Yesterday, I described how easy it is to enable Multi-Master Replication between 2 instances of OpenDJ. One of the nice thing with OpenDJ replication, is that all changes are also publicly available (subject to access control) through LDAP under the cn=changelog suffix, also nick-named the External Change Log.
But the command to enable replication and thus the External Change Log requires 2 servers. So what if you want to enable the External Change Log on a single server ?
Note that this is not a fully supported procedure, but is handy for unit testing against the External Change Log. In production environment, you will have multiple servers for high availability and thus the External Change Log will be automatically configured.
Well you cannot use the dsreplication command, but you can configure the OpenDJ instance with the dsconfig utility.
$ bin/dsconfig create-replication-server -h ldap1.example.com -p 4444 \ -D "cn=directory manager" -w secret12 -X -n \ --provider-name "Multimaster Synchronization" --set replication-port:8989 \ --set replication-server-id:2 --type generic $ bin/dsconfig create-replication-domain -h ldap1.example.com -p 4444 \ -D "cn=directory manager" -w secret12 -X -n \ --provider-name "Multimaster Synchronization" --set base-dn:dc=example,dc=com \ --set replication-server:ldap1.example.com:8989 --set server-id:3 \ --type generic --domain-name example_com
If you want to be able to join this server in a replication topology, you should also create the global administrator’s entry. If you do so, then you will be able to use the dsreplication enable command as illustrated here.
$ bin/dsframework create-admin-user -X -h ldap1.example.com -p 4444 \ -D "cn=Directory Manager" -w secret12 --userID admin --set password:password
Once enabled, you can read or search the changes with ldapsearch or other LDAP clients :
$ bin/ldapsearch -D cn=directory\ manager -w secret12 -h ldap1.example.com -p 1389 \ -J "1.3.6.1.4.1.26027.1.5.4:false:;" -b "cn=changelog" '(objectclass=*)' dn: cn=changelog cn: changelog objectClass: top objectClass: container # Public changelog exchange control(1.3.6.1.4.1.26027.1.5.4): dc=example,dc=com:0000012fd9bdf863000300000001; dn: replicationCSN=0000012fd9bdf863000300000001,dc=example,dc=com,cn=changelog targetDN: cn=a,ou=people,dc=example,dc=com changeNumber: 0 changes:: b2JqZWN0Q2xhc3M6IHBlcnNvbgpvYmplY3RDbGFzczogdG9wCmNuOiBhCnNuOiBhCmVudH J5VVVJRDogNWQzMTNlY2UtYjY4Mi00MDFiLTg2NmYtM2NiZWNlMWNjNTJjCmNyZWF0ZVRpbWVzdGFtc DogMjAxMTA1MTAxMTQ5NTZaCmNyZWF0b3JzTmFtZTogY249RGlyZWN0b3J5IE1hbmFnZXIsY249Um9v dCBETnMsY249Y29uZmlnCg== changeType: add changeTime: 20110510114956Z objectClass: top objectClass: changeLogEntry # Public changelog exchange control(1.3.6.1.4.1.26027.1.5.4): dc=example,dc=com:0000012fd9be46af000300000002; dn: replicationCSN=0000012fd9be46af000300000002,dc=example,dc=com,cn=changelog targetDN: cn=a,ou=people,dc=example,dc=com changeNumber: 0 changes:: YWRkOiBkZXNjcmlwdGlvbgpkZXNjcmlwdGlvbjogTmV3IG9uZQotCnJlcGxhY2U6IG1vZG lmaWVyc05hbWUKbW9kaWZpZXJzTmFtZTogY249RGlyZWN0b3J5IE1hbmFnZXIsY249Um9vdCBETnMsY 249Y29uZmlnCi0KcmVwbGFjZTogbW9kaWZ5VGltZXN0YW1wCm1vZGlmeVRpbWVzdGFtcDogMjAxMTA1 MTAxMTUwMTZaCi0K changeType: modify changeTime: 20110510115016Z objectClass: top objectClass: changeLogEntry
Note: the search above uses the “Cookie Control” which is the optimized way to search the External Change Log. The value “;” means that the “cookie” is unknown, and therefore the search starts from the first change. If you want to continue from the last change received, provide the string value that is either in the ChangeLogCookie operational attribute (returned if asked for) or the comment before the change itself.
Ludo Sketches 