif=ignore mvatrdif=ignore

4.2.2.12 Using a Parameter File

This example performs a compare operation on two directories. It uses a parameter file, comp_param to specify command-line arguments.

The dnThreads argument is specified both in the file and at the command line. The command-line value of dnThreads overrides the value specified in the parameter file.

oidcmprec paramfile=comp_param dnthreads=3

The following displays the parameter file that is used:

#############################################
#Parameter file for compare and reconcile tool
#Creator   : John
#Date      : 21-Mar-2006
#File Name : comp_param
#############################################
operation=compare
source=staqj13:3060
destination=staqj13:3070
base="cn=oraclecontext"
base="c=uk,dc=mycom,dc=com"
base="c=us,dc=mycom,dc=com"
verbose=false
force=true
threads=6
dnthreads=2
exclattr="orclguid userpassword authpassword authpassword;*"
filename=cmp2006Feb01

4.2.2.13 Using a Parameter File in XML Format

This example performs a compare operation on two directories.

Execute the following command:

oidcmprec xmlParameterFile=param.xml

The following is an example of an XML parameter file:

  <?xml version="1.0" standalone="yes" ?> 
- <input>
  <operation>compare</operation> 
- <source>
   <host>stadd54</host> 
   <port>3060</port> 
   <binddn>cn=orcladmin</binddn>
   <password>source-password</password> 
   <isSSLPort>false</isSSLPort>
  </source>
- <destination>
   <host>stadd54</host> 
   <port>3060</port> 
   <binddn>cn=orcladmin</binddn>
   <password>destination-password</password>
   <isSSLPort>true</isSSLPort>
  </destination>
  <base>
   <dn>dc=myhost,dc=example,dc=com</dn>
   <dn>cn=OracleSchemaVersion</dn>
  </base>
  <dns2exclude>
   <dn>cn=test instance,cn=oraclecontext</dn>
   <dn>ou=support,o=us</dn>
  </dns2exclude> 
  <scope>subtree</scope>
  <filter /> 
  <threads>1</threads>
  <dnthreads>1</dnthreads>
  <inclattr />
  <exclattr>
   <attribute>orclguid</attribute>
   <attribute>userpassword</attribute>
   <attribute>authpassword</attribute>
  </exclattr>
  <compareby>tool</compareby>
  <filename>test</filename>
  <genchglog>default</genchglog>
  <force>true</force>
  <verbose>false</verbose>
  <contonerr>true</contonerr>
- <!-- 
  <entod>ignore</entod>
  <entos>ignore</entos>
  <atros>ignore</atros>
  <atrod>ignore</atrod>
  <svatrdif>ignore</svatrdif>
  <mvatrdif>ignore</mvatrdif>
  <dndif>ignore</dndif>
  <adefos>ignore</adefos>
  <adefod>ignore</adefod>
  <adefdif>ignore</adefdif>
  <odefos>ignore</odefos>
  <odefod>ignore</odefod>
  <odefdif>ignore</odefdif>
  
  --> 
  </input>

Substitute the password for password in the example. Because the file contains a password, ensure that it is not readable by unauthorized users.

4.2.2.14 Generating Change Logs

The following example uses the genchglog argument to ensure that change logs are generated for the operation.

When genchglog is set to true, change logs are generated at both the source and destination directories.

oidcmprec operation=merge scope=subtree base="'dc=com'" \
          source=myhost1.mycom.com:3060 \
          destination=myhost2.mycom.com:3060 \
          inclattr="*" exclattr="orclguid creatorsname modifiersname"
          file=merge  genchglog=true

4.2.2.15 Performing Directory Schema Operations

The following example includes the schema for the selected operation by adding the cn=subschemasubentry DN to the base argument.

oidcmprec operation=merge scope=subtree \
          base="'dc=com' 'cn=subschemasubentry'" \
          source=myhost1.mycom.com:3060 \
          destination=myhost2.mycom.com:3060 \
          inclattr="*" exclattr="orclguid creatorsname modifiersname" \
          file=merge genchglog=false

4.3 Oracle Internet Directory Compare and Reconcile Tool

"oidcmprec" includes the syntax and arguments of the Oracle Internet Directory Compare and Reconcile Tool.

4.3.1 oidcmprec

Understand about the syntax and arguments of the Oracle Internet Directory Compare and Reconcile Tool. You can use the oidcmprec tool to compare and reconcile attribute values, and merge attribute values between source and destination directories. To use this command, you need to provide the arguments, source, destination and base values as a mandatory parameters. Learn about the various optional parameters which offer different functionalities.

Note:

The Compare and Reconcile Tool, oidcmprec does not support One way or Two way Authentication and works only on the No-Authentication mode.

