Show Table of Contents
16.11. Sending Synchronization Updates
Synchronization occurs as frequently as is set in the
winSyncInterval setting (for retrieving changes from the Active Directory domain) or nsds5replicaupdateschedule setting (for pushing changes from the Directory Server). By default, changes are retrieved from Active Directory every five minutes, and changes from the Directory Server are sent immediately.
A sync update can be triggered manually. It is also possible to do a full resynchronization, which sends and pulls every entry in the Directory Server and Active Directory as if it were new. A full resynchronization includes existing Directory Server entries which may not have previously been synchronized.
16.11.1. Performing a Manual Incremental Synchronization
During normal operations, all the updates made to entries in the Directory Server that need to be sent to Active Directory are collected the changelog and then replayed during an incremental update.
- Go to the Configuration tab in the Console.
- Open the Replication folder and expand the appropriate database.
- Select the sync agreement.
- Right-click on the agreement or open the Object menu.
- Select Send and Receive Updates from the drop down menu.
16.11.2. Performing a Full Synchronization
If there have been major changes to data, or synchronization attributes are added to pre-existing Directory Server entries, it is necessary to initiate a resynchronization. Resynchronization is a total update; the entire contents of synchronized subtrees are examined and, if necessary, updated. Resynchronization is done without using the changelog. This is similar to initializing or reinitializing a consumer in replication.
16.11.2.1. Performing a Full Synchronization using the Console
To perform a full synchronization:
- Go to the Configuration tab in the Console.
- Open the Replication folder and expand the appropriate database.
- Select the sync agreement.
- Right-click on the agreement or open the Object menu.
- Select Initialize Full Re-synchronization from the drop down menu.
Resynchronizing will not delete data on the sync peer; it sends and receives all updates and add any new or modified Directory Server entries; for example, it adds a pre-existing Directory Server user that had thentUserobject class added.
16.11.2.2. Performing a Full Synchronization using the Command Line
To start a full synchronization using the command line, add the
nsDS5BeginReplicaRefresh attribute with the start value to the synchronization agreement.
For example, to start a full synchronization for the
Example agreement:
# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x dn: cn=replication_agreement_name,cn=replica,cn="dc=example,dc=com",cn=mapping tree,cn=config changetype: modify add: nsDS5BeginReplicaRefresh nsDS5BeginReplicaRefresh: start
After the synchronization, Directory Server automatically removes the
nsDS5BeginReplicaRefresh attribute from the agreement entry.
16.11.3. Checking Synchronization Status
Check synchronization status in the Replication tab in the Status of the Console. Highlight the synchronization agreement to monitor, and the relevant information should appear in the right-hand pane. The Status area shows whether the last incremental and total updates were successful and when they occurred.
- Go to the Configuration tab in the Console.
- Open the Replication folder and expand the appropriate database.
- Select the sync agreement.
- In the Summary tab, the status of the latest sync process is shown at the bottom.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.