Buchan Milne wrote:
Hi Buchan,
Thanks for your constructive discussion. I'm using OpenLDAP in a production system where Email authentication is based on it. Hence it is not possible to stop the OpenLDAP for backup and repairing. That's why I am very much interested to know the techniques to do a backup and repairing with running OpenLDAP. could you please enlighten me ? I'm using suse 9.3 here thanks
On Thursday, 12 July 2007, JOYDEEP wrote:
Aaron Richton wrote:
On Wed, 11 Jul 2007, Gabriel Stein wrote:
Hi Joy!
I suggest you to use slapcat, but its better stop the OpenLDAP.
I will state here that this is false. In my environment it is never good to stop slapd. Many environments require formal approval to do something like stop slapd (and cron jobs that stop slapd can be career-limiting). All my production environments do automated backups to ldif with slapcat while slapd is running. This includes 1 environment with ~ 1.5 million entries.
While it could be accurate to say "if you don't need your LDAP server ~ 100% available, it can be easier to get a consistent point-in-time backup by running slapcat while slapd is not running", what is better for one environment may not be for another one.
You can make a crontab task on midnight, or something like.
This shouldn't be true in most production configurations (at least, as of 2.3.16ish or so, with bdb/hdb).
While it is good to recommend new versions, IIRC slapcat on bdb has been safe since 2.2.x was marked RELEASE (2.2.7?).
This is the case with legacy configurations (e.g. ldbm), hence the documentation warning...
Hi Aaron, Gabriel,matthew and others,
thanks a lot for ur kind response. Thanks Gabriel for your script .
I would suggest you avoid using a trivial script which has no error checking etc. which may not even work in your environment.
Yes Aaron I'm using "bdb" database. I'm little confused here as Gabriel and matthew have suggested for slapcat but u r not in favour for that in case of "bdb" database. So what would be the solution ?
The best solution for an ldif backup is to use slapcat.
Again slapcat is for backup. Is there any command for maintenance and repair the bdb database ?
With OpenLDAP 2.3, slapd does all maintenance, if you have configured the checkpoint setting, and if you have set the database environment to auto-remove transaction log files. If you do not want transaction log files to be automatically removed, you need to have a cron job to clean them up.
I wrote some scripts for this, which ship in the Mandriva packages (and run daily by default). You need at least ldap-common and ldap-hot-db-backup from:
http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/openldap/current/...
Regards, Buchan