Hi, I want to implement a full backup procedure of my LDAP (schema, ACL, Data ...).
* To save my schema i used the command: "slapcat -H ldap:///cn={4}my,cn=schema,cn=config -l schema.ldif" * To save my config, i used the command: "slapcat -H ldap:///olcDatabase={1}hdb,cn=config = config -l config.ldif * To save my accounts, i used the command: "slapcat -H ldap:///dc=my,dc=my -l accounts.ldif
Now, when I want to test the restore on another server : * To restore my schema i used the command: "sudo -u openldap slapadd -v -b cn=config -l schema.ldiff " > OK * To restore my accounts i used the command: "sudo -u openldap slapadd -v -c -b cn=config -l accounts.ldiff " > OK * To restore my config i used the command: "sudo -u openldap slapadd -v -c -b olcDatabase={1}hdb,cn=config -l config.ldiff > KO. Indeed the slapadd command does not update the record so I get an error because they already exist. Also, how do I restore my configuration?
Tks for your help
PS : i use a debian squeeze server.
On Thu, Jun 21, 2012 at 11:33 AM, galemberti greg galemberti@hotmail.com wrote:
Hi, I want to implement a full backup procedure of my LDAP (schema, ACL, Data ...).
- To save my schema i used the command: "slapcat -H
ldap:///cn={4}my,cn=schema,cn=config -l schema.ldif"
- To save my config, i used the command: "slapcat -H
ldap:///olcDatabase={1}hdb,cn=config = config -l config.ldif
- To save my accounts, i used the command: "slapcat -H ldap:///dc=my,dc=my
-l accounts.ldif
Now, when I want to test the restore on another server :
- To restore my schema i used the command: "sudo -u openldap slapadd -v -b
cn=config -l schema.ldiff " > OK
- To restore my accounts i used the command: "sudo -u openldap slapadd -v -c
-b cn=config -l accounts.ldiff " > OK
- To restore my config i used the command: "sudo -u openldap slapadd -v -c
-b olcDatabase={1}hdb,cn=config -l config.ldiff > KO. Indeed the slapadd command does not update the record so I get an error because they already exist. Also, how do I restore my configuration?
Tks for your help
PS : i use a debian squeeze server.
If you go to https://help.ubuntu.com/12.04/serverguide/openldap-server.html#ldap-backup, that is how I run my backups. And, I have tested the restore procedure. Bottom line:
o The backend db (config.ldif in that page) has all the schemas and config stuff. So, you do not need to bother saving schemas separately or anything like that. o The frontend db (example.com.ldif) has the account stuff.
There are other ways to yank those databases, but I was kinda lazy.
Hi, Tks for your reply. But i have a problem : I tested your documentation backup / restore. For the backup => OK But when I restore i have error : slapadd: could not add entry dn="cn=config" (line=1): _ 1.53% eta none elapsed none spd 3.3 M/s Closing DB...
if i test with the command -c argument (ignore error) i have : sudo slapadd -F /etc/ldap/slapd.d -c -n 0 -l /export/backup/config.ldif slapadd: could not add entry dn="cn=config" (line=1): slapadd: could not add entry dn="cn=module{0},cn=config" (line=21): slapadd: could not add entry dn="cn=schema,cn=config" (line=34): slapadd: could not add entry dn="cn={0}core,cn=schema,cn=config" (line=45): slapadd: could not add entry dn="cn={1}cosine,cn=schema,cn=config" (line=287): slapadd: could not add entry dn="cn={2}nis,cn=schema,cn=config" (line=463): slapadd: could not add entry dn="cn={3}inetorgperson,cn=schema,cn=config" (line=568): slapadd: could not add entry dn="olcBackend={0}hdb,cn=config" (line=659): slapadd: could not add entry dn="olcDatabase={-1}frontend,cn=config" (line=670): Already exists slapadd: could not add entry dn="olcDatabase={0}config,cn=config" (line=687): Already exists slapadd: could not add entry dn="olcDatabase={1}hdb,cn=config" (line=702): Already exists _#################### 100.00% eta none elapsed none fast!
The entry exist, i do delete the DB 0 first ? Tks for your help.
Date: Thu, 21 Jun 2012 12:38:09 -0400 Subject: Re: Full Backup/Restore slapd From: raubvogel@gmail.com To: openldap-technical@openldap.org
On Thu, Jun 21, 2012 at 11:33 AM, galemberti greg galemberti@hotmail.com wrote:
Hi, I want to implement a full backup procedure of my LDAP (schema, ACL, Data ...).
- To save my schema i used the command: "slapcat -H
ldap:///cn={4}my,cn=schema,cn=config -l schema.ldif"
- To save my config, i used the command: "slapcat -H
ldap:///olcDatabase={1}hdb,cn=config = config -l config.ldif
- To save my accounts, i used the command: "slapcat -H ldap:///dc=my,dc=my
-l accounts.ldif
Now, when I want to test the restore on another server :
- To restore my schema i used the command: "sudo -u openldap slapadd -v -b
cn=config -l schema.ldiff " > OK
- To restore my accounts i used the command: "sudo -u openldap slapadd -v -c
-b cn=config -l accounts.ldiff " > OK
- To restore my config i used the command: "sudo -u openldap slapadd -v -c
-b olcDatabase={1}hdb,cn=config -l config.ldiff > KO. Indeed the slapadd command does not update the record so I get an error because they already exist. Also, how do I restore my configuration?
Tks for your help
PS : i use a debian squeeze server.
If you go to
https://help.ubuntu.com/12.04/serverguide/openldap-server.html#ldap-backup, that is how I run my backups. And, I have tested the restore procedure. Bottom line:
o The backend db (config.ldif in that page) has all the schemas and config stuff. So, you do not need to bother saving schemas separately or anything like that. o The frontend db (example.com.ldif) has the account stuff.
There are other ways to yank those databases, but I was kinda lazy.
I want to implement a full backup procedure of my LDAP (schema, ACL, Data ...).
Databases are numbered, with 0 being cn=config, 1 the first back-end you configure, 2 the next etc. I suggest having `slapcat' dump the whole database, so either, say,
slapcat -n 0 -l config.ldif.backup slapcat -n 1 -l example.net.backup
or use -b to specify the suffixes:
slapcat -b "cn=config" -l config.ldif.backup slapcat -n "dc=example,dc=net" -l example.net.backup
Restoring is a matter of taking `slapd' down and using `slapadd` (with above options) to restore, ensuring permissions and ownership of the files are correct before restarting `slapd'.
Read the manual pages for slapcat(8) and slapadd(8).
-JP
openldap-technical@openldap.org