Here’s a quick cheat-sheet on how to do fast backup of your eDirectory tree from an OES Linux server. While we’re at it, we’ll do a quick restore of an object.
First, let’s back it up! Let’s grab the whole tree:
ndsbackup cvf /tmp/ndsbackup-treeRoot.bak [Root]
…note that you will be prompted for the admin user credentials, and by specifying the “[Root]” object, it will grab every single object in the tree and put it in the specified file.
Now, let’s get a little fancier:
ndsbackup cvf /tmp/ndsbackup.`date +%Y%m%d%H%M`.bak -a admin.corp [Root]
…here we are adding a date stamp to the output file, and giving it the admin username. It will still prompt for the admin password, of course. There are tricks to handle that, too, but this is good enough to get the point across.
If you want to see what’s in your backup file:
ndsbackup tf /tmp/ndsbackup.201003051421.bak
Make sure to copy that backup file off the server somewhere, somehow. In reality, you might actually be writing the result directly to an nfs
or samba
share or something anyway, but the point is to get the data off the box for safety.
So let’s imagine a week goes by, and whoops… you deleted someone accidentally. Don’t worry! Because all you have to do to restore that user object is to put the file back on the filesystem where you can reach it, and do something like this…
To restore just that user you deleted:
ndsbackup wxvf /tmp/ndsbackup.201003051421.bak -a admin.corp cn=duser.ou=Users.o=corp
Or, plow in the whole container if you accidentally wiped it all out:
ndsbackup wxvf /tmp/ndsbackup.201003051421.bak -a admin.corp ou=Users.o=corp
…If you wish, you can remove the “w
” from the above restore examples if you don’t want to be prompted to confirm for each object. However, I tend to think the “w
” is a good idea…
That’s all for now. Of course, there are tons more options for ndsbackup
if you look in the man page, but I’m not going in to that, because after all, this *is* a cheat sheet…
🙂
How would one go about backing up and restoring an entire tree with ndsbackup in order to create a 1:1 testing environment? I have been everywhere on the internet. No luck.
E-mail me if you figure it out… 😉
@ Tim
That’s interesting. In such a manual mirroring scenario, there are some objects you will just not want to be replicated.
Of course, I have no idea what your tree looks like, but if I were you, I might just duplicate certain containment hierarchies, and maybe even script it.
For instance, if all your users are in an OU=Users (or whatever it is that you want to test against), you’d want to replicate that, but you wouldn’t want to replicate an OU=Servers…
Good luck!
🙂
Cool howto.
If you want to automate the ndsbackup, simply use the tool ndspassstore coming with package novell-edirectory-passstore. You can use this tool to store admin’s password encrypted on the server (somewhere under /var/opt/novell/).
To use it type:
ndsbackup cvf /tmp/ndsbackup.`date +%Y%m%d%H%M`.bak -a admin.corp [Root] -p passstore
Another advantage is that you don’t see the admin password in the process list (as argument to ndsbackup).
@ Uwe
Great tip. Thanks for that!
– Jeremy