friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahy_5.4.0.1/rzahymasterrep.htm

70 lines
4.4 KiB
HTML
Raw Permalink Blame History

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="dc.language" scheme="rfc1766" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<title>Directory Server (LDAP) - Create a master-replica topology</title>
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
<link rel="stylesheet" type="text/css" href="ic.css" />
</head>
<body>
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
<a name="rzahymasterrep"></a>
<h3 id="rzahymasterrep">Create a master-replica topology</h3>
<p>To define a basic master-replica topology, you must: </p>
<ol type="1">
<li>Create a master server and define what it contains. Select the subtree
that you want to be replicated and specify the server as the master. See <a href="rzahycreatems.htm#rzahycreatems">Create a master server (replicated subtree)</a>.</li>
<li>Create credentials to be used by the supplier. See <a href="rzahycreatecreds.htm#rzahycreatecreds">Create credentials</a>.</li>
<li>Create a replica server. See <a href="rzahycreaterep.htm#rzahycreaterep">Create a replica server</a>.</li>
<li>Export the topology from the master to the replica. See <a href="rzahyexportdata.htm#rzahyexportdata">Copy data to the replica</a>.</li>
<li>Change the replica's configuration to identify who is authorized to replicate
changes to it, and add a referral to a master. See <a href="rzahyaddsupply.htm#rzahyaddsupply">Add the supplier information to the replica</a>.</li></ol>
<a name="wq213"></a>
<div class="notetitle" id="wq213">Note:</div>
<div class="notebody">
<p>If the entry at the root of the subtree that you want to
be replicated is not a suffix in the server, before you can use the <span class="bold">Add subtree</span> function, you must ensure that its ACLs defined as follows:</p>
<dl>
<dt class="bold">For non-filtered ACLs:</dt>
<dd>
<pre class="xmp">ownersource: &lt;<span class="italic">same as the entry DN</span>>
ownerpropagate: TRUE
aclsource: &lt;<span class="italic">same as the entry DN</span>>
aclpropagate: TRUE</pre>
</dd>
<dt class="bold">For filtered ACLs:</dt>
<dd>
<pre class="xmp">ibm-filteraclinherit: FALSE</pre>
</dd>
</dl><p class="indatacontent">To satisfy the ACL requirements, if the entry is not a suffix in the
server, edit the ACL for that entry in the <span class="bold">Manage
entries</span> panel. Select the entry and click <span class="bold">Edit ACL</span>. If you want to add Non-filtered ACLs, select that tab and
select the checkbox to specify if the ACLs are explicit or not for both ACLs
and owners. Ensure that <span class="bold">Propagate ACLs</span> and <span class="bold">Propagate owner</span> are checked. If you want to add
Filtered ACLs select that tab and add an entry <span class="bold">cn=this</span> with the role <span class="bold">access-id</span> for both
ACLs and owners. Ensure that <span class="bold">Accumulate filtered
ACLs</span> is unchecked and that <span class="bold">Propagate owner</span> is checked. See <a href="rzahywac-pi.htm#rzahywac-pi">Manage access control lists (ACLs)</a> for more detailed information.</p>
<p>Initially, the <span class="bold">ibm-replicagroup</span> object
created by this process inherits the ACL of the root entry for the replicated
subtree. These ACLs might be inappropriate for controlling access to the
replication information in the directory.</p></div>
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink