15.23. Monitoring the Replication Topology

Use the dsconf replication monitor command to display the replication status, as well as additional information, such as replica IDs and Change State Numbers (CSN) on suppliers, consumers, and hubs:
# dsconf -D "cn=Directory Manager" ldap://supplier.example.com replication monitor
Enter password for cn=Directory Manager on ldap://supplier.example.com: password

Enter a bind DN for consumer.example.com:389: cn=Directory Manager
Enter a password for cn=Directory Manager on consumer.example.com:389: password
Supplier: server.example.com:389
Replica Root: dc=example,dc=com
Replica ID: 1
Replica Status: Available
Max CSN: 5e3acb77001d00010000

Status For Agreement: "example-agreement" (consumer.example.com:389)
Replica Enabled: on
Update In Progress: FALSE
Last Update Start: 20200205140439Z
Last Update End: 20200205140440Z
Number Of Changes Sent: 1:166/0
Number Of Changes Skipped: None
Last Update Status: Error (0) Replica acquired successfully: Incremental update succeeded
Last Init Start: 20200205133709Z
Last Init End: 20200205133711Z
Last Init Status: Error (0) Total update succeeded
Reap Active: 0
Replication Status: In Synchronization
Replication Lag Time: 00:00:00

Supplier: consumer.example.com:389
Replica Root: dc=example,dc=com
Replica ID: 65535
Replica Status: Available
Max CSN: 00000000000000000000

15.23.1. Setting Credentials for Replication Monitoring in the .dsrc File

By default, the dsconf replication monitor command prompts for bind DNs and passwords when authenticating to remote instances. Alternatively, you can set the bind DNs, and optionally passwords, for each server in the topology in the user's ~/.dsrc file.

Example 15.1. An Example .dsrc File with Explanations of the Different Fields

The following is an example ~/.dsrc file:
connection1 = server1.example.com:389:cn=Directory Manager:*
connection2 = server2.example.com:389:cn=Directory Manager:[~/pwd.txt]
connection3 = hub1.example.com:389:cn=Directory Manager:S3cret
This example uses connection1 to connection3 as keys for each entry. However, you can use any key as long as it is unique.
If you run the dsconf replication monitor command, the dsconf utility connects to all servers configured in replication agreements of the instance. If the utility finds the host name in ~/.dsrc, it uses the defined credentials to authenticate to the remote server. In the example above, dsconf uses the following credentials when connecting to a server:
Host name Bind DN Password
server1.example.com cn=Directory Manager Prompts for the password
server2.example.com cn=Directory Manager Reads password from ~/pwd.txt
hub1.example.com cn=Directory Manager S3cret

15.23.2. Using Aliases in the Replication Topology Monitoring Output

By default, the dsconf replication monitor command displays the host names of servers in the monitoring report. Alternatively, you can display aliases using one of the following methods:
  • Define the aliases in the ~/.dsrc file:
    M1 = server1.example.com:389
    M2 = server2.example.com:389
  • Define the aliases by passing the -a alias=host_name:port parameter to the dsconf replication monitor command:
    # dsconf -D "cn=Directory Manager" ldap://server.example.com replication monitor -a M1=server1.example.com:389 M2=server2.example.com:389
In both cases, the command displays the alias in the command's output:
Supplier: M1 (server1.example.com:389)
Supplier: M2 (server2.example.com:389)