What Happens in IDM When Replica Operations Happen

  • Document ID:7014251
  • Creation Date:09-Dec-2013
  • Modified Date:09-Dec-2013
    • Micro Focus Products:
      Identity Manager

Environment

NetIQ Identity Manager 4.0
NetIQ Identity Manager Engine

Situation

What do I need to be worried about when moving, adding, deleting replicas or doing other replica operations like a declaring an epoch or moving master to Read/Write or the any other operation on a replica.

Resolution

Below is a list of some things that have been found.  However, because there are many variables and situations, not every situation can be accounted for in the below list.  Please always have current backups of everything.
 
- Removing a replica that resides on a IDM server - no Direct Implications on IDM server - Indirect implications IDM - will not service objects that were in Replica that was removed.

- Adding a replica to IDM server - Generates Add events for any class in filter.

- Merging a replica (As long as both, replica being merged and Parent replica reside on IDM server) - No IDM Implications.

- Merging a replica (Where IDM server doesn't hold either one of the, Parent or Child Partition being merged - Add Events generated for Partition IDM server did not own originally.

- Creating a new Partition - No IDM implications.

- Move Partition When IDM server holds all the Partitions involved- Rename of OU event occurs.

- Move Partition When server doesn't hold parent of new location- Rename of OU event occurs.

NDSREPAIR operations:

- Receive all objects from the master to this replica - results may vary depending on any discrepancies between replicas

- Destroy the selected replica on this server - no Direct Implications on IDM server - Indirect implications IDM will not service objects that were in Replica that was destroyed, as well if Replica is put back ADD events will be generated for every object class in Filter.

- Send all objects to every replica in the ring (from a NON-IDM server) - Any missing objects on IDM server will generate an Add event if object class in filter.

- Schema Declare epic - Nothing

- Repair time stamps and declare a new epoch on a Partition that holds a driverset on a NON-IDM server - Drivers will lose there Replica Specific attributes - Add events will occur for objects in Driver Filters.

- Repair time stamps and declare a new epoch on a Partition that holds a driverset on IDM server that owns Driverset - If only this server is assigned to the Driverset then no IDM changes will occur on this IDM server. If there is a 2nd IDM server assigned to Driverset then that server will lose Replica specific information for all drivers.

- Repair time stamps and declare a new epoch on a Partition where Master replica resides on IDM server - No IDM implications on this server.

- Repair time stamps and declare a new epoch on a Partition where Master replica resides on NON-IDM server - IDM Servers will get "Add" events for all classes defined in their filter.