Do not compress, tamper with, or otherwise alter changelog database files directly unless specifically instructed to do so by a qualified ForgeRock technical support engineer. External changes to changelog database files can render them unusable by the server. By default, changelog database files are located under the /path/to/ds/changelogDb directory.
LiveSync fails to detect any changes, and the syncToken and DS changelog numbers are out of sync.
The following error is shown when this happens:WARNING: The current SyncToken value (15,187) is greater than the lastChangeNumber value (12,872) Sep 21, 2016 8:22:30 AM org.identityconnectors.ldap.LdapConnector doSync
Configured or changed your LiveSync configuration.
Updated the DS instance's changelog after the last successful LiveSync was performed.
The syncToken is based on the last highest value seen within the DS changelog and is stored within the IDM repository.
The syncToken and changelog number can get out of sync for one of the following reasons:
- IDM is connected to DS via a load balancer and the changelog numbers are out of sync between the servers.
- The repository used by IDM (repo.jdbc.json) contains old data from a previous IDM instance, which was pointed to an alternative DS instance that had a different changelog number.
- The changelog associated with the DS instance was modified or purged without having reset the syncToken which is cached in the IDM repository.
You should disable the LiveSync schedule if the interval is very small (few seconds) so that the DELETE request can match the rev. The rev changes every few seconds when the LiveSync interval is very small, which would make the DELETE request difficult to apply unless the schedule is disabled.
You can use the resetSyncToken configuration property to address these possible inconsistencies. See Connectors Guide › Configuration Properties for further information on setting this property.
You should also refer to Best practice for LiveSync in IDM (All versions) with multiple DS instances to ensure your configuration is correct to avoid similar issues in the future.