Create a master-replica topology

To define a basic master-replica topology, you must:

  1. Create a master server and define what it contains. Select the subtree that you want to be replicated and specify the server as the master. See Create a master server (replicated subtree).
  2. Create credentials to be used by the supplier. See Create credentials.
  3. Create a replica server. See Create a replica server.
  4. Export the topology from the master to the replica. See Copy data to the replica.
  5. Change the replica's configuration to identify who is authorized to replicate changes to it, and add a referral to a master. See Add the supplier information to the replica.
Note:

If the entry at the root of the subtree that you want to be replicated is not a suffix in the server, before you can use the Add subtree function, you must ensure that its ACLs defined as follows:

For non-filtered ACLs:
ownersource: <same as the entry DN>
ownerpropagate: TRUE

aclsource: <same as the entry DN>
aclpropagate: TRUE
For filtered ACLs:
ibm-filteraclinherit: FALSE

To satisfy the ACL requirements, if the entry is not a suffix in the server, edit the ACL for that entry in the Manage entries panel. Select the entry and click Edit ACL. If you want to add Non-filtered ACLs, select that tab and select the checkbox to specify if the ACLs are explicit or not for both ACLs and owners. Ensure that Propagate ACLs and Propagate owner are checked. If you want to add Filtered ACLs select that tab and add an entry cn=this with the role access-id for both ACLs and owners. Ensure that Accumulate filtered ACLs is unchecked and that Propagate owner is checked. See Manage access control lists (ACLs) for more detailed information.

Initially, the ibm-replicagroup object created by this process inherits the ACL of the root entry for the replicated subtree. These ACLs might be inappropriate for controlling access to the replication information in the directory.