Reference13r3:Concept LDAP Replication
Technical concept of replication as client
The replication of a source via LDAP is basically divided into 3 phases that must be passed through when synchronization is started.
- 1st phase local
The first phase is the "local" phase and ensures a comparison of any delta between the local data stock and the remote data stock. (In other words, objects that need to be deleted locally).
The LDAP client makes an LDAP query per local object (which it knows from its local database) based on the guid to the LDAP server. If the LDAP server knows this object, it returns the entire object so that the client can update the object locally if necessary. If the object does not exist in the LDAP server, it is removed locally.
During this phase, the status shows the following:
remote: Stopped local: Active
- 2nd phase remote
The second phase is the "remote" phase and ensures a comparison of any delta between the remote data stock and the local data stock. (In other words, objects that are missing locally are created).
The LDAP client requests a paging version of all objects of the LDAP server. The client then receives back page by page (2 objects) per request. If necessary, objects in the local database are updated accordingly.
During this phase the following is shown in the status:
remote: Active local: Completed
- 3rd phase notify
The third phase is the "notify" phase, in which there is no longer an open delta between the two sources, and future changes are synchronised. In this phase, a permanent TCP connection exists between the LDAP client and the LDAP server and is used for the LDAP server to notify the LDAP client when a change has occurred so that the client can create or update the record in the local database.
During this phase, the status will show the following:
remote: Completed local: Completed
It is important to note that:
- if a problem occurs (e.g. due to the interruption of a phase or e.g. loss of the TCP connection to the LDAP server) the synchronisation starts again from the first phase ("local")
- the local attribute usn will not be replicated. Each ldap node manages its own local usn
- if you use a configured Poll Timer the notify feature will not be used in this ldap session