We deleted our primary instace by accident and had to re-install.
So now im stuck when i want to set up the replication between the new instace of our primary server and the "old" untouched secondary destination server (which is initialized).
At the overview page of the replication, odscc says that the source suffix is not initialized. The re initialize the data i exported the suffix ldif on the secondary server and imported it in the primnary, so the data in the suffix is up-to date.
Do i have to make a temporary replication agreement, initializing the primary server with data from the seconday instace in order to get the old primary-to-seconday replication agreement to work? Or is there an other posibillity to initialize the suffix on the primary server?
one of the most important steps is to understand exactly what happened...
1. What do you mean by "deleted our primary instance by accident and had to re-install"? Did you simply removed the suffix? or purged all the entries? Or the machine got re-installed from scratch?
2. Which is the exact command you used to EXPORT the data from the second server?
3. Which is the exact command you used to IMPORT the data into the first server?
We really had to re-install the machine from scratch. As our company migrated the infrastructure to s11, we set up a solaris 10 branded zone on a solaris 11 host, to hold the new odsee setup. So we installed dsee, deployed dscc, created a new ldap instance, extended the schema, initialized the suffix (/usr/lib/ldap/idsconfig), set policy's acl's certs. And then i think i made a mistake.
I exported the suffix from socandary server: */opt/SUNWdsee7/bin/dsconf export -h secondary.server.fqdn -p 389 /var/tmp/user.ldif "dc=comp,dc=any,dc=suffix"*
And imported the ldif on new primary server */opt/SUNWdsee7/bin/dsconf export -h primary.server.fqdn -p 389 /var/tmp/user.ldif "dc=comp,dc=any,dc=suffix"*
I think this step left me with an uninitalized suffix, which prevents me from syncing the two instances in odscc. Do i have to re-inizialize the suffix with idsconfig? Or would that wipe the objects in the suffix?
first I have a question: how did you run successfully the export/import commands? as far as I know, the syntax you're using should not work... since you should use something like:
# ./dsconf export -p <PORT> -D <DIRECTORY_MANAGER> -w <PASSWORD> "dc=example,dc=com" /tmp/example.ldif
## Beginning export of 'example'
## example: Processed 161 entries (100%).
## Export finished.
Task completed (slapd exit code: 0).
Anyway, such an export SHOULD contain also the replication informations... so if you create another suffix and promote it to the role "MASTER", and AFTER you import:
# ./dsconf import -p 7589 -D "cn=Directory Manager" -w password /tmp/example.ldif "dc=example,dc=com"
New data will override existing data of the suffix "dc=example,dc=com".
Initialization will have to be performed on replicated suffixes.
Do you want to continue [y/n] ? y
## Index buffering enabled with bucket size 40
## Beginning import job...
## Starting to process and index entries
## Processing file "/tmp/example.ldif"
## Finished scanning file "/tmp/example.ldif" (161 entries)
## Workers finished; cleaning up...
## Workers cleaned up.
## Cleaning up producer thread...
## Indexing complete.
## Starting numsubordinates attribute generation. This may take a while, please wait for further activity reports.
## Numsubordinates attribute generation complete. Flushing caches...
## Closing files...
## Import complete. Processed 161 entries in 4 seconds. (40.25 entries/sec)
Task completed (slapd exit code: 0).
You should see that the replication is working; you should be able to check that with:
# ./dsccmon view-repl-agmts -D <DIRECTORY_MANAGER> -w <PASSWORD>
# ./dsccmon view-servers -D <DIRECTORY_MANAGER> -w <PASSWORD>
# ./dsccmon view-suffixes -s "dc=example,dc=com" -D <DIRECTORY_MANAGER> -w <PASSWORD>