Syntax

oidcmprec operation=compare | reconcile | merge | merge_dryrun |userdefinedcr
          source=host:port 
          destination=host:port 
          base="'dn1' 'dn2' 'dn3' ..."
          [ ssslport=true | false ]
          [ dsslport=true | false ]
          [ dns2exclude="'edn1' 'edn2' 'edn3' ..."]
          [ scope=base | subtree | onelevel ]
          [ filter=filter_that_conforms_to_RFC_2254]
          [ threads=number_of_worker_threads ]
          [ dnthreads=number_of_dn_threads ]
          [ exclattr=space_separated_list_of_attributes_to_be_excluded |
            inclattr=space_separated_list_of_attributes_to_be_included ]
          [ compareby=tool | ldapserver ]
          [ filename=file_name_without_extension_to_store_compare_report]
          [ genchglog=d[efault] | t[rue] | f[alse] ]
          [ reconaver=t[rue] | f[alse]]
          [ verbose=t[rue] | f[alse] ]
          [ force=t[rue] | f[alse] ]
          [ contonerr = t[rue] | f[alse] 
          [ logrpt = t[rue] | f[alse] 
          [ logs2d = t[rue] | f[alse] 
          [ logd2s = t[rue] | f[alse] 
          [ logeos = t[rue] | f[alse] 
          [ logeod = t[rue] | f[alse] 
          [ logdif = t[rue] | f[alse] 
          [ logerr = t[rue] | f[alse] 
          [ qlogfreq=frequency ]
          [ help=t[rue] | f[alse] ]
          sbinddn='("dn")'
          dbinddn='("dn")'
          [schemafile=<Schema_filename for compare/merge/userdefinedcr against destination schema>]
          [ entos=ignore | add | del | log2add | log2del | log ]
          [ entod=ignore | add | del | log2add | log2del | log ]
          [ atros=ignore | add | del | log2add | log2del | usenewer |     
                   log2usenewer | useolder | log2useolder | usesmallguid | 
                   log2usesmallguid | usebigguid | log2usebigguid | log ]
          [ atrod=ignore | add | del | log2add | log2del | usenewer |     
                   log2usenewer | useolder | log2useolder | usesmallguid | 
                   log2usesmallguid | usebigguid | log2usebigguid | log ]
          [ svatrdif=ignore | usesrc | log2usesrc | usedest | log2usedest |
                     usenewer | log2usenewer | useolder | log2useolder |
                     usesmallguid | log2usesmallguid | usebigguid | log2usebigguid
                     | log ]
          [ mvatrdif=ignore | usesrc | log2usesrc | usedest | log2usedest | merge
                     | log2merge | usenewer | log2usenewer | useolder |
                     log2useolder | usesmallguid | log2usesmallguid | usebigguid |
                     log2usebigguid | log ]
          [ dndif=ignore | usesrc | log2usesrc | usedest | log2usedest | log ]
          [ odefos=ignore | add | log2add | del | log2del | log ]
          [ odefod=ignore | add | log2add | del | log2del | log ]
          [ odefdif=ignore | usesrc | log2usesrc | usedest | log2usedest | merge |
                    log2merge | log ]
          [ adefos=ignore | add | log2add | del | log2del | log ]
          [ adefod=ignore | add | log2add | del | log2del | log ]
          [ adefdif=ignore | usesrc | log2usesrc | usedest | log2usedest | log ]

oidcmprec  paramfile=file_containing_parameters]

oidcmprec [ xmlparamfile=file_containing_parameters_in_XML_format]

Arguments

operation=compare | reconcile | merge | merge_dryrun | userdefinedcr

Required. The operation to perform. The operation argument can take the following values:

compare: Compares the two directories, reports conflicts, and logs the changes that must be applied to the destination directory to resolve conflicts.
reconcile: Compares the two directories, resolves conflicts, and logs the changes applied to the destination directory to resolve conflicts.
merge: Compares the two directories and synchronizes them, updates both the source and destination directories. The source directory wins in case of a conflict.
merge_dryrun: Performs a dry run of the merge operation. Logs all changes that must be made to synchronize the source and destination directories.
userdefinedcr: Performs a user-defined compare and reconcile operation. Allows the user to choose the conflict resolution rules.

By default, the oidcmprec tool excludes operational attributes during comparison.That is, oidcmprec does not compare the operational attributes values in source and destination directory entries. During reconciliation of user defined attributes however, operational attributes might be changed.

source=host:port

Required. The connection string used to bind to the source Oracle Internet Directory node. You are prompted for the replication DN password. If you do not supply the hostname or port information on the command-line, the tool prompts you for the information. The connection string is composed of the following elements:

The host name of the directory server that acts as the source directory
The LDAP listening port of the directory server

destination=host:port

The host name of the directory server that acts as the destination directory
The LDAP listening port of the directory server

base=" 'dn1' 'dn2' 'dn3'..."

Required. Specifies the Distinguished Names (DNs) from where the comparison operation begins. The scope argument determines if child entries and subtrees of the base DNs would be compared as well.

ssslport=true | false

Optional. Specifies whether the source directory port is SSL or not. The default value is false. To specify this in an XML parameter file, use the isSSLPort parameter. See the example in Using a Parameter File in XML Format.

dsslport=true | false

Optional. Specifies whether the destination port is SSL or not. The default value is false. To specify this in an XML parameter file, use the isSSLPort parameter. See the example in Using a Parameter File in XML Format.

dns2exclude=" 'edn1' 'edn2' 'edn3'..."

Optional. Specifies DNs that are to be excluded from the comparison operation. These DNs must be child entries or subtrees of the DNs specified in the base argument.

scope=base | subtree | onelevel

Optional. Specifies whether the child entries and subtrees of a base DN are also compared. The scope argument can take the following values:

base: Only the DNs specified in the base argument are compared. This is the default value.
subtree: Directory information trees (DITs) identified by the DNs specified in the base argument are compared.
onelevel: Only the immediate children of the DNs specified in the base argument are compared.

filter=filter_that_conforms_to_RFC_2254

Optional. Only the entries that match the filter conditions are compared. The filter must be in the same format you would specify for ldapsearch. That is, it must conform to RFC 2254.

threads=number_of_worker_threads

Optional. Specifies the number of worker threads that should be created. Worker threads are responsible for comparing entries, and reconciling the differences. One worker thread is created, by default.

If the scope is base, then the threads argument is ignored and it spawns one worker thread and one DN thread.

dnthreads=number_of_dn_threads

Optional. Specifies the number of DN threads that should be created. DN threads are responsible for collecting all DNs that must be compared.

