On Thu, 2011-09-29 at 20:55 +0000, Steven Jones wrote: > Hi, > > Backing up > > I cant find anything in the documentation discussing backing up and > recovering IPA/ldap?....in the past I seem to recall the FDS/389 suggested > exporting the data which was then backed up.....I think there was a gui to do > that.... > > So even if its a case of now its easy just backup /var/lib/dirsrv and nothing > more is needed, it should say so IMHO. > > Restoring > > Is there a restore process? so with FDS/389 you would import the exported > file.
I would do a full system backup and recovery if necessary, IPA uses multiple components and just backing up DS data is not sufficient for a full restore. There are configuration files, certificate stores keytabs in the filesystem too. One way to do disaster recovery is also to have a VM join as a replica and then regularly take full snapshots of the VM. From there disaster recovery is as simple as reviving the VM from the last goo snapshot and then reinstalling and making replicas from it. Note that if you use selfsing CA you must backup the CA cert/store from the first master a replica does not have that info. If you instead use the full CA with dogtag make sure you also configure the snapshotted VM to be a CA replica too. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users