Date: 12-10-2015

Backing up the LDAP environment using slapd.conf or a static configuration.

1. Stop the slapd service.     
2. Get the full path to the directory that contains all of the database files. 

For a single DB

/opt/symas/sbin/slapcat -f /opt/symas/etc/openldap/slapd.conf -l /tmp/mydb_export.ldif 

For multiple DBs

/opt/symas/sbin/slapcat -f /opt/symas/etc/openldap/slapd.conf -b <suffix> -l /tmp/mydb_<suffix>_export.ldif 

For accesslog DB 

Only if necessary

/opt/symas/sbin/slapcat -b cn=accesslog -l /tmp/accesslog_export.ldif 

• -b allows DB to be selected by name
• -n # can be used to specify DB by number
• Use one or the other; not both
• If -b or -n # is used to specify DB in slapcat, it must also be used in slapadd
• If changedb files is deleted, run a write op against the DB to reinitialize it before proceeding
• Zip and scp ldif files to other masters
• Stop solserver on other masters/consumers
• Removed main db files, log files and changedb files (if delta-sycnrepl is used)

NOTE: 

a) The config and accesslog LDIF’s for restoration are server specific (whereas the backup for the primary DB is not server specific).  

b) One generally does not restore the accesslog DB. However, accesslog DB backups can provide crucial information when attempting to debug an issue that occurred within the last few days, so it is worthwhile to maintain them (but not necessarily store them long term). 

c) It is only safe to restore the accesslog DB in the situation where both it and the primary database were exported while slapd was stopped, rather than from a hot backup.  

d) Restoring the accesslog should only be performed on a provider/master and not on the consumer/slaves.

Restoring the LDAP environment using slapd.conf or a static configuration

For single DB

/opt/symas/sbin/slapadd -q -f /opt/symas/etc/openldap/slapd.conf -l /tmp/mydb_export.ldif

For multiple DBs 

/opt/symas/sbin/slapadd -q -f /opt/symas/etc/openldap/slapd.conf -b <suffix> -l /tmp/mydb_<suffix>_export.ldif

For accesslog DB 

Only if necessary

/opt/symas/sbin/slapadd -b cn=accesslog -l /tmp/accesslog_export.ldif 

• -b allows DB to be selected by name
• -n # can be used to specify DB by number
• If -n # was used in slapcat to specify a db, it must also be included in slapadd command
• The changedb ldif only gets imported to master servers; not consumers

Backing up the LDAP environment using slapd.d or a dynamic configuration

1. Stop the slapd service.     
2. Get the full path to the directory that contains all of the test database files.  

For the configuration DB

/opt/symas/sbin/slapcat -n 0 -l /tmp/config_export.ldif 

For single DB

/opt/symas/sbin/slapadd -q -f /opt/symas/etc/openldap/slapd.conf -l /tmp/mydb_export.ldif

For multiple DBs 

/opt/symas/sbin/slapadd -q -f /opt/symas/etc/openldap/slapd.conf -b <suffix> -l /tmp/mydb_<suffix>_export.ldif

For accesslog DB 

Only if necessary

/opt/symas/sbin/slapadd -b cn=accesslog -l /tmp/accesslog_export.ldif 

Restoring the LDAP environment using slapd.d or a dynamic configuration

For configuration DB

/opt/symas/sbin/slapadd -n 0 -l /tmp/config_export.ldif

For single DB

/opt/symas/sbin/slapadd -q -f /opt/symas/etc/openldap/slapd.conf -l /tmp/mydb_export.ldif

For multiple DBs 

/opt/symas/sbin/slapadd -q -f /opt/symas/etc/openldap/slapd.conf -b <suffix> -l /tmp/mydb_<suffix>_export.ldif

For accesslog DB 

Only if necessary

/opt/symas/sbin/slapadd -b cn=accesslog -l /tmp/accesslog_export.ldif 

• -b allows DB to be selected by name
• -n # can be used to specify DB by number
• If -n # was used in slapcat to specify a db, it must also be included in slapadd command
• The changedb ldif only gets imported to master servers; not consumers

For Windows Server 

Backup LDAP database on Windows Server

1. Stop the test LDAP database service.     
2. Get the full path to the directory that contains all of the test database files.  
3. Open a Windows command prompt.  
4. Change directories to the symas-openldap program directory

cd “C:\Program Files\OpenLDAP”

5. Enter and run the following command: 

slapcat.exe -f <path to slapd.conf> -l <path to database ldif> 

6. When this completes, check the available space on the C:\ drive.

Restore the LDAP database on a Windows Server

1. Change directories to the symas-openldap program directory

cd “C:\Program Files\OpenLDAP”

2. Enter and run the following command: 

slapadd.exe -f <path to slapd.conf> -l <path to database ldif> 

For Windows Server - Automatic Log File Purge (if using HDB backend)

1. Browse to the folder on your C:\ drive that contains your test database files   
2. Locate the file named DB_CONFIG   
3. Open the file in Notepad or Wordpad   
4. Search for a line that contains:  “set_flags DB_LOG_AUTOREMOVE”   
5. If the line starts with a hash mark (#) the setting is disabled. To enable, remove the hash mark  
6. If there are no lines that contain "set_flags DB_LOG_AUTOREMOVE", add a line with this text anywhere below the line that starts with “set_cachesize”   
7. Save the DB_CONFIG file   
8. Restart the LDAP service to put the change in to effect