One DN thread is created, by default. The total number of DN threads and worker threads cannot exceed "6 * Number of CPUs - 2". If the total number of DN threads and worker threads exceeds the maximum value, the tool reduces both values proportionately to "6 * Number of CPUs - 2".

exclattr=space_separated_list_of_attributes_to_be_excluded | inclattr=space_separated_list_of_attributes_to_be_included

Optional. Specifies the list of attributes to be excluded or included for comparison. You can either specify a list of attributes to be excluded, using exclattrclattr, or specify a list of attributes to be included, using inclattr.

All attributes are included by default, except the following operational attributes:

creatorsname
createtimestamp
modifiersname
modifytimestamp
orclentrydn
orclnormdn

Note:

The exclattr and inclattr attributes cannot be used together, except when you use "*" for inclattr.
By default, the oidcmprec tool excludes operational attributes during comparison.That is, oidcmprec does not compare the operational attributes values in source and destination directory entries. During reconciliation of user defined attributes however, operational attributes might be changed.

The option allows limited pattern matching. You can use attributename* to match all attributes starting with attributename. You can also use attributename;* to match all subtypes of attributename.

compareby=tool | ldapserver

Optional. Specifies whether the compare operation is performed by the tool or ldapserver. A compare operation performed by the tool is several times faster than a compare operation performed by ldapserver. The default value is tool.

filename=file_name

Optional. Specifies a base name for the report files that would be generated by the tool. Do not specify an extension with the file name. The tool generates the following files:

file_name.rpt: This file contains the DNs of all entries compared and the compare results. This file is known as the rpt file.
file_name.s2d.ldif: This file contains all changes that were applied (or to be applied) to the destination directory. s2d stands for source directory to destination directory. This file is known as the s2d file.
file_name.d2s.ldif: This file contains all changes that were applied (or to be applied) to the source directory. d2s stands for destination directory to source directory. This file is known as the d2s file.
file_name.eos.rpt: This file lists DNs of entries that exist only in the source directory. eos stands for entries available only in the source directory. This file is known as the eos file.
file_name.eod.rpt: This file lists DNs of entries that exist only in the destination directory. eod stands for entries available only in the destination directory. This file is known as the eod file.
file_name.dif.rpt: This file lists the DNs that are different in the source and destination directories along with the names of the DN attributes that differ. This file is known as the dif file.
file_name.err: This file contains all the error messages. It is known as the err file.

genchglog=d[efault] | t[rue] | f[alse]

Optional. Determines whether a change log is created for the changes made by the oidcmprec tool. The genchglog argument can have the following values:

default: The OID server settings decide whether a change log is generated or not. Change logs are generated if the root entry's orcldiprepository attribute is set to true. A value of false means that change logs are not generated. The same rule applies for both the source and destination directories. default is the default value for gechglog.
true: Change logs are always generated irrespective of the settings on the source and destination directories.
false: Change logs are never generated irrespective of the settings on the source and destination directories.

reconaver=t[rue] | f[alse]

Optional. Determines whether attribute version reconciliation support is provided. The default value is false. Source and destination directory versions must be greater than 11.1.1.0.0 or directories must have the appropriate patch.

verbose=t[rue] | f[alse]

Optional. Determines whether the rpt file is shown on the screen. The default value is false. When set to true, verbose displays the report file on the screen as it is generated. When verbose is set to false, the tool shows its progress on the screen by displaying the count of entries it has processed.

force=t[rue] | f[alse]

Optional. Determines whether the tool prompts the user for confirmation before performing the specified operation. The default value is false. When set to true, the tool does not prompt the user for confirmation before performing the specified operation.

contonerr=t[rue] | f[alse]

Optional. Determines whether the tool shall continue when it encounters an error. The contonerr argument can have the following values:

true: The tool continues to process other entries even if there is an error. This is the default value for contonerr.
false: The tool stops if it encounters an error.

Note:

If the tool encounters a critical error, it stops irrespective of the value passed to contonerr.

logrpt=t[rue] | f[alse]

Optional. Controls whether the tool generates the file_name.rpt file. The logrpt argument can have the following values:

true: The tool generates the file. This is the default.
false: The tool does not generate the file.

logs2d=t[rue] | f[alse]

Optional. Controls whether the tool generates the file_name.s2d.ldif file. The logs2d argument can have the following values:

true: The tool generates the file. This is the default.
false: The tool does not generate the file.

logd2s=t[rue] | f[alse]

Optional. Controls whether the tool generates the file_name.d2s.ldif file. The logs2d argument can have the following values:

true: The tool generates the file. This is the default.
false: The tool does not generate the file.

logeos=t[rue] | f[alse]

Optional. Controls whether the tool generates the file_name.eos.rpt file. The logeos argument can have the following values:

true: The tool generates the file. This is the default.
false: The tool does not generate the file.

logeod=t[rue] | f[alse]

Optional. Controls whether the tool generates the file_name.eod.rpt file. The logeod argument can have the following values:

true: The tool generates the file. This is the default.
false: The tool does not generate the file.

logdif=t[rue] | f[alse]

Optional. Controls whether the tool generates the file_name.dif.rpt file. The logdif argument can have the following values:

true: The tool generates the file. This is the default.
false: The tool does not generate the file.

logerr=t[rue] | f[alse]

Optional. Controls whether the tool generates the file_name.err file. The logdif argument can have the following values:

true: The tool generates the file. This is the default.
false: The tool does not generate the file.

qlogfreq=frequency

Optional. The tool can dump the total number of entries loaded by the tool in memory and the number of entries in each of oidcmprec's various queues. The entry counts are logged in the file oidcmprec.log. Use the qlogfreq argument to specify how frequently oidcmprec logs this information. Possible values are from 1 to 5000. The lower the value, the shorter the interval. For frequent entry counts, use a value between 5 and 10.

help=t[rue] | f[alse]

Optional. When set to true, the tool displays help on the oidcmprec command. The default value is false.

