Oracle Fusion Middleware Administration Guide for Oracle Directory Server Enterprise Edition

Backing Up Directory Data Only

A binary data backup saves a copy of your directory data that you can use if the database files later become corrupted or deleted. This operation takes the back up of the database only and does not back up any other data such as configuration data and certificates. If you want to back up the whole Directory Server for disaster recovery, see Disaster Recovery.

Caution – Caution –

The maximum period between two backups should not exceed the smaller of repl-purge-delay and repl-cl-max-age. The repl-cl-max-age property specifies the period of time, after which internal purge operations are performed on the change log. The change log maintains a record of updates, which might or might not have been replicated. Get the purge delay information using the following command:

dsconf get-suffix-prop -h host -p port suffix-DN repl-purge-delay repl-cl-max-age

If your backup is performed less frequently than the purge delay, the change log might be cleared before it has been backed up. Changes will therefore be lost if you use the backup to restore data.

The consumer server stores internal information about updates to the replicated suffix contents, and the purge delay parameter, repl-purge-delay, specifies how long it must keep this information. The purge delay determines in part how long replication between the consumer and its master can be interrupted and still recover normally. It is related to the repl-cl-max-age parameter of the change log on its supplier server. The shorter of these two parameters determines the longest time that replication between the two servers can be disabled or down and still recover normally. The default value of 7 days is sufficient in most cases.

All backup procedures described in this section store a copy of the server files on the same host by default. You should then copy and store your backups on a different machine or file system for greater security.

ProcedureTo Back Up Your Directory Data

Your Directory Server must be stopped to run the dsadm backup command.

You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.

  1. Back up your directory data.

    $ dsadm backup [ -f FLAG ] ... INSTANCE_PATH ARCHIVE_DIR

    For example:

    $ dsadm backup /local/dsInst /local/tmp/20091005

    Note –

    By default, binary backup commands will run a database recovery on the backup databases. See dsadm(1M) for disabling this behavior.

    You can back up directory data while the server is running by using the command dsconf backup command. However, if changes are made to the directory data while the backup is running, proper recovery will take longer.

    Never stop the server during a backup operation.

    For more information about the dsadm backup, dsconf backup commands and backup flags, see the dsadm(1M) and dsconf(1M) man pages.

ProcedureTo Back Up the dse.ldif File

When restoring a server, all the configuration data such as certificates, schema, and plugins must contain the same configuration information as when the server was backed up. The following task shows how to back up the dse.ldif file and the rest of the configuration information can be backed up in the same manner.

  1. Back up your dse.ldif configuration file.

    $ cp instance-path/config/dse.ldif archive-dir

    When you perform the following actions, Directory Server automatically backs up the dse.ldif configuration file in the directory instance-path/config.

    • When you start Directory Server, a backup of the dse.ldif file is created in a file named dse.ldif.startOK.

    • When you make modifications to the cn=config branch, the file is first backed up to a file named dse.ldif.bak in the config directory before the server writes the modifications to the dse.ldif file.