Hi All, I'm in need of figuring out how I can effectively backup my ldap server then restore it in case of crisis.
I have a master and consumer ldap server running in replication mode with latest ldap 2.4 version on ubuntu 10. I have an idea on backup and restore procedures but I need verification.
Backup procedures:
1. /etc/init.d/slapd stop
2. tar the following directories /etc/ldap /var/lib/ldap
# tar -pczf compressed.tar.gz /etc/ldap/ /var/lib/ldap/
3. convert the configs and dit to ldif
sudo slapcat -n 0 > backup/config.ldif sudo slapcat -n 1 > backup/users.ldif
4./etc/init.d/slapd start
Restore procedures:
1. Reinstall a fresh vanilla ubuntu ldap server
2. untar the compessed.tar.gz to original location
3. /etc/init.d/slapd stop sudo slapadd -n 0 -l backup/config.ldif sudo slapadd -n 0 -l backup/users.ldif sudo cp backup/ldap.secret /etc/ldap.secret /etc/init.d/slapd start
Just a brainstorm and I'm sure it needs revising.
TIA, Anton
On Tue, 26 Oct 2010, Anton Chu wrote:
I'm in need of figuring out how I can effectively backup my ldap server then restore it in case of crisis.
The supported method of backup/restore is slapcat/slapadd.
- /etc/init.d/slapd stop
There is no reason to stop slapd with modern slapd backends/versions.
2. tar the following directories /etc/ldap /var/lib/ldap
I'm not sure what you're keeping in those areas. Things like schema files, your init scripts, etc. should be kept somehow. I consider this more of a system-level issue than an issue for OpenLDAP software, personally, but it's definitely something to keep in mind...
3. convert the configs and dit to ldif
sudo slapcat -n 0 > backup/config.ldif sudo slapcat -n 1 > backup/users.ldif
This is the important part; make sure to do this for each defined database.
4./etc/init.d/slapd start
Again, unnecessary since you shouldn't need to stop in the first place.
Restore procedures: 1. Reinstall a fresh vanilla ubuntu ldap server 2. untar the compessed.tar.gz to original location
3. /etc/init.d/slapd stop sudo slapadd -n 0 -l backup/config.ldif sudo slapadd -n 0 -l backup/users.ldif sudo cp backup/ldap.secret /etc/ldap.secret /etc/init.d/slapd start
That's certainly along the right idea.
Just a brainstorm and I'm sure it needs revising. TIA, Anton
openldap-technical@openldap.org