sbinddn='("dn")'

Optional. Specifies the DN to bind with the source directory. This argument is used if Oracle Virtual Directory is the source.

dbinddn='("dn")'

Optional. Specifies the DN to bind with the destination directory. This argument is used if Oracle Virtual Directory is the destination.

entos=ignore | add | del | log2add | log2del | log

Optional. Specifies the conflict resolution rule to use in case an entry exists only in the source directory. The following values are allowed:

ignore: Ignore the conflict and take no action
add: Add the entry to the peer directory
del: Delete the entry from the directory
log2add: Same as add except that the change is logged to an LDIF file and not directly effected in the peer directory
log2del: Same as del except that the change is logged to an LDIF file and not directly effected in the directory
log: Log the conflict in the report file and take no other action

The default value depends on the operation specified. Table 4-1 shows the default values of the entos argument, corresponding to the operations specified.

Table 4-1 Default Values for the entos Argument

Operation	Default Value
`compare`	`log2add`
`reconcile`	`add`
`merge`	`add`
`merge_dryrun`	`log2add`
`userdefinedcr`	`ignore`

entod=ignore | add | del | log2add | log2del | log

Optional. Specifies the conflict resolution rule to use in case an entry exists only in the destination directory. The values allowed are the same as the entos argument.

The default value depends on the operation specified. Table 4-2 shows the default values of the entod argument, corresponding to the operations specified.

Table 4-2 Default Values for the entod Argument

Operation	Default Value
`compare`	`log2delete`
`reconcile`	`delete`
`merge`	`add`
`merge_dryrun`	`log2add`
`userdefinedcr`	`ignore`

Optional. Specifies the conflict resolution rule to use in case an attribute exists only in the source directory. The following values are allowed:

ignore: Ignore the conflict and take no action
add: Add the attribute to the corresponding entry in the peer directory
del: Delete the attribute from the directory
log2add: Same as add, except that the change is logged into an LDIF file and not directly effected in the peer directory.
log2del: Same as del except that the change is logged into an LDIF file and not directly effected in the directory.
usenewer: Check the modifytimestamp value to determine if the attribute should be deleted from the directory or added to the peer directory. The directory with the newer modifytimestamp value wins. If the modifytimestamp values are the same, then the source directory wins.
log2usenewer: Same as usenewer except that the change is logged into an LDIF file and not directly effected in the directory.
useolder: Check the modifytimestamp value to determine if the attribute should be deleted from the directory or added to the peer directory. The directory with the older modifytimestamp value wins. If the modifytimestamp values are the same, then the source directory wins.
log2useolder: Same as useolder except that the change is logged to an LDIF file and not directly effected in the directory.
usesmallguid: Check the GUID value to determine if the attribute should be deleted from the directory or added to the peer directory. The directory with the smaller GUID value wins. The GUID values would be the same in the same replication group. This rule is intended for non replication environments. If the GUID values are the same in both directories, then the source directory wins.
log2usesmallguid: Same as usesmallguid except that the change is logged into an LDIF file and not directly effected in the directory.
usebigguid: Check the GUID value to determine if the attribute should be deleted from the directory or added to the peer directory. The directory with the bigger GUID value wins. The GUID values would be the same in the same replication group. This rule is intended for non replication environments. If the GUID values are the same in both directories, then the source directory wins.
log2usebigguid: Same as usebigguid except that the change is logged into an LDIF file and not directly effected in the directory.
log: Log the conflict in the report file and take no other action.

The default value depends on the operation specified. Table 4-3 shows the default values of the atros argument, corresponding to the operations specified.

Table 4-3 Default Values for the atros Argument

Operation	Default Value
`compare`	`log2add`
`reconcile`	`add`
`merge`	`add`
`merge_dryrun`	`log2add`
`userdefinedcr`	`ignore`

Optional. Specifies the conflict resolution rule to use in case an attribute exists only in the destination directory. The values allowed are the same as the atros argument.

The default value depends on the operation specified. Table 4-4 shows the default values of the atrod argument, corresponding to the operations specified.

Table 4-4 Default Values for the atrod Argument

Operation	Default Value
`compare`	`log2delete`
`reconcile`	`delete`
`merge`	`add`
`merge_dryrun`	`log2add`
`userdefinedcr`	`ignore`

Optional. Specifies the conflict resolution rule to use when a single-valued attribute for an entry is different in the two directories. The following values are allowed for the svatrdif argument:

ignore: Ignore the conflict and take no action
usesrc: Replace the value of the attribute in the destination directory with the value of the attribute in the source directory
log2usesrc: Same as usesrc, except that the change is logged into an LDIF file and not directly effected in the destination directory
usedest: Replace the value of the attribute in the source directory with the value of the attribute in the destination directory
log2usedest: Same as usedest except that the change is logged into an LDIF file and not directly effected in the source directory
usenewer: If the modifystamp value of the attribute in the source directory is newer than the destination directory, then update the attribute value in the destination directory. If the modifystamp value of the attribute in the destination directory is newer, then change the attribute value in the source directory. If the modifystamp values in both directories are the same, then the source directory wins.
log2usenewer: Same as usenewer except that the change is logged into an LDIF file and not directly effected in the directory.
useolder: If the modifystamp value of the attribute in the source directory is older than the destination directory, then update the attribute value in the destination directory. If the modifystamp value of the attribute in the destination directory is older, then change the attribute value in the source directory. If the modifystamp values in both directories are the same, then the source directory wins.
log2useolder: Same as useolder except that the change is logged into an LDIF file and not directly effected in the directory.
usesmallguid: If the source directory entry's GUID is smaller than the destination directory entry's GUID, then update the attribute in the destination directory. If the destination directory entry's GUID is smaller, then update the attribute in the source directory. If the GUID values are the same, then the source directory wins. This rule is meant for nonreplication environments, as the GUID values would be the same in the same replication group.
log2usesmallguid: Same as usesmallguid except that the change is logged into an LDIF file and not directly effected in the directory.
usebigguid: If the source directory entry's GUID is bigger than the destination directory entry's GUID, then update the attribute in the destination directory. If the destination directory entry's GUID is bigger, then update the attribute in the source directory. If the GUID values are the same, then the source directory wins. This rule is meant for nonreplication environments, as the GUID values would be the same in the same replication group.
log2usebigguid: Same as usebigguid except that the change is logged into an LDIF file and not directly effected in the directory.
log: Log the conflict in the report file and take no other action

The default value depends on the operation specified. Table 4-5 shows the default values of the svatrdif argument, corresponding to the operations specified.

