HP-UX Directory Server 8.1 administrator guide
8.1.2 Read-write and read-only replicas
A database that participates in replication is called a replica. There are two kinds of replicas:
read-write or read-only:
• A read-write replica contains master copies of directory information and can be updated.
• A read-only replica services read, search, and compare requests, but refers all update
operations to read-write replicas.
A server can hold any number of read-only or read-write replicas.
8.1.3 Suppliers and consumers
A server that holds a replica that is copied to a replica on a different server is called a supplier
for that replica. A server that holds a replica that is copied from a different server is called a
consumer for that replica. Generally, the replica on the supplier server is a read-write replica,
and the one on the consumer server is a read-only replica, with two exceptions:
• In the case of cascading replication, the hub server holds a read-only replica that it supplies
to consumers. “Cascading replication” has more information.
• In the case of multi-master replication, the masters are both suppliers and consumers for
the same information. For more information, see “Multi-master replication”.
Replication is always initiated by the supplier server, never by the consumer (supplier-initiated
replication). Supplier-initiated replication allows a supplier server to be configured to push data
to multiple consumer servers.
8.1.4 Changelog
Every supplier server maintains a changelog, a record of all changes that a supplier or hub needs
to send to its consumers. A changelog is a special kind of database that describes the modifications
that have occurred on a replica. The supplier server then replays these modifications to the
replicas stored on consumer servers or to other suppliers, in the case of multi-master replication.
When an entry is modified, a change record describing the LDAP operation that was performed
is recorded in the changelog.
In Directory Server, the changelog is only intended for internal use by the server. For other
applications to read the changelog, use the Retro Changelog Plug-in, as described in “Using the
Retro changelog plug-in”.
8.1.5 Replication identity
When replication occurs between two servers, the replication process uses a special entry, called
the replication manager entry, to identify replication protocol exchanges and to control access
to the directory data. The replication manager entry, or any entry used during replication, must
meet the following criteria:
• It is created on the consumer server (or hub) and not on the supplier server.
• Create this entry on every server that receives updates from another server, meaning on
every hub or dedicated consumer.
• When a replica is configured as a consumer or hub (a replica that receives updates from
another server), this entry must be specified as the one authorized to perform replication
updates.
• The replication agreement is created on the supplier server, the DN of this entry must be
specified in the replication agreement.
• The supplier bind DN entry must not be part of the replicated database for security reasons.
• This entry, with its special user profile, bypasses all access control rules defined on the
consumer server for the database involved in that replication agreement.
320 Managing replication