This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Edirectory replica between different sites


We have 3 edirectory server in 3 different sites as 3 production setup. All 3 setup installed in linux environment with different setup. We need to sync the data of master edirectory to other 2 edirectory inculding read & write permission.  So please guide me how can I proceed for adding replica server or provide some steps for this.

  • 0  


    Are the different sites in the same tree?

    Or does each site server have it own tree?

  • 0 in reply to   

    Hi Aleksandar,

    Currently we only have 1 edirectory in 1 site. but we are planning to setup the other 2 edirectory.

    Could you please suggest which approach should be more feasible?

  • 0   in reply to 

    Are you going to have a separate eDirectory tree in each site?

    If so, you will need to use IDM to synchronize the data between the trees.

    Or are you are thinking of just adding additional servers to the tree ?

    If so, make sure you have a fast stable network link between the eDir servers without NAT, install eDir on the new server, add it to the existing tree, add any replicas as necessary.

  • 0 in reply to   

    Or are you are thinking of just adding additional servers to the tree ?

    If so, make sure you have a fast stable network link between the eDir servers without NAT, install eDir on the new server, add it to the existing tree, add any replicas as necessary.

     All the 3 edirectory need be installed on 3 different sites where the subnet is different. so which approach is more suitable?

    3 different tree and sync between all 3 edirectory or add both server to existing tree & add replica.

  • 0 in reply to 

    If the connection between sites is good and reliable, I would just add both servers to the existing tree and add replica.  It makes things simpler.  I have been running things this way across two sites for years without any trouble.

  • 0 in reply to 

    I have configured one tree and add another server to the existing tree in demo environment for testing. So do I have to create replica in primary edirectory and then add replica to secondary server ? or how i have to perform this? Also after configured both servers to existing tree, if i have disabled the primary edirectory then trying to start all the driver present in secondary server then all the driver is not starting.

  • 0 in reply to 

    I was thinking that the first few servers automatically get a replica by default and it is only when you get over a specific number that you have to manually add, but I could be wrong.  Haven't setup a new network in a while.  Just open iManager, and go to Roles and Tasks > Partitions and Replicas > Replica View.  Select the tree and then you will get a list of replicas and types for each server.  If the second server does not have a replica, you can add it there.  Your primary should be listed as Master and the secondary should be listed as Read-Write.

    Not sure what you mean by "disabled the primary edirectory" or why you would do that.

  • 0 in reply to 

    Thank you for your suggestion ken.

    The replica is automatically configured for root tree. Also it is showing primary sever as Master and secondary as Read-Write.

    Not sure what you mean by "disabled the primary edirectory" or why you would do that

    I am just trying to check the fault tolerance manually by stop the edirectory of primary server using ndsmanage command and try to start all the drivers in secondary server(which is stop by default)  but it is showing error.

    also the deploy status of every driver showing unavailable in Designer > Driver > Properties > General > Server and Driver version.

  • 0   in reply to 

    Here are some things you should check:

    #1 Is IDM installed on the new server?

    #2 Is the new server added to the existing driver set?

    #3 Did you copy the server specific configuration for the driver set GCVs, the driver GCVs, driver authentication information (if any), driver configuration properties etc. to the new server?

    #4 Is the driver enabled on the new server?

  • 0 in reply to   

    #1 Is IDM installed on the new server?

    Yes i have installed IDM in secondary server and while configuration i have added new server to the existing tree.

    #2 Is the new server added to the existing driver set?  Yes, i have added the secondary server to driver set and i can both server in iManager > IDM overview > driverset1 > Servers > Running on servers(Both server)

    #3 Did you copy the server specific configuration for the driver set GCVs, the driver GCVs, driver authentication information (if any), driver configuration properties etc. to the new server?

    Do i have to manually copy the driver specific details into second drivers ? or Can I deploy same drivers deployed in primary server which contain GCVs and properties to secondary server ?

    #4 Is the driver enabled on the new server?

    Yes i have enabled the driver and set to Auto start.

  • 0   in reply to 


    In Designer, add the new server to the Identity Vault Server List if you haven't already.

    Then in Designer go to the driver set, Server List and move the new server from Available Server to Selected Servers if you haven't already.

    Then in Designer, right click on a driver, Copy -> Copy Server-Specific Settings and select the current server where the driver is running as the Source and the select the new server as the target driver and target server.

    Select and copy the replica data.

    If you haven't deployed the drivers from the Designer project you are in you most probably won't have any credential information in Designer (named password, driver object password, application authentication password, remote loader password etc.) so you will probably need to set the passwords in Designer on the new server.

    Then deploy the driver.

    If it still doesn't start on the new server, you'll need to post a level 3 trace in the IDM forum that captures the startup attempt.

  • 0   in reply to 


    In Designer, add the new server to the Identity Vault Server List if you haven't already.

    Then in Designer go to the driver set, Server List and move the new server from Available Server to Selected Servers if you haven't already.

    Then in Designer, right click on a driver, Copy -> Copy Server-Specific Settings and select the current server where the driver is running as the Source and the select the new server as the target driver and target server.

    Select and copy the replica data.

    If you haven't deployed the drivers from the Designer project you are in you most probably won't have any credential information in Designer (named password, driver object password, application authentication password, remote loader password etc.) so you will probably need to set the passwords in Designer on the new server.

    Then deploy the driver.

    If it still doesn't start on the new server, you'll need to post a level 3 trace in the IDM forum that captures the startup attempt.

No Data