Table 4-5 Default Values for the svatrdif Argument

Operation	Default Value
`compare`	`log2usesrc`
`reconcile`	`usesrc`
`merge`	`usesrc`
`merge_dryrun`	`log2usesrc`
`userdefinedcr`	`ignore`

Optional. Specifies the conflict resolution rule to use when a multivalued attribute for an entry is different in the two directories. The values allowed are the same as the svatrdif argument. This argument also has other values that do not exist for the svatrdif argument. The following are values specific to the mvatrdif argument:

merge: The missing attribute values in the destination directory are added from the source directory and those missing in the source directory are added from the destination directory.
log2merge: Same as merge except that the changes are logged into an LDIF file and not directly effected in the directory.

The default value depends on the operation specified. Table 4-6 shows the default values of the mvatrdif argument, corresponding to the operations specified.

Table 4-6 Default Values for the mvatrdif Argument

Operation	Default Value
`compare`	`log2usesrc`
`reconcile`	`usesrc`
`merge`	`merge`
`merge_dryrun`	`log2merge`
`userdefinedcr`	`ignore`

Optional. Specifies the conflict resolution rule to use when an entry has different DNs in the source and destination directories. The following values are allowed for the dndif argument:

ignore: Ignore the conflict and take no action
usesrc: Change the DN of the entry in the destination directory to that of the source directory
log2usesrc: Same as usesrc except that the change is logged into an LDIF file, and not directly effected in the destination directory
usedest: Change the DN of the entry in the source directory to that of the destination directory
log2usedest: Same as usedest except that the change is logged into an LDIF file, and not directly effected in the source directory

The default value depends on the operation specified. Table 4-7 shows the default values of the mvatrdif argument, corresponding to the operations specified.

Table 4-7 Default Values for the mvatrdif Argument

Operation	Default Value
`compare`	`log2usesrc`
`reconcile`	`usesrc`
`merge`	`log2usesrc`
`merge_dryrun`	`usesrc`
`userdefinedcr`	`ignore`

odefos=ignore | add | log2add | del | log2del | log

Optional. Specifies the conflict resolution rule to use when an object class definition exists only in the source directory. The following values are allowed for the odefos argument:

ignore: Ignore the conflict and do not take any action
add: Add the object class definition to the peer directory
log2add: Same as add except that the changes are logged into an LDIF file and not directly effected in the directory.
del: Delete the object class definition from the directory
log2del: Same as del except that the changes are logged into an LDIF file and not directly effected in the directory
log: Log the conflict in the report file and take no other action

The default value depends on the operation specified. Table 4-8 shows the default values of the odefos argument, corresponding to the operations specified.

Table 4-8 Default Values for the odefos Argument

Operation	Default Value
`compare`	`log2add`
`reconcile`	`add`
`merge`	`add`
`merge_dryrun`	`log2add`
`userdefinedcr`	`ignore`

odefod=ignore | add | log2add | del | log2del | log

Optional. Specifies the conflict resolution rule to use when an object class definition exists only in the destination directory. The values allowed for the odefod argument are the same as the odefos argument.

The default value depends on the operation specified. Table 4-9 shows the default values of the odefod argument, corresponding to the operations specified.

Table 4-9 Default Values for the odefod Argument

Operation	Default Value
`compare`	`log2del`
`reconcile`	`del`
`merge`	`add`
`merge_dryrun`	`log2add`
`userdefinedcr`	`ignore`

Optional. Specifies the conflict resolution rule to use when an object class definition is different in the source and destination directories. The following values are allowed for the odefdif argument:

ignore: Ignore the conflict and take no action
usesrc: Replace the object class definition in the destination directory with the object class definition in the source directory
log2usesrc: Same as usesrc except that the changes are logged in an LDIF file and not directly effected in the destination directory
usedest: Replace the object class definition in the source directory with the object class definition in the destination directory
log2usedest: Same as usedest except that the changes are logged in an LDIF file and not directly effected in the source directory
merge: Merge the object class definitions. This involves adding optional and mandatory attributes available in one directory to the other directory
log2merge: Same as merge except that the changes are logged into an LDIF file and not directly effected in the directory
log: Log the conflicts in the report file and take no other action

The default value depends on the operation specified. Table 4-10 shows the default values of the odefdif argument, corresponding to the operation specified.

Table 4-10 Default Values for the odefdif Argument

Operation	Default Value
`compare`	`log2usesrc`
`reconcile`	`usesrc`
`merge`	`merge`
`merge_dryrun`	`log2merge`
`userdefinedcr`	`ignore`

adefos=ignore | add | log2add | del | log2del | log

Optional. Specifies the conflict resolution rule to use when an attribute definition exists only in the source directory. The following values are allowed for the adefos argument:

ignore: Ignore the conflict and do not take any action
add: Add the attribute definition to the peer directory
log2add: Same as add except that the changes are logged into an LDIF file and not directly effected in the directory.
del: Delete the attribute definition from the directory
log2del: Same as del except that the changes are logged into an LDIF file and not directly effected in the directory
log: Log the conflict in the report file and take no other action

The default value depends on the operation specified. Table 4-11 shows the default values of the adefos argument, corresponding to the operation specified.

