Skip navigation

Open Directory will not archive

1669 Views 9 Replies Latest reply: Jul 11, 2013 5:24 AM by Chuck Gentry RSS
Erich Wetzel Level 2 Level 2 (265 points)
Currently Being Moderated
Jul 18, 2011 10:29 AM

Open Directory Master with 1 replica, both on 10.6.7 server on Mac Pros.


I cannot get an archive created.  I did the usual Server Admin > appropriate server > Open Directory > Archive > Choose location for archive to be saved > Name archive and create.


I am not getting a datafile created after Server Admin indicates the process is finished.


I have rebooted.  I have changed to a variety of locations for placement of the archive.  I have used Server Admin on the server itself.  I have used Server Admin on a remote client.  I have decommissioned the replica and tried Server Admin both on and off of the server itself.  All attempts resulted in no change and no database archive file.


We have some new users and our database is getting away from the last backup we made.  I am assuming some type of corruption.  I cannot find anything relevant in the logs but I bet I am looking in the wrong place.




Thanks - Erich

Mac Pro, Mac OS X (10.6.7)
  • Antonio Rocco Level 6 Level 6 (10,100 points)
    Currently Being Moderated
    Jul 20, 2011 2:47 PM (in response to Erich Wetzel)



    In my experience - and opinion - the archiving tools available in Server Admin don't work. Even if you managed to actually save an archive and wanted to restore from it you'll either find it won't restore properly or, if it does, the database will be mangled. This has been the case since 10.6 and up to 10.6.5. I've not tried it since because it became clear it was a waste of time. Seeing as you're at 10.6.7 it does not look like Apple have made any real efforts at fixing this 'feature' - that worked perfectly well in previous versions - yet.


    Who knows perhaps in 10.7 this facility might start working again? I would not hold your breath though.


    In my experience exporting relevant files using the command line has been the most reliable.


    The most reliable way I've found of 'backing' up LDAP data, using the Interface, is via WorkGroup Manager