Re: [Freeipa-users] Backup and Restoration of IPA Server
Thanks Christian. I am still looking for some workaround till then. On Mon, Feb 4, 2013 at 10:16 PM, Christian Hernandez christi...@4over.com wrote: Looks like a backup/restore procedure is in the roadmap http://www.freeipa.org/page/Roadmap Thank you, Christian Hernandez 1225 Los Angeles Street Glendale, CA 91204 Phone: 877-782-2737 ext. 4566 Fax: 818-265-3152 christi...@4over.com mailto:christi...@4over.com www.4over.com http://www.4over.com On Mon, Feb 4, 2013 at 2:54 AM, Rajnesh Kumar Siwal rajnesh.si...@gmail.com wrote: Does it means that we don't have any backup / restoration process as of now for IPA 2.2 ? I am really concerned about such a critical application. It would be greate if you could please specify the set of manual commands in case they can be used for Backup / Restoration purpose. -- Regards, Rajnesh Kumar Siwal ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users -- Regards, Rajnesh Kumar Siwal ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Backup and Restoration of IPA Server
I use the following to dump my LDAP databases: #!/bin/sh /usr/lib64/dirsrv/slapd-PKI-IPA/db2ldif.pl -D cn=directory manager -j /var/lib/dirsrv/scripts-YOUR-KERB-REALM/dmanager.credentials -n ipaca -a /var/lib/dirsrv/slapd-PKI-IPA/bak/ipaca.`/bin/date +%Y%m%d%H%M%S`.ldif /var/lib/dirsrv/scripts-YOUR-KERB-REALM/db2ldif.pl -D cn=directory manager -j /var/lib/dirsrv/scripts-YOUR-KERB-REALM/dmanager.credentials -n userroot -a /var/lib/dirsrv/slapd-YOUR-KERB-REALM/bak/userroot.`/bin/date +%Y%m%d%H%M%S`.ldif I have that in a script that's run by cron, followed up by a script to delete old backups. Netbackup takes care of backing up the systems. dmanager.credentials just has the Directory Manager password in it in plain test. Not optimal, but it works. --Jason On Mon, Feb 4, 2013 at 10:51 AM, Rajnesh Kumar Siwal rajnesh.si...@gmail.com wrote: Thanks Christian. I am still looking for some workaround till then. On Mon, Feb 4, 2013 at 10:16 PM, Christian Hernandez christi...@4over.com wrote: Looks like a backup/restore procedure is in the roadmap http://www.freeipa.org/page/Roadmap Thank you, Christian Hernandez 1225 Los Angeles Street Glendale, CA 91204 Phone: 877-782-2737 ext. 4566 Fax: 818-265-3152 christi...@4over.com mailto:christi...@4over.com www.4over.com http://www.4over.com On Mon, Feb 4, 2013 at 2:54 AM, Rajnesh Kumar Siwal rajnesh.si...@gmail.com wrote: Does it means that we don't have any backup / restoration process as of now for IPA 2.2 ? I am really concerned about such a critical application. It would be greate if you could please specify the set of manual commands in case they can be used for Backup / Restoration purpose. -- Regards, Rajnesh Kumar Siwal ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users -- Regards, Rajnesh Kumar Siwal ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users -- The government is going to read our mail anyway, might as well make it tough for them. GPG Public key ID: B6A1A7C6 ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Backup and Restoration of IPA Server
Hi, The problem I had with snapshots is I found if snapshoting hot they got confused and the users all doubled on some replicas, on others replication broke...very weird... So snapshot cold. regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Dmitri Pal [d...@redhat.com] Sent: Monday, 4 February 2013 7:01 a.m. To: freeipa-users@redhat.com Subject: Re: [Freeipa-users] Backup and Restoration of IPA Server On 02/03/2013 12:10 PM, Rajnesh Kumar Siwal wrote: As the IPA server has been the backbone of any Company, is there any recommended approach for Backup/Restore. Please suggest the best approach how to backup and rebuilt the server from scratch and restore the IPA Server. For redundancy we recommend running several replicas so that if you loose one you can easily redeploy. It you want, you can run one of the replicas in a VM and take snapshots of the whole system. A more fine grained Backup/Restore procedure is on the roadmap for the next release. -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. --- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Backup and Restoration of IPA Server
I also Snapshot Cold. Since I have many replicas; it's really no big deal in shutting down an IPA server for a few seconds to get a quiescent snapshot Thank you, Christian Hernandez 1225 Los Angeles Street Glendale, CA 91204 Phone: 877-782-2737 ext. 4566 Fax: 818-265-3152 christi...@4over.com mailto:christi...@4over.com www.4over.com http://www.4over.com On Sun, Feb 3, 2013 at 12:17 PM, Steven Jones steven.jo...@vuw.ac.nzwrote: Hi, The problem I had with snapshots is I found if snapshoting hot they got confused and the users all doubled on some replicas, on others replication broke...very weird... So snapshot cold. regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Dmitri Pal [d...@redhat.com] Sent: Monday, 4 February 2013 7:01 a.m. To: freeipa-users@redhat.com Subject: Re: [Freeipa-users] Backup and Restoration of IPA Server On 02/03/2013 12:10 PM, Rajnesh Kumar Siwal wrote: As the IPA server has been the backbone of any Company, is there any recommended approach for Backup/Restore. Please suggest the best approach how to backup and rebuilt the server from scratch and restore the IPA Server. For redundancy we recommend running several replicas so that if you loose one you can easily redeploy. It you want, you can run one of the replicas in a VM and take snapshots of the whole system. A more fine grained Backup/Restore procedure is on the roadmap for the next release. -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. --- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
