17.0 Backing Up and Restoring NetIQ eDirectory

NetIQ eDirectory is designed to provide fault tolerance for the tree through replication, so that if one server is not available, other servers can provide access. Replication is the primary method for protecting eDirectory.

Replication, however, is not possible in a single-server environment. Also, replication might not provide a complete restore of individual servers in case of a server hardware failure or other damage, or in the event of a disaster such as a fire or flood in which you lose multiple servers. Backing up eDirectory on each server increases the fault tolerance for your network.

The eDirectory Backup Tool enables you to back up the eDirectory database on your individual servers. It has the following benefits:

  • Same tool for all platforms.

  • Provides hot continuous backup. You can back up your server without closing the eDirectory database, and you still get a complete backup.

  • Supports a quick restore of an individual server. This is especially helpful in the event of hardware failure.

  • Scalable. You can back up a server whose eDirectory database contains tens or hundreds of millions of objects. The speed of the backup process is limited mainly by I/O channel bandwidth.

  • Can support a quick restore of the tree, when used with replica planning and DSMASTER servers. Even without using DSMASTER servers, some level of recovery for the tree should be possible. See Using DSMASTER Servers as Part of Disaster Recovery Planning.

  • Lets you back up related files. You can back up files on the server that are related to the database, such as NICI security files, stream files, and any files you specify (such as autoexec.ncf) in an include file.

  • Can restore eDirectory to the state it was in at the moment before it went down, if you use continuous roll-forward logging. See Using Roll-Forward Logs.

  • Makes hardware upgrade simpler. Doing a cold backup and then restoring the eDirectory database is an easy way to transfer the server's identity to a new machine or safeguard it while you make changes such as RAM upgrades. See Upgrading Hardware or Replacing a Server.

  • Works within the distributed nature of eDirectory. You can ensure that a restored server matches the synchronization state that other servers in the tree expect by turning on continuous roll-forward logging.

  • Allows unattended backups. You can create batch files to run unattended backups through the DSBK Client.

The eDirectory Backup Tool is designed to give you a complete backup and restore of the database and associated files on an individual server. It does not support backup and restore for individual objects or sections of the tree.

Also, it must be used in conjunction with file system backups to put the eDirectory backup files safely on tape.

For OES 2 Linux, you can back up eDirectory using NetIQ Storage Management Services. SMS provides a target service agent (TSA) for backing up and restoring eDirectory. TSANDS services provide an implementation of the SMS APIs for the Directory trees. Applications can make use of this feature for backing up and restoring eDirectory objects.

TSANDS supports the following features that backup applications can take advantage of:

  • Filters that can be applied to the eDirectory objects.

  • Selective restores eDirectory objects from the backed up data.

  • Ability to rename a particular set of resources.

  • Support for incremental and differential backups based on the eDirectory modification date.

  • Formats data in a SIDF and therefore any SIDF-compliant software can interpret the data.

For more information on TSANDS usage, refer to the TSANDS man page.

This chapter contains the following topics: