15.24. Comparing Two Directory Server Instances

In certain situations, an administrator wants to compare if two Directory Servers are synchronized. The ds-replcheck utility enables you to compare two online servers. Alternatively, ds-replcheck can compare two LDIF-formatted files in offline mode and two servers in online mode.

Note

To compare two databases offline, export them using the db2ldif -r command to include replication state information.
If you compare two online servers, the contents of the databases usually differ, if they are under heavy load. To work around this problem, the script uses a lag time value in by passing the -l time_in_seconds parameter to ds-replcheck. By default, this value is set to 300 seconds (5 minutes). If the utility detects an inconsistency that is within the lag time, it is not reported. This helps to reduce false positives.
By default, if you excluded certain attributes in the replication agreement from being replicated, ds-replcheck reports these attributes as different. To ignore these attributes, pass the -i attribute_list parameter to the utility.
For example, to compare the dc=example,dc=com suffix of two Directory Servers:
# ds-replcheck -D "cn=Directory Manager" -W \
     -m ldap://server1.example.com:389 \
     -r ldap://server2.example.com:389 \
     -b "dc=example,dc=com"
The output of the utility contains the following sections:
Database RUV's
Lists the Replication Update Vectors (RUV) of the databases including the minimum and maximum Change Sequence Numbers (CSN). For example:
Supplier RUV:
  {replica 1 ldap://server1.example.com:389} 58e53b92000200010000 58e6ab46000000010000
  {replica 2 ldap://server2.example.com:389} 58e53baa000000020000 58e69d7e000000020000
  {replicageneration} 58e53b7a000000010000

Replica RUV:
  {replica 1 ldap://server1.example.com:389} 58e53ba1000000010000 58e6ab46000000010000
  {replica 2 ldap://server2.example.com:389} 58e53baa000000020000 58e7e8a3000000020000
  {replicageneration} 58e53b7a000000010000
Entry Count
Displays the total number of entries on the both servers, including tombstone entries. For example:
Supplier:  12
Replica: 10
Tombstones
Displays the number of tombstone entries on each replica. These entries are added to the total entry count. For example:
Supplier:  4
Replica: 2
Conflict Entries
Lists the Distinguished Names (DN) of each conflict entry, the conflict type, and the date it was created. For example:
Supplier Conflict Entries: 1

 - nsuniqueid=48177227-2ab611e7-afcb801a-ecef6d49+uid=user1,dc=example,dc=com
    - Conflict:   namingConflict (add) uid=user1,dc=example,dc=com
    - Glue entry: no
    - Created:    Wed Apr 26 20:27:40 2017


Replica Conflict Entries: 1

 - nsuniqueid=48177227-2ab611e7-afcb801a-ecef6d49+uid=user1,dc=example,dc=com
    - Conflict:   namingConflict (add) uid=user1,dc=example,dc=com
    - Glue entry: no
    - Created:    Wed Apr 26 20:27:40 2017
Missing Entries
Lists the DNs of each missing entry and the creation date from the other server where the entry resides. For example:
  Entries missing on Supplier:
   - uid=user2,dc=example,dc=com (Created on Replica at: Wed Apr 12 14:43:24 2017)
   - uid=user3,dc=example,dc=com (Created on Replica at: Wed Apr 12 14:43:24 2017)

  Entries missing on Replica:
   - uid=user4,dc=example,dc=com (Created on Supplier at: Wed Apr 12 14:43:24 2017)
Entry Inconsistencies
Lists the DNs of the entry that contain attributes that are different to those on the other server. If a state information is available, it is also displayed. If no state information for an attribute is available, it is listed as an origin value. This means that the value was not updated since the replication was initialized for the first time. For example:
cn=group1,dc=example,dc=com
---------------------------
Replica missing attribute "objectclass":

 - Supplier's State Info: objectClass;vucsn-58e53baa000000020000: top
 - Date: Wed Apr  5 14:47:06 2017

 - Supplier's State Info: objectClass;vucsn-58e53baa000000020000: groupofuniquenames
 - Date: Wed Apr  5 14:47:06 2017