Backup and restore are invoked by script files:
defbkparm.sh: Created by install. This has the default values for the scripts.
getparams.sh: Prompts administrator for information needed to do the backup or restore operation.
ambkup.sh: Script to run to perform a backup.
amrestore.sh: Script to run to perform a restore.
Other programs used by backup and restore:
ICE: This is the Novell eDirectory utility to import and export LDIF file in and out of eDirectory.
ldifReverse: This is a program that reverses the order of the records in the LDIF file exported from eDirectory. Reversing the order of records allows the LDIF file to be imported without errors.
certtool.jar: This is a eDirectory certificate utility that backs up and restores the CA key, server keys, and trusted roots to a zip file.
Component 010
Subgroup 01: Backup
Subgroup 02: Restore
Subgroup 03: certtool (certificate backup and restore)
Messages are logged to the ambkup.log file.
Event Code |
Description |
Remedy |
---|---|---|
Backup |
||
201001001 |
Backup failed to export data from the configuration store. |
Cause: The ICE utility failed to export directory information to an LDIF file. Action: Make sure that ICE is in the proper location (Linux: /opt/novell/eDirectory/bin). Action: Make sure that the host IP address, port, administrator, password are all correct. Action: Make sure the back up file is writable |
201001002 |
Backup failed to format data for a successful restore. |
Cause: The ldifReverse utility failed to sort the LDIF records. Action: Make sure that ldifReverse is in the proper location (Same directory as backup command). Action: Make sure the back up file is writable Action: Check for the backup file you specified with "_pre" appended to the file name. If the file exists, run the following command: ldifReverse bkupfile_pre bkupfile Replace bkupfile with the filename you specified for the backup file. It should create bkupfile which is the desired back up file. |
201001003 |
Backup failed to export certificates to the backup zip file. |
Cause: The certtool utility failed to export the certificates to a zip file. Action: Make sure that certtool.jar is in the proper location (Same directory as backup command). Action: Make sure the back up file is writable. Action: Manually export the certificates to a zip file: java -Djava.library.path=/opt/novell/lib -jar certtool.jar -edirTree your_tree -edirIP 000.000.000.000 -edirServer cn=!ServerName.0=novell -edirUser cn=admin.o=novell -edirPwd secret -bkup -file ServerName _20060828_0930.zip -pwd certsecret -trcontainer trustedRoots.access ManagerContainer.novell -caName "your_tree CA" |
Restore |
||
201002001 |
Backup file does not exist. |
Cause: The backup file does not exist. The name of the backup file specified in answer to the prompt should not include the final the .ldif or .zip extension. Action: Specify the correct name of the back up file. |
201002002 |
Backup file does not appear to be valid. |
Cause: An simple analysis of the backup file indicates that the LDIF file specified backup file (with .ldif appended to the name) is not a valid backup file. Action: Make sure to specify a backup file that was created by the Access Manager Backup utility. |
201002003 |
Restore failed to access the configuration store. |
Cause: The ICE utility failed to access the eDirectory configuration store. Action: Make sure that ICE is in the proper location (Linux: /opt/novell/eDirectory/bin). Make sure that the host IP address, port, administrator, password are all correct. |
201002004 |
Restore failed to format the current configuration store data. |
Cause: Restore was not able to save a current copy of the configuration store. A current copy of the config store is saved before the import in case the import fails. Action: Make sure that ldifReverse is in the proper location (Same directory as backup command). |
201002005 |
Restore failed to prepare the configuration store for data import. |
Cause: ICE failed. Unknown reason because it has previously been invoked successfully in the restore script. |
201002006 |
Restore failed to prepare the configuration store for data import. |
Cause: ICE failed. Unknown reason because it has previously been invoked successfully in the restore script. |
101002007 |
Restore failed to restore the backup data. |
Cause: ICE failed. Unknown reason because it has previously been invoked successfully in the restore script. Action: Check the configuration store for the following container: ou=accessManagerContainer,o=novell If it is not there, locate the recover.ldif file. It should be in the directory where you ran the restore command. Run ICE to recover the configuration store to the state it was in before you attempted the restore. Enter the following command: /opt/novell/eDirectory/bin/ice -SLDIF -f recover.ldif -C -n -DLDAP -sxxx.xxx.xxx.xxx -p636 -k -dcn=admin, o=novell -wadmin_password -F |
101002008 |
Failed to restore certificate from backup file. |
Cause: The java program restores the certificate failed. The java program is certtool.jar which provides command line access to various eDirectory certificate functions. Action: See the log file (ambkup.log) for more specific details. The log file contains a listing of relevant parameters with each error message. Assuming the back up from which you are trying to restore was successful, failure to restore is probably an incorrectly supplied parameter. Enter the following command: JAVA -classpath vcdnbkup.jar:cert tool.jar com.novell.nids.bkuputil. Util -userid cn=admin,o=novell -pwd secret -vcdnUser |
101002009 |
Failed to reconfigure VCDN user objects. |
Cause: The VCDN user objects were not restored with their passwords. Device Manager will not start up until the passwords have been properly set. Action: This is accompanied with an error x01004xxx. Please refer to that error. |
certtool utility |
||
201003002 |
IP address is missing. |
Cause: The certtool.jar was launched without the -edirIP option. A script file might have been incorrectly modified. Action: Make sure the -edirIP option is specified in the script when it launches the certtool utility. |
