Restoring the Configuration Data Store

This section contains instructions to restore saved configuration data to the OpenSSO Enterprise configuration data store or the Directory Server configuration data store. Restoration of the configuration data can be done by loading an XML file or through directory replication. There are two methods to restore the configuration data for the OpenSSO configuration data store:

Loading XML

Use this option if there is only one OpenSSO Enterprise instance and it is corrupted or, multiple servers are configured to share the same configuration datastore and all instances are corrupted.

Directory Replication

Use this option in the case where multiple OpenSSO Enterprise instances are configured to share the same configuration datastore and at least one of the instances is uncorrupted.

This section contains the following procedures.

• To Restore the Embedded Configuration Datastore by Loading XML

• To Restore by Replication of the OpenSSO Configuration Data store

• To Restore the Directory Server Configuration Datastore by Loading XML

• To Restore by Replication of the Directory Server Configuration Datastore

In cases where the default OpenSSO Enterprise configuration data store is used, check its status by running ssoadm embedded-status on the command line. This will help to determine the proper restoration procedure to use. See Chapter 1, ssoadm Command Line Interface Reference, in Sun OpenSSO Enterprise 8.0 Administration Reference for more information.

To Restore the Embedded Configuration Datastore by Loading XML

Use this option if there is only one OpenSSO Enterprise instance and it is corrupted or, multiple servers are configured to share the same configuration datastore and all instances are corrupted. If multiple instances of OpenSSO Enterprise are configured to share the same configuration datastore, repeat steps 1 through 4 on each instance first and then do step 5 and step 6.

1. Stop all instances of OpenSSO Enterprise.

2. Remove all files and directories from the existing configuration directory.

   $ rm -rf configuration_directory

3. Restart all instances of OpenSSO Enterprise.

4. Reconfigure the OpenSSO Enterprise web application by accessing the OpenSSO Enterprise configurator.

   All configuration attributes must be redefined as they were originally defined. For the configuration of the second and all succeeding OpenSSO Enterprise instances, choose the Add to Existing Deployment option during configuration and point it to the first instance.

5. Import the saved service configuration data to the configuration datastore using the ssoadmin command line utility option import-svc-cfg.

   ./ssoadm import-svc-cfg -u username -f password_file_location -e key_to_enctrypt_password -X backup_xml_file

   In the case of the multiple server configuration, this step only needs to be done once.

6. Restart all OpenSSO Enterprise instances.

To Restore by Replication of the OpenSSO Configuration Data store

Before You Begin

Use this option in the case where multiple OpenSSO Enterprise instances are configured to share the same configuration datastore and at least one of the instances is uncorrupted.

1. Log in to the console of an uncorrupted instance of OpenSSO Enterprise as administrator.

2. Remove the corrupted OpenSSO Enterprise instance(s) from the platform server list.

   The de-provisioning of the OpenSSO configuration datastore node will take effect after all the OpenSSO servers are restarted.

3. Remove all files and directories from the existing configuration directory for all corrupted instances of OpenSSO Enterprise.

   $ rm -rf configuration_directory

4. Restart all instances of OpenSSO Enterprise including those that are corrupted.

5. Reconfigure the OpenSSO Enterprise web application on the corrupted OpenSSO Enterprise instance by accessing the OpenSSO Enterprise configurator.

   All configuration attributes must be redefined as they were originally defined.

6. Import the saved service configuration data to the configuration datastore using the ssoadm command line utility option import-svc-cfg.

   ./ssoadm import-svc-cfg -u username -f password_file_location -e key_to_enctrypt_password -X backup_xml_file

   In the case of the multiple server configuration, this step only needs to be done once.

7. Restart all OpenSSO Enterprise instances.

To Restore the Directory Server Configuration Datastore by Loading XML

Use this option if there is only one OpenSSO Enterprise instance and it is corrupted or, multiple servers are configured to share the same configuration datastore and all instances are corrupted. If multiple instances of OpenSSO Enterprise are configured to share the same configuration datastore, repeat steps 1 through 4 on each instance first and then do step 5 and step 6.

1. Stop all OpenSSO Enterprise instances.

2. Remove all files and directories from the existing configuration directory.

   $ rm -rf configuration_directory

3. Confirm that the Directory Server configuration datastore is up and running with no OpenSSO Enterprise service configuration.

4. Reconfigure the OpenSSO Enterprise web application by accessing the OpenSSO Enterprise configurator.

   All configuration attributes must be redefined as they were originally defined. For the configuration of the second and all succeeding OpenSSO Enterprise instances, choose the Add to Existing Deployment option during configuration and point it to the first instance.

5. (Optional) Repeat these steps on each instance of OpenSSO Enterprise that is configured to share the same Directory Server configuration datastore.

6. Import the saved service configuration data to the configuration datastore using the ssoadmin command line utility option import-svc-cfg.

   ./ssoadm import-svc-cfg –u username -f password_file_location –e key_to_enctrypt_password -X backup_xml_file

   In the case of the multi-server configuration, this step only needs to be done once.

7. Restart all OpenSSO Enterprise instances.

To Restore by Replication of the Directory Server Configuration Datastore

Before You Begin

Use this option in the case where multiple OpenSSO Enterprise instances are configured to share the same configuration datastore and at least one of the instances is uncorrupted.

1. Log in to the console of an uncorrupted instance of OpenSSO Enterprise as administrator.

2. Remove the corrupted OpenSSO Enterprise instance(s) from the platform server list.

   The de-provisioning of the OpenSSO configuration datastore node will take effect after all the OpenSSO servers are restarted.

3. Remove all files and directories from the existing configuration directory for all corrupted instances of OpenSSO Enterprise.

   $ rm -rf configuration_directory

4. Restart all of the OpenSSO Enterprise servers including those that are corrupted.

5. Reconfigure the OpenSSO Enterprise web application by accessing the OpenSSO Enterprise configurator.

   All configuration attributes must be redefined as they were originally defined.

6. Import the saved service configuration data to the configuration datastore using the ssoadm command line utility option import-svc-cfg.

   ./ssoadm import-svc-cfg -u username -f password_file_location -e key_to_enctrypt_password -X backup_xml_file

   In the case of the multi-server configuration, this step only needs to be done once.

7. Restart all OpenSSO Enterprise instances.