eDirectory Partitions/Replicas Viewer

eDirectory Partitions/Replicas Viewer

Sometimes it may be nice to have a reliable way to get a quick summary of partitions and replicas from an eDirectory tree. This may be for troubleshooting, or as a record of the current status on a day-to-day basis. As a consultant a common request to a client is, "What partitions do you have defined, and with which replicas on which servers?" For somebody new to eDirectory, getting that answer quickly can be daunting, but it is all there for the taking. As a result of one such request I created this tool which, when running, looks a bit like the following:

ab@mylaptop:~/Desktop> ./replica-view.sh
Enter the LDAP server address (e.g. a2btech.com
Enter the LDAP TLS/SSL server port (636):
Enter the LDAP bind DN (e.g. cn=admin,o=novell):
Enter an optional base DN from which to search for partitions (LDAP format, e.g. dc=sa,dc=system):

Partition: dc=cat,dc=com
  cn=abbox0,dc=abbox0a,dc=server,dc=system - Master
  cn=abbox0b,dc=abbox0b,dc=server,dc=system - Subordinate Reference

Partition: dc=group,o=novell,dc=org
  cn=abbox0,dc=abbox0a,dc=server,dc=system - Master
  cn=abbox0b,dc=abbox0b,dc=server,dc=system - Subordinate Reference

  cn=abbox0,dc=abbox0a,dc=server,dc=system - Master
  cn=abbox0b,dc=abbox0b,dc=server,dc=system - Read/Write

Partition: o=suse,dc=org
  cn=abbox0,dc=abbox0a,dc=server,dc=system - Subordinate Reference
  cn=abbox0b,dc=abbox0b,dc=server,dc=system - Master

You can enter credentials, or a base DN as well, but a default tree will not require those. Disabling of anonymous binds is more common these days, so do not rule it out.

As a disclaimer: when run with credentials those credentials are visible to things like 'ps' on the box where executed. Also, while I'm using LDAPS explicitly, I am also explicitly trusting whatever certificate the server presents. That could all be improved for security, though if you have a man-in-the-middle situation where you run this, probably on a server itself, you likely have bigger problems than fixing this would help.

I have only coded this for what I believe are valid replica types 0, 1, 2, and 3; this means filtered replicas are not included, though they are rarely used. I also do not have a read-only replica for testing, so I assume that 2 means read-only.

I am also assuming various common utilities are present on the box, but I should probably check for those and prompt to add them on enterprise distributions of Linux; some of those tools include /usr/bin/ldapsearch, hexdump, head, grep, sed, awk, base64, dd, and bash (the shell).

Is this a useful tool to have on hand? Does it work properly, or are there any cases where it is not behaving as expected? Send feedback in the comments section and I"ll implement fixes.

Happy computing!

Labels (2)


Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.

Hello experts,

I have three eDirectory servers in the topology. Came across time SYNC issues, need some inputs (sequence of action items) on how to get them back to SYNC.

help appreciated !


Step 1. At this stage, assuming eDir on Linux or Windows, not Netware. Make sure they all use the same NTP configuration. step 2: see Step 1
Top Contributors
Version history
Revision #:
2 of 2
Last update:
‎2020-01-29 15:34
Updated by:
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.