Josir Gomes wrote:
Hi J. Bakshi, thanks for replying.
I followed your suggestion:
- Stop the LDAP/Samba service.
- TAR the /var/lib/ldap and copy to another machine
- Turn off the first server
- Turn on the second server (identical network, IP, configuration -
it's a VM clone) 5. mv /var/lib/ldap /var/lib/ldap-bak 6. Untar the /var/lib/ldap 7. I certified that user/permissions were identical (openldap:openldap) 7. Turn the samba/ldap server on.
When I try to access the users via web interface (ebox), I got a complete machine halt :(( Even tty stopped to work.
PS: I did not copy the slapd.conf because they were identical.
Probably some configuration is missing. Does somebody have any glue on how to copy an entire LDAP database/configuration ?
Thanks in advance, Josir Gomes
Assume both the machine have same ldap version running as well as the same linux distro. The solution I have provided is basically a restore solution but should work in case of replication too if both the machine are identical w.r.t software. Before going to web-interface do some CLI test. Have you check users by ldapsearh ? confirm first that the ldap has been replicated properly. Do some CLI based test. See the log by " tail -f " .
Josir Gomes wrote:
Hi folks,
I just installed a openldap server and I want to test backup/restore routines.
I have two machines, one is a clone of the second one.The first one I add several users and then my test is to restore those users in the new machine.
To backup, it was easy:
slapcat -l /path/to/your/backup.ldif
But when I tried to restore,
I shutdown the samba/ldap service with:
/etc/init.d/ebox samba stop /etc/init.d/ebox slapd stop
And then I issue: slapadd -l /path/to/your/backup.ldif
=> hdb_tool_entry_put: id2entry_add failed: DB_KEYEXIST: Key/data pair already exists (-30996) => hdb_tool_entry_put: txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996) slapadd: could not add entry dn="dc=ebox" (line=1): txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996)
I understand that there are other records and I can't replace them.
Do I have to erase everything ? Or is there a merge option ?
I know that there is a replication service but those two servers will not be on the same network (ie. one server will not communicate with the other) so I think this approach does not apply.
Any tip or suggestion will be very welcome.
Thanks in advance, Josir Gomes
All time favorite question. By any-chance will it work if I rsync slapd.conf; ldap.conf and the /var/lib/ldap from the remote server to a local folder and restore it when required ? Very curious to know the actual backup process. thanks