Odds and Ends July 28, 2004 at 12:24 pm

Open Directory Backup Script

A script to back up your OD Server

This will dump your LDAP, Password Server and Kerberos KDC databases to a backup folder. Get it in the downloads section here.

No Comments

  • Nice script. Works perfectly, AFAIK. How does one restore from this backup?

    Thanks!
    Scott

    • from slapcat man page:

      Limitations
             Your  slapd(8) should not be running (at least, not in read-write mode)
             when you do this to ensure consistency of the database.
      


      Changing the world, one server at a time.

      Joel Rennich
      http://www.afp548.com

    • No reply to the "how to restore" question as yet…

      Backing up is easy… I’ve even written my own backup script that I like better than Joel’s… BUT how the hell do you restore!?! I’m having a nightmare with this. Tried dumping openldap-data contents and then running slapadd. It restored LDAP… or at least it seemed to. I then manually replaced authserver – verifying permissions were right. Then I tried kdb5_util with the load option and it seemed to go ok, but the KDC won’t initialise. I tried replacing the krb5kdc folder contents with a backup of the originals… still no joy. I found my admin account wouldn’t work. I had to use NeST to re-add him as an OD Password Server admin. Still can’t get the KDC back online. Tried dumping all Kerberos files and using the CLI rebuild commands… the first command to build the edu.mit file fails saying "dsOpenDirNode failed with error of type -14008 Couldn’t find KerberosClient config record" and then it scraps the edu.mit file. I can’t go any further.

      I know Tiger Server is going to include a GUI for this… but we desperately need it now for Panther. The Apple advanced Server course does the same thing… it gives you all the commands for backing up but cunningly avoids telling you how to restore. Seems like a bit of a con. Does restoring work at all? Has my restore worked, but I’ll have to do without Kerberos???

Leave a reply

You must be logged in to post a comment.