On 12/27/2011 04:01 PM, Craig T wrote: > Hi, > > Is there a hot backup technique for IPA? From my reading the best solution is > to setup a replication server then shut the replication server down and do a > backup? > > cya > > Craig > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users
Yeah this seems to be a bit of a problem. I am currently working through the same thing and all I can find is advice like, "back everything up", because there are files used by IPA all over the place. That seems a bit ridiculous to me, so I am trying to piece together what it really does, and what files are really needed. One part I have found so far is the hot backups for the directory servers (note the plural, PKI has its own instance). You need to use the db2bak.pl (not the db2bak script which requires dirsrv to be stopped) script to do a hot backup of the directory server. The general idea can be found in these docs here: http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Populating_Directory_Databases-Backing_Up_and_Restoring_Data.html Under section 4.3.1.2. Unfortunately, those docs are wrong about how to run the db2bak.pl script, so to figure that out you have to read here: http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Perl_Scripts.html#Perl_Scripts-db2bak.pl_Create_backup_of_database So far that is all I have, just remember to back up both your domain instance of the LDAP db, as well as the PKI instance. You can then easily copy those backup files, using your backup tool of choice. As well as taking a copy of /etc/dirsrv/ and all it contains. -Erinn
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users