LDAP Synchronization Replication
From Notes
Overview
OpenLDAP replication is tracked using the contextCSN value attributed to each naming context. This value reflects the entryCSN for the most recently modified entry.
Check Status
Replication status between provider and consumer LDAP servers can be verified through comparing the contextCSN on the provider with one or more consumers. An example from the command line would be:
ldapsearch -x -z 1 -ZZ -H ldap://provider.ldap.example.com/ contextCSN -LLL dn: dc=example,dc=com contextCSN: 20071107155156Z#000005#00#000000
ldapsearch -x -z 1 -ZZ -H ldap://consumer.ldap.example.com/ contextCSN -LLL dn: dc=example,dc=com contextCSN: 20071107155156Z#000005#00#000000
From the admin guide on OpenLDAP version 2.4.6:
The contextCSN checkpoint is configured by the
syncprov-checkpoint <ops> <minutes>
directive. Checkpoints are only tested after successful write operations. If <ops> operations or more than
<minutes> time has passed since the last checkpoint, a new checkpoint is performed.
The session log is configured by the
syncprov-sessionlog <size>
directive, where <size> is the maximum number of session log entries the session log can record. When a
session log is configured, it is automatically used for all LDAP Sync searches within the database.
contextCSN: - context change sequence number
entryCSN: - entry change sequence number
