Nsds5debugreplicatimeout, Nsds5replconflict, Nsds5replicaautoreferral – Red Hat 8.1 User Manual

cn=config

Valid Values

0 | 1

0 means no changes are logged

1 means changes are logged

Default Value

0

Syntax

Integer

Example

nsDS5Flags: 0

2.3.7.2. nsds5DebugReplicaTimeout

This attribute gives an alternate timeout period to use when the replication is run with debug logging.
This can set only the time or both the time and the debug level:

nsds5debugreplicatimeout: seconds[:debuglevel]

Parameter

Description

Entry DN

cn=replica, cn=suffixDN, cn=mapping tree,
cn=config

Valid Values

Any numeric string

Default Value
Syntax

DirectoryString

Example

nsds5debugreplicatimeout: 60:8192

2.3.7.3. nsDS5ReplConflict

Although this attribute is not in the cn=replica entry, it is used in conjunction with replication. This
multi-valued attribute is included on entries that have a change conflict that cannot be resolved
automatically by the synchronization process. To check for replication conflicts requiring administrator
intervention, perform an LDAP search for (nsDS5ReplConflict=*). For example:

ldapsearch -D cn=directory manager -w password -s sub -b dc=example,dc=com
"(|(objectclass=nsTombstone)(nsDS5ReplConflict=*))" dn nsDS5ReplConflict
nsUniqueID

Using the search filter "(objectclass=nsTombstone)" also shows tombstone (deleted) entries.
The value of the nsDS5ReplConflict contains more information about which entries are in conflict,
usually by referring to them by their nsUniqueID. It is possible to search for a tombstone entry by its
nsUniqueID. For example:

ldapsearch -D cn=directory manager -w password -s sub -b dc=example,dc=com
"(|(objectclass=nsTombstone)(nsUniqueID=66a2b699-1dd211b2-807fa9c3-a58714648))"

2.3.7.4 . nsDS5ReplicaAutoReferral

This attribute sets whether the Directory Server follows configured referrals for the database.

Parameter

Description

Entry DN

cn=replica, cn=suffixDN, cn=mapping tree,
cn=config

Valid Values

on | off

Default Value
Syntax

DirectoryString

Example

nsDS5ReplicaAutoReferral: on

2.3.7.5. nsDS5ReplicaBindDN

This multi-valued attribute specifies the DN to use when binding. Although there can be more than one
value in this cn=replica entry, there can only be one supplier bind DN per replication agreement.
Each value should be the DN of a local entry on the consumer server. If replication suppliers are using
client certificate-based authentication to connect to the consumers, configure the certificate mapping on
the consumer to map the subjectDN in the certificate to a local entry.

Parameter

Description

Entry DN

cn=replica, cn=suffixDN, cn=mapping tree,
cn=config

Valid Values

Any valid DN

Default Value
Syntax

DirectoryString

Red Hat Directory Server 8.1 Configuration and Command Reference

63