Do not compress, tamper with, or otherwise alter changelog database files directly unless specifically instructed to do so by a qualified ForgeRock technical support engineer. External changes to changelog database files can render them unusable by the server. By default, changelog database files are located under the /path/to/ds/changelogDb directory.
There are two approaches to using LiveSync in IDM with DS:
- Use the changelog. See Configuration Guide › Changelog for Notifications for further information on the changelog. This is the recommended setup.
- Use the timestamp mechanism, although this has limitations as discussed in the Timestamp mechanism section.
Timestamps are maintained per entry for create and modify operations; however, delete operations cannot be detected via timestamps. If delete synchronization is a high priority, you should continue to use the changelog for LiveSync.
If you want to use timestamps, you should set the following property in your provisioner configuration file (for example, provisioner.openicf-ldap.json), which is located in the /path/to/idm/conf directory:"useTimestampsForSync" : "true",
You should thoroughly test LiveSync with the timestamp mechanism in a development environment first to ensure it meets your needs. Using LiveSync with timestamps can potentially cause performance issues if the DS instance is managing millions of entries; the timestamp search can have a high cost when there are many entries.
You should consider configuring the LiveSync retry policy to define how many times a failed modification should be reattempted and what should happen in the event that the modification is unsuccessful after the specified number of attempts. This is discussed in: Synchronization Guide › Configure the LiveSync Retry Policy. If no retry policy is configured, IDM reattempts the change an infinite number of times, until the change is successful.