Article
Backing up the NICI files using the utility DSBK using the -e option is back. The following instructions will explain how to use the -e option to backup NICI along with the other features of full backup, incremental backup and the use of roll forward logs.
Target Audience: eDirectory Administrators
Tool Used: DSBK, available as part of all 8.8x eDirectory installs.
Version Needed: eDirectory 8.8 SP5 or more (for NICI backup)
Assuming that you have an eDirectory instance and this is the first time your tree is being backed up, follow the instructions below:
Run the following commands in your terminal:
- dsbk getconfig
Get the error "The required /etc/dsbk.conf file is missing". For more information, run 'man dsbk'. - vi /etc/dsbk.conf
Open this file and add the line "/tmp/dsbk.tmp" to be used as the temporary file - touch /tmp/dsbk.tmp
- dsbk getconfig
Get the output that will ask you to view the ndsd.log (that will be available at /var/opt/novell/eDirectory/log in case of default eDirectory installations) - tail -f /var/opt/novell/eDirectory/log/ndsd.log
Run this in another parallel terminal and monitor the backup/restore activity. See that 'Roll Forward Log' is off and the back up directory points to your default eDirectory install directory.The ndsd.log's output, at this point of time will be something like:
Command line getconfig Processing command line Roll forward log status OFF Stream file loggin status OFF Current roll forward log directory /var/opt/novell/eDirectory/data/dib/nds.rfl Minimum roll forward log size 104857600 bytes Maximum roll forward log size 4294705152 bytes Last roll forward log not used 00000000.log Current roll forward log 00000001.log
- mkdir /backup
Create a folder to hold all the backup files and logs. To be safe, create this directory in a separate machine or in a different partition of your machine. - dsbk setconfig -L -T -r /backup/
-L - To keep roll forward logs, to help you not to lose any data till the moment your server crash. Enabling this option will log all the successful transactions (since the time you last backed up the tree) to the rfl files.
-T - To start logging of stream files
-r - To specify the rollforward directory - dsbk getconfig
Run this and see the ndsd.log. The log will confirm that will show that the RollForwarding and the stream file logging are enabled.
Verify the ndsd.log:
Command line getconfig Processing command line Roll forward log status ON Stream file logging status ON Current roll forward log directory /backup/nds.rfl Minimum roll forward log size 104857600 bytes Maximum roll forward log size 4294705152 bytes Last roll forward log not used 00000001.log Current roll forward log 00000002.log
- dsbk backup -f /backup/fb.bak -l /backup/fb.log -e novell -t -b
The command to take the full NICI backup:
-e - Specifies its a NICI back up(with the backup password novell – that needs to be used while restoring)
-t - To backup stream files
-b - To perform a full back up
-f, -l - To specify the full backup file name and logSee the ndsd.log output:
Command line backup -f /backup/fb.bak -l /backup/fb.log -e XXXXXX -t -b Processing command line Backup type: Full Log file name: /backup/fb.log Backup started: 2010-4-12'T16:29:54 Backup file name: /backup/fb.bak Server name: \T=PAL-TEST\O=novell\CN=blr-paldev Current Roll Forward Log: 00000002.log DS Version: 2060103 Backup ID: 4BC2FD2A NICI BACKUP: "NICI Files has been backed up Successfully" Starting database backup... Database backup finished Completion time 00:00:31 Backup completed successfully
- Now add a user named user1 to the tree under the container o=novell (of course, assuming that the container exists)
- ldapsearch -h <host-ip> -D <admindn> -w <password> cn=user1
Do a ldapsearch to view the new user that got added.
- dsbk backup -f /backup/ib.bak -l /backup/ib.log -e novell -t -i
Do an incremental backup for the new user (user1).
View the output of ndsd.log to confirm the backup:
Command line backup -f /backup/ib.bak -l /backup/ib.log -e XXXXXX -t -i Processing command line Backup type: Incremental Log file name: /backup/ib.log Backup started: 2010-4-12'T16:40:51 Backup file name: /backup/ib.bak Server name: \T=PAL-TEST\O=novell\CN=blr-paldev Current Roll Forward Log: 00000002.log DS Version: 2060103 Backup ID: 4BC2FFBB NICI BACKUP: "NICI Files has been backed up Successfully" Starting database backup... Database backup finished Completion time 00:00:01 Backup completed successfully
- Create one more user named "user2" and DO NOT BACKUP this user.
- killall -9 ndsd ; rm -rf /var/opt/novell/eDirectory/data/dib/ ; rm -rf
/etc/opt/novell/eDirectory/conf/.edir/instances.0
Simulate a crash and make your tree dead completely (even the default data directories are deleted)
- ndsstat
Run ndsstat to confirm that no eDirectory instances are there.
- ndsconfig new -t DSBK-TEST -n novell -a admin.novell
Configure a new instance (tree) of eDirectory.
- ldapsearch -h <host-ip> -D <admindn> -w <password> cn=user*
Do the ldapsearch for user1 and user2 and it wont return anything as the server is new and the users are obviously not present
- dsbk restore -r -f /backup/fb.bak -l /backup/fb.log -d /backup/nds.rfl/ -e novell -a -o -i /backup/ib.bak
- To restore the full backup (-r -f), and use the roll forward log directory (-d)
- NICI restore (-e)
- activate the dib (-a) and open the dib (-o)
- do the incremental backup (-i)
- mind that we use the same password "novell" that we gave during the backup.View the ndsd.log:
Command line restore -r -f /backup/fb.bak -l /backup/fb.log -d /backup/nds.rfl/ -e XXXXXX -a -o -i /backup/ib.bak Processing command line Log file name: /backup/fb.log Restore started: 2010-4-12'T16:49:7 Restore file name: /backup/fb.bak Restoring file /var/opt/novell/eDirectory/data/dsnici.bak NICI RESTORE: "NICI Files has been Restored Successfully" Starting database restore... Restoring file /backup/fb.bak Restoring file /backup/ib.bak Restoring file /var/opt/novell/eDirectory/data/dsnici.bak NICI RESTORE: "NICI Files has been Restored Successfully"
- rcndsd restart
Restart the eDirectory server.
- ldapsearch -h <host-ip> -p 636 -e <SSL Certificate Path> -D <admindn> -w <password> cn=user*
Do the ldapsearch for user1 & user2 and see that both the objects are backed up successfully. Also as we do the search over SSL (port 636), we can confirm that NICI is also backed up successfully.
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.
Related Articles
User Comments
Restore without contacting other servers in the tree
Submitted by MaLim on 18 November 2010 - 2:10am.
If you take a server out of a production environment for testing or if you need to restore while other servers in the tree are gone you will get error -626 while restoring.
Use dsbk restore -f /tmp/dsbk_file -l /tmp/restore.log -r -a -o -n -v -k
See tid 7000768 for details
- Be the first to comment! To leave a comment you need to Login or Register


1