201003005 |
eDirectory user id missing. |
Cause: The certtool.jar was launched without the -eDirUser option. A script file might have been incorrectly modified. Action: Make sure the -edirUser cn=admin.o=novell option is specified in the script when it launches the certtool utility. |
201003006 |
eDirectory user password missing. |
Cause: The certtool.jar was launched without the -edirPwd option. A script file may have been incorrectly modified. Action: Make sure the -edirPwd option is specified in the script when it launches the certtool utility. |
201003009 |
File name missing. |
Cause: The certtool.jar was launched without the -file (name of backup file) option. A script file may have been incorrectly modified. Action: Make sure the -file option is specified in the script when it launches the certtool utility. |
201003011 |
Encryption password missing. |
Cause: The certtool.jar was launched without the -pwd option. A script file may have been incorrectly modified. Action: Make sure the -pwd option is specified in the script when it launches the certtool utility. |
201003013 |
Name of trusted root container missing. |
Cause: The certtool.jar was launched without the -trContainer (trusted root container) option. A script file may have been incorrectly modified. Action: Make sure the -trcontainer option is specified in the script when it launches the certtool utility. |
201003040 |
Failed to open backup file for writing. |
Cause: Backup was unable to create or access the backup file in which to save certificate information. Action: Ensure that user running backup sufficient rights. |
201003041 |
Failed to retrieve certificate names from eDirectory. |
Cause: A PKI or eDirectory error. Action: This error will be accompanied by an error string. |
201003042 |
Failed to retrieve certificate xxxx from eDirectory. |
Cause: The certtool failed to retrieve the certificate identified in the error. Problems have been seen trying to export certificate with pending CSRs. Action: This error will be accompanied by an error string. |
201003043 |
Failed to write certificate xxxx to backup file. |
Cause: The certificate identified in the error message did not get saved to the backup file. Action: An exception string included in the message my provide additional information. |
301003044 |
Error closing backup. |
Cause: Likely will not cause a problem. Action: Try extracting the contents of the zip file created by backup to verify the integrity of the zip file. |
201003045 |
Failed to write trusted root xxxx to backup file. |
Cause: The trusted root identified in error messages did not get saved to the backup file. Action: An exception string included in the message might provide additional information. |
201003046 |
Failed to retrieve trusted root xxxx from eDirectory. |
Cause: The certtool failed to retrieve the trusted root identified in the error. Likely a PKI or eDirectory error. Action: This error will be accompanied by an error string. |
201003048 |
Not all items were backed up. |
Cause: See accompanying errors. Action: Refer to previous error messages to identify which certificates or trusted roots were not backed up. |
201003049 |
Failed to retrieve the CA xxxx from eDirectory. Likely a PKI or eDirectory error. |
Cause: The certtool failed to retrieve the CA key identified in the error. Action: This error will be accompanied by an error string. |
201003050 |
Failed to write CA key xxxx to backup file. |
Cause: The CA key identified in the error did not get written to the backup file. Action: An exception string included in the message my provide additional information. |
201003051 |
Failed to open backup file for reading. |
Action: Make sure the backup file exists. Do not include .ldif or .zip in the name of the back up file. Action: Make sure the user logged in has sufficient rights to access the file. |
201003052 |
Not all items were restored. |
Cause: See accompanying errors. Action: Refer to previous error messages to identify which certificates or trusted roots were not backed up. |
301003053 |
Error closing backup. |
Action: This error occurred after all restore operations had completed. Should not cause any problem. |
201003056 |
Error importing CA key: xxxx |
Action: The CA key was not restored. See the accompanying Error for more information. Likely a PKI error. Action: Make sure the password you provided matches the encryption password used when backing up the data. |
201003057 |
Error importing key: xxxx |
Cause: The CA key was not restored. See the accompanying Error for more information. Likely a PKI error. Action: Make sure the password you provided matches the encryption password used when backing up the data. |
201003058 |
Error importing trusted root: xxxx |
Cause: The trusted root was not restored. See the accompanying Error for more information. Likely a PKI error. |
VCDN configuration |
||
201004001 |
Failed to configure VCDN objects for data store access. |
The VCDN user objects were not restored with their passwords. Device Manager will not start up until the passwords have been properly set. Cause: The vcdnbkup.jar utility failed to reset passwords for VCDN objects. This causes errors starting up device manager. Action: Make sure /opt/volera/roma/conf/vcdn.conf file is present and has the correct information. To fix enter the following command in the /opt/novell/devman/bin directory: java -jar vcdnbkup.jar -userid cn=admin,o=novell -pwd admin_password -vcdnUser |
201004002 |
Application Error. |
The VCDN user objects were not restored with their passwords. Device Manager will not start up until the passwords have been properly set. Accompanied by a stack trace with more information. Cause: vcdnbkup.jar utility failed to reset passwords for VCDN objects. This will cause errors starting up device manager. Action: Make sure the information in /opt/volera/roma/conf/vcdn.conf file is correct: Fix the file by running the following command (in /opt/novell/devman/bin): java -jar vcdnbkup.jar -userid cn=admin,o=novell -pwd admin_password -vcdnUser |