Table 4-11 Default Values for the adefos Argument

Operation	Default Value
`compare`	`log2add`
`reconcile`	`add`
`merge`	`add`
`merge_dryrun`	`log2add`
`userdefinedcr`	`ignore`

adefod=ignore | add | log2add | del | log2del | log

Optional. Specifies the conflict resolution rule to use when an attribute definition exists only in the destination directory. The values allowed for the adefod argument are the same as the adefos argument.

The default value depends on the operation specified. Table 4-12 shows the default values of the adefod argument, corresponding to the operation specified.

Table 4-12 Default Values for the adefod Argument

Operation	Default Value
`compare`	`log2del`
`reconcile`	`del`
`merge`	`add`
`merge_dryrun`	`log2add`
`userdefinedcr`	`ignore`

Optional. Specifies the conflict resolution rule to use when an attribute definition is different in the source and destination directories. The following values are allowed for the adefdif argument:

ignore: Ignore the conflict and take no action
usesrc: Replace the attribute definition in the destination directory with the attribute definition in the source directory
log2usesrc: Same as usesrc except that the changes are logged in an LDIF file and not directly effected in the destination directory
usedest: Replace the attribute definition in the source directory with the attribute definition in the destination directory
log2usedest: Same as usedest except that the changes are logged in an LDIF file and not directly effected in the source directory
log: Log the conflicts in the report file and take no other action

The default value depends on the operation specified. Table 4-13 shows the default values of the adefdif argument, corresponding to the operation specified.

Table 4-13 Default Values for the adefdif Argument

Operation	Default Value
`compare`	`log2usesrc`
`reconcile`	`usesrc`
`merge`	`usesrc`
`merge_dryrun`	`log2usesrc`
`userdefinedcr`	`ignore`

paramfile=filename_that_contains_the_above_parameters

Optional. Specifies a parameter file to supply argument values. A parameter file can be used to supply arguments that are normally entered at the command line. The file should contain argument=value pairs either separated by whitespace characters or entered on separate lines. If an argument is contained in the parameter file and also supplied through the command line, then the command line value overrides the parameter file value for that argument.

xmlParamFile=file_containing_parameters_in_XML_format

Optional. Specifies an XML parameter file to supply argument values. If an argument is contained in the parameter file and also supplied through the command line, then the command line value overrides the parameter file value for that argument.

4.4 Replication Environment Management Tool

You can use the remtool and its arguments to perform various operations.

"remtool" includes the syntax and arguments of the Replication Environment Management Tool.

The Replication Environment Management Tool includes the following operations:

4.4.1 remtool

Learn about the remtool syntax and the various command-specific syntax, arguments, and usage.

Syntax

The remtool syntax is as follows:

remtool operation [connection_argument] [-v]

operation :=  { -paddnode   | -pdelnode   | -pcleanup   |
                -pchgpwd    | -pdisplay   | -pchgmaster [ -multimaster]|
                -pchgwalpwd | -pdispqstat | -pverify    | -presetpwd | 
                -psuspendrepl -fromnode host1:port1 [-tonode host2:port2] |
                -presumerepl -fromnode host1:port1 [-tonode host2:port2]|
                -pthput [-interval time_in_seconds] [-file filename] }

connection_argument := { -bind supplier_hostname:ldap_port }

Arguments

operation

Required. The name of the operation to perform using remtool. See the appropriate operation documentation for command-specific syntax, arguments, and usage. The following operations are available:

-paddnode - Adds a partial replica to an LDAP-based DRG. See "-paddnode" for more information about this operation.
-pdelnode - Deletes a partial replica from an LDAP-based DRG. See "-pdelnode" for more information about this operation.
-pcleanup - Cleans up the partial replication setup of an LDAP-based DRG. See "-pcleanup" for more information about this operation.
-pchgpwd - Changes the password of a replication DN for a replica in an LDAP-based DRG. See "-pchgpwd" for more information about this operation.
-pdisplay - Displays all replica details in a partial replication group. See "-pdisplay" for more information about this operation.
pchgmaster - Breaks agreement with an old LDAP-based supplier (master copy of the naming context) and reestablishes agreement with a new supplier. See "-pchgmaster" for more information about this operation.
-pchgwalpwd - Changes the wallet password of a replication DN for a replica in an LDAP-based DRG. See "-pchgwalpwd" for more information about this operation.
-pdispqstat - Displays the queue statistics for a directory replication group (DRG) that uses LDAP-based replication. See "-pdispqstat" for more information about this operation.
-pverify - Verifies the replication configuration for a DRG node that uses LDAP-based replication. See "-pverify" for more information about this operation.
-presetpwd - Resets the password of a replication DN for a replica in an LDAP-based DRG. See "-presetpwd" for more information about this operation.
-pilotreplica - Begins or ends pilot mode for a replica. See "-pilotreplica" for more information about this operation.
-backupmetadata - Adds the metadata of a pilot replica to a master replica or backs up the metadata of a pilot replica into a file. This operation must be executed at the pilot replica. See "-backupmetadata" for more information about this operation.
-psuspendrepl -fromnodehost1:port1 [-tonode host2:port2] - Only used during rolling upgrade. For more information, see the appendix in Performing a Rolling Upgrade in Administering Oracle Internet Directory.
-presumerepl -fromnodehost1:port1 [-tonode host2:port2] - Only used during rolling upgrade. For more information, see the appendix in Performing a Rolling Upgrade in Administering Oracle Internet Directory.
-pthput [-interval time_in_seconds] [-file filename] - Enables you to monitor replication progress in a directory replication group. See "-pthput" for more information.

connection_argument

The connection information to be supplied to remtool. The following connection details are available:

-bind - Used with LDAP-based replication operations to specify the hostname and port of the supplier. See "-bind Connection" for more information.

