Craig White wrote:
On Fri, 2005-12-09 at 06:53 -0700, Richard Megginson wrote:
>Craig White wrote:
>
>
>
>>On Thu, 2005-12-08 at 20:25 -0700, Richard Megginson wrote:
>>
>>
>>
>>
>>>Craig White wrote:
>>>
>>>
>>>
>>>
>>>
>>>>OK - while mucking around with console and certificates, I manually
>>>>clipped out the stuff from admin-serv/config/adm.conf & console.conf
and
>>>>local.conf and seem to have everything back in order.
>>>>
>>>>I restart the admin-serv and the encryption stuff comes right back into
>>>>local.conf and I can't figure out where it is coming from.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>It's stored in the directory server under o=netscaperoot - do an
>>>ldapsearch for
>>>ldapsearch -b o=netscaperoot -D "cn=directory manager" -w password
>>>"cn=configuration"
>>>
>>>The local.conf file is just a read-only cache of that information.
>>>
>>>If you cannot edit it using the console, you can use ldapmodify
>>>1) find the full dn of the entry using the ldapsearch as above
>>>2) identify the attributes that deal with the encryption stuff
>>>3) use ldapmodify like the following:
>>>ldapmodify -D "cn=directory manager" -w password
>>>dn: cn=configuration,.....
>>>changetype: modify
>>>replace: nameofattr
>>>nameofattr: newvalue
>>>
>>>
>>>
>>>
>>----
>>Thanks - I can probably do that but it occurred to me that I should just
>>probably restore from my last backup but now I can't find my backup.
>>
>># ls -l /opt/fedora-ds/slapd-srv1/bak
>>total 0
>>
>>I had created 2 separate backups using the console application (and even
>>restored once so I know that it worked) but now they are nowhere to be
>>found and so I can't restore.
>>
>>
>>
>That's really strange. I've never seen this happen before.
>
>
>
>>I'm beginning the think that the console
>>application - though exceedingly dangerous in this rookie's hands is
>>possibly not quite ready for prime time...why did the backups disappear?
>>
>>
>>
>>
>I have no idea. I've never seen this before. The console has been used
>for this purpose for 7 years now in large production environments and
>this is the first time I've ever heard of this happening.
>
>
----
I am a bit disconcerted about this - I ***know*** that I didn't delete
the backups in /opt/fedora-ds/slapd-srv1/bak and was of the opinion that
this is where the console put these backups. Perhaps they were removed
when I restored using the console.
OK - presuming that using the console to backup or command line to
backup ( db2bak /opt/redhat-ds/servers/slapd-
dirserver/bak/bak_2001070110) are the same thing - a complete backup of
the DSA...
Then I would want to periodically back up /opt/fedora-ds/slapd-srv1/bak
as a 'just in case' this happens again thingy...
But if you can reproduce the bak file removal, please let us know!
Just for confirmation of what - console backup or db2bak actually
backup...
1. does this backup configuration too?
It backs up the database configuration e.g. configuration information
about the suffixes and databases, so that if you create a backup, then
reconfigure the databases and suffixes, then attempt to restore, it will
overwrite your new database and suffix configuration with the old,
otherwise it might not be able to restore the old database. If you look
in the backup directory, there are .ldif files that contain the
configuration information.
2. does this backup items in /opt/fedora-ds/alias or should I do that
separately?
You should do that separately.
3. Is there anything else that I need to back up to get a reasonably
quick 'restore' to previous functionality to guard against my uneducated
bullets to my feet?
For the directory server, you should save a copy of
slapd-host/config/dse.ldif - this is the main server configuration file.
Thanks
Craig
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users