Show Table of Contents
12.9. Sending Synchronization Updates
Synchronization occurs as frequently as is set in the
winSyncInterval setting (for retrieving changes from the Active Directory domain) or nsds5replicaupdateschedule setting (for pushing changes from the Directory Server). By default, changes are retrieved from Active Directory every five minutes, and changes from the Directory Server are sent immediately.
A sync update can be triggered manually. It is also possible to do a full resynchronization, which sends and pulls every entry in the Directory Server and Active Directory as if it were new. A full resynchronization includes existing Directory Server entries which may not have previously been synchronized.
12.9.1. Performing a Manual Sync Update
During normal operations, all the updates made to entries in the Directory Server that need to be sent to Active Directory are collected the changelog and then replayed during an incremental update.
- Go to the Configuration tab in the Console.
- Open the Replication folder and expand the appropriate database.
- Select the sync agreement.
- Right-click on the agreement or open the Object menu.
- Select Send and Receive Updates from the drop down menu.
12.9.2. Sending a Total Update (Full Synchronization)
If there have been major changes to data, or synchronization attributes are added to pre-existing Directory Server entries, it is necessary to initiate a resynchronization. Resynchronization is a total update; the entire contents of synchronized subtrees are examined and, if necessary, updated. Resynchronization is done without using the changelog. This is similar to initializing or reinitializing a consumer in replication.
- Go to the Configuration tab in the Console.
- Open the Replication folder and expand the appropriate database.
- Select the sync agreement.
- Right-click on the agreement or open the Object menu.
- Select Initialize Full Re-synchronization from the drop down menu.
Resynchronizing will not delete data on the sync peer; it sends and receives all updates and add any new or modified Directory Server entries; for example, it adds a pre-existing Directory Server user that had thentUserobject class added.
12.9.3. Sending Sync Updates in the Command Line
To send sync updates through the command line, add the
nsDS5BeginReplicaRefresh attribute to the sync agreement. For example:
ldapmodify -D "cn=directory manager" -W -p 389 -h server.example.com -x dn: cn=ExampleSyncAgreement,cn=sync replica,cn=dc=example\,dc=com,cn=mapping tree,cn=config changetype: modify add: nsDS5BeginReplicaRefresh nsDS5BeginReplicaRefresh: start
This attribute is removed from the entry as soon as the update is complete.
Note
This initiates a full synchronization for the entire database, not an incremental update of recent changes.
12.9.4. Checking Synchronization Status
Check synchronization status in the Replication tab in the Status of the Console. Highlight the synchronization agreement to monitor, and the relevant information should appear in the right-hand pane. The Status area shows whether the last incremental and total updates were successful and when they occurred.
- Go to the Configuration tab in the Console.
- Open the Replication folder and expand the appropriate database.
- Select the sync agreement.
- In the Summary tab, the status of the latest sync process is shown at the bottom.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.