-v

Optional. Runs the command in verbose mode. Shows detailed output for the command on the screen and also logs all operations in the remtool.log file created in $DOMAIN_HOME/tools/OID/logs.

Related Command-Line Tools

See Oracle Internet Directory Control Utility

4.4.2 connection_argument

Understand about the -bind connection arguments in the Replication Environment Management Tool.

The Replication Environment Management Tool includes the -bind connection arguments:

-bind Connection

-bind Connection

This argument is used with LDAP-based operations to supply the host and port of the supplier. The syntax is:

bind supplier_hostname:ldap_port

You are prompted for the replication DN password. If you omit either the hostname or port or both, remtool uses the local host name or default port (3060) or both as arguments. If you omit the -bind argument, you are prompted for the missing information.

4.4.3 -backupmetadata

The backupmetadata operation adds the metadata of a pilot replica to the master replica, or backs up the metadata of a pilot replica into a file.

Note:

The -backupmetadata option does not work if anonymous bind is disabled at the pilot replica or master replica.

Syntax

remtool -backupmetadata -replica pilot_hostname:port {-master master_hostname:port | -bkup file_name} 
[-nwurl file:wallet_location] [-wurl file:wallet_location] [-nsslauth auth_mode] [-sslauth auth_mode]

Arguments

-replica pilot_hostname:port

Required. The connection string for the pilot replica. You are prompted for the password for the replication DN of the pilot replica.The string is comprised of the following elements:

The host name where the pilot replica's LDAP server is running.
The pilot replica's LDAP listening port, for example 3060.

-master master_hostname:port

Either -master or -bkup argument is required. (You can provide both arguments.) The connection string for the master replica. You are prompted for the password for the replication DN of the master replica. The string is comprised of the following elements:

The host name where the master replica's LDAP server is running.
The master replica's LDAP listening port, for example 3060.

-bkup file_name

Either -master or -bkup argument is required. (You can provide both arguments.) The full path and file name of the LDIF output file. The metadata entries are written to this file in LDIF format.

-nwurl file:wallet_location

Optional. Specifies the wallet location for SSL connection to the pilot replica (one-way or two-way).

-wurl file:wallet_location

Optional. Specifies the wallet location for SSL connection to the master replica (one-way or two-way).

-nsslauth auth_mode

Optional. Specifies the SSL authentication mode for the pilot replica. You can use SSL in one of three authentication modes:

1 – SSL No Authentication mode
2 – SSL Server Authentication Only mode
3 – SSL Client and Server Authentication mode

-sslauth auth_mode

Optional. Specifies the SSL authentication mode for the master replica. You can use SSL in one of three authentication modes:

1 – SSL No Authentication mode
2 – SSL Server Authentication Only mode
3 – SSL Client and Server Authentication mode

4.4.4 -paddnode

The paddnode operation adds a replica or partial replica to a directory replication group (DRG).

This operation has the following usage rules:

The supplier node (the master copy) can be part of a DRG that uses LDAP-based replication.
The new replica to be added should not be a member of any DRG.
A consumer node (the destination of replication updates) can be any node that uses LDAP-based replication.
After adding a replica, you can choose the naming context(s) to participate in replication, or choose the entire directory by selecting * (asterisk). Choosing specific naming contexts replicates only that portion of the directory. Choosing the entire directory replicates all directory data except for directory-specific entries (DSE).
The cn=oraclecontext naming context is included for replication whether or not any naming contexts are specified by the user.

Syntax

remtool -paddnode [-bind supplier_hostname:ldap_port] [-v]

Arguments

You are prompted for the password for the replication DN on the consumer node. You are prompted for the following arguments if you do not specify them:

Consumer Host Name of Host Running OID Server - The host name of the Oracle Internet Directory server where you want to create the replica. This node can be added to the DRG as a read-only or updateable replica.
Consumer Port - The LDAP listening port of the consumer node.

In addition, the tool prompts you for the following information:

Replica ID of Supplier - If the DRG contains multiple nodes that can be used as the supplier, you are prompted to enter the replica ID of the one you want to use.
Naming Context - For a partial replica, you can enter the name(s) of the naming context you want to replicate. To select the entire directory, enter * (asterisk). To select none, enter e (end).

-bind supplier_hostname:ldap_port

See "-bind Connection" for information.

4.4.5 -pdisplay

The pdisplay operation displays all replica details in a partial replication group.

Syntax

N/A

Arguments

-bind supplier_hostname:ldap_port

See "-bind Connection" for information.

4.4.6 -pchgmaster

The pchgmaster operation is used to break the agreement with the old supplier and reestablish the agreement with a new supplier. This operation is part of configuring replication failover.

4.4.7 -pchgpwd

The pchgpwd operation changes the replication DN password for an Oracle Internet Directory server. The password is changed in both the directory and in wallet.

If the replica is taking part in replication, the password is changed in other replicas for the local replica's replication DN. Note that, unlike Advanced Replication, the replication DN password for each replica can be different.

The operation must be run on the host of the Oracle Internet Directory server whose password you are changing in order to update the wallet password at the same time. You can also update the wallet password separately using the "-pchgwalpwd" operation.

Syntax

remtool -pchgpwd [-bind oid_hostname:ldap_port] [-v]

Arguments

In addition to the arguments specified on the command-line, the tool also prompts you for the new replication DN password for the host specified in the bind connection string.

-bind supplier_hostname:ldap_port

See "-bind Connection" for information.

