2.3.8.3 nsDS5ReplicaBindDN

This attribute sets the DN to use when binding to the consumer during replication. The value of this attribute must be the same as the one in cn=replica on the consumer replica. This may be empty if certificate-based authentication is used, in which case the DN used is the subject DN of the certificate, and the consumer must have appropriate client certificate mapping enabled. This can also be modified.

Parameter

Description

Entry DN

cn=ReplicationAgreementName, cn=replica, cn=suffixDN, cn=mapping tree, cn=config

Valid Values

Any valid DN (can be empty if client certificates are used)

Default Value

 

Syntax

DirectoryString

Example

nsDS5ReplicaBindDN: cn=replication manager, cn=config

2.3.8.4 nsDS5ReplicaBindMethod

This attribute sets the method to use for binding. This attribute can be modified.

Parameter

Description

Entry DN

cn=ReplicationAgreementName , cn=replica, cn=suffixDN, cn=mapping tree, cn=config

Valid Values

SIMPLE, SSLCLIENTAUTH, SASL/DIGEST-MD5, or SASL/GSSAPI

 

The SIMPLE and SASL/DIGEST-MD5bind methods require a DN and password.

Default Value

SIMPLE

Syntax

DirectoryString

Example

nsDS5ReplicaBindMethod: SIMPLE

2.3.8.5 nsDS5ReplicaBusyWaitTime

This attribute sets the amount of time in seconds a supplier should wait after a consumer sends back a busy response before making another attempt to acquire access. The default value is three

(3)seconds. If the attribute is set to a negative value, Directory Server sends the client a message and an LDAP_UNWILLING_TO_PERFORM error code.

The nsDS5ReplicaBusyWaitTime attribute works in conjunction with the nsDS5ReplicaSessionPauseTime attribute. The two attributes are designed so that the nsDS5ReplicaSessionPauseTime interval is always at least one second longer than the interval specified for nsDS5ReplicaBusyWaitTime. The longer interval gives waiting suppliers a better chance to gain consumer access before the previous supplier can re-access the consumer.

Set the nsDS5ReplicaBusyWaitTime attribute at any time by using changetype:modify with the replace operation. The change takes effect for the next update session if one is already in progress.

Parameter

Description

Entry DN

cn=ReplicationAgreementName, cn=replica, cn=suffixDN, cn=mapping tree, cn=config

Valid Values

Any valid integer

Default Value

3

82 Core server configuration reference

Page 82
Image 82
HP UX Identity Security Software manual NsDS5ReplicaBindMethod, NsDS5ReplicaBusyWaitTime