4.4.8 -pchgwalpwd

The pchgwalpwd operation is used to change the replication DN password only in the wallet of an Oracle Internet Directory server. It sets the wallet password to the same replication DN password stored in the Oracle Internet Directory repository for the host specified in the bind connection string.

Syntax

remtool -pchgwalpwd [-bind oid_hostname:ldap_port] [-v]

Arguments

-bind supplier_hostname:ldap_port

See "-bind Connection" for information.

4.4.9 -pcleanup

The pcleanup operation is used to clean up an LDAP-based directory replication group (DRG) setup. It cleans up a replica which has incomplete or flawed LDAP-based DRG setup. It only cleans up the replica identified by the bind connection string.

If replication configuration information is corrupted, or the replication DN entry is not available, then the tool prompts for the Oracle Internet Directory superuser DN and password.

This operation only cleans up LDAP-based DRG setup.

Syntax

remtool -pcleanup [-bind oid_hostname:ldap_port] [-agrmt] [-v]

Arguments

-bind supplier_hostname:ldap_port

See "-bind Connection" for information.

-agrmt

Optional. Use this option to clean up dead LDAP agreements at a node. Dead agreements might exist if:

A node in the DRG was offline when you ran remtool -pcleanup.
The node being deleted was offline when you ran remtool -delnode.
The supplier node was offline when you ran remtool -pchgmaster.

Alternatively, in the first two cases, you could run remtool -pcleanup (without -agrmt) to delete all the agreements.

4.4.10 -pdelnode

The pdelnode operation deletes an LDAP-based replica or partial replica from a directory replication group (DRG).

Syntax

remtool -pdelnode [-bind hostname:ldap_port] [-v]

Arguments

In addition to the arguments specified on the command-line, the tool prompts you for the following information:

The replica ID of the replica to be deleted - The replica ID of the LDAP-based replica you want to delete.

-bind hostname:ldap_port

See "-bind Connection" for information.

4.4.11 -pdispqstat

The pdispqstat operation displays the queue statistics for a directory replication group (DRG) that uses LDAP-based replication.

Syntax

remtool -pdispqstat [-bind hostname:ldap_port] [-v]

Arguments

-bind hostname:ldap_port

See "-bind Connection" for information.

4.4.12 -pilotreplica

The pilotreplica operation begins or ends pilot mode for a replica.

Syntax

remtool -pilotreplica {begin|end} -bind hostname:ldap_port [-bkup file_name]

Arguments

begin | end

Required. Begin or end pilot mode.

-bind hostname:ldap_port

See "-bind Connection" for information.

-bkup file_name

Name of backup file in which entries modified after pilot mode is started are to be stored in LDIF format.

4.4.13 -presetpwd

The presetpwd operation resets the replication DN password for the given Oracle Internet Directory server in both the directory repository and wallet. It does not reset the passwords for any other directories of the directory replication group (DRG) of which this directory is a member.

You need the Oracle Internet Directory superuser DN and password to reset the replication DN password.

Syntax

remtool -presetpwd -bind hostname:ldap_port [-v]

Arguments

You are prompted for the new replication DN password. In addition to the password and arguments supplied on the command-line, the tool prompts you for the following information:

The superuser DN, for example cn=orcladmin.
The superuser password.

-bind hostname:ldap_port

See "-bind Connection" for information.

4.4.14 -pthput

The -pthput option enables you to monitor replication progress in a directory replication group. The tool binds to the specified node and collects information about all the nodes in the directory replication group. It displays this information at intervals of specified duration.

Syntax

remtool -pthput [-bind hostname:ldap_port_number] [-interval time_in_seconds] [-file filename]

Arguments

-bind hostname:ldap_port_number

See "-bind Connection" for information.

-interval time_in_seconds

The interval for displaying information. This is an optional parameter. Provide its value in seconds. Its default value is 60 seconds.

-file filename

The file to write information to. This is an optional argument. If you specify a file argument, the output shown on the command line is logged to that file. Otherwise, the output is logged to a file name based on the timestamp.

4.4.15 -pverify

The pverify operation verifies the replication configuration for a directory replication group (DRG) that uses LDAP-based replication. This operation cannot be used for a DRG that uses ASR based replication. If a DRG uses both ASR and LDAP-based replication, then this option verifies the replication configuration between nodes that use LDAP-based replication only.

The pverify operation has the following usage rules:

This option only verifies agreements that involve the node specified in the command argument.
The remtool_VERIFY_LOG.rpt report contains the verification results.

Syntax

remtool -pverify [-bind hostname:ldap_port_number] [-hiqmax hiqmax] [-tbtmax tbtmax] [-v]

Arguments

-bind hostname:ldap_port_number

See "-bind Connection" for information.

-hiqmax hiqmax

The maximum number of change logs in the Human Intervention Queue (HIQ) after which warnings are generated.

-tbtmax tbtmax

The maximum number of logs to be transported (tbt) after which warnings are generated.

4.4.16 -psuspendrepl and -presumerepl

The -psuspendrepl and -presumerepl operations provide rolling upgrade support for multimaster replication DRGs by suspending and resuming replication, respectively.

Syntax

remtool -psuspendrepl -fromnode host1:port1 [-tonode host2:port2]

remtool -presumerepl -fromnode host1:port1 [-tonode host2:port2]

Note:

You must apply all required patches before starting the rolling upgrade procedure.

Arguments

-fromnode host1:port1

Specifies the host and port of the node from which replication is to be suspended.

-tonode host2:port2

Specifies the host and port of the node to which replication is to be suspended

If you do not specify the -tonode parameter with -psuspendrepl or -presumerepl, remtool displays the replicaids of all the replicas and prompts you for the replica to which to replication is to be suspended or resumed. To suspend or resume replication to all the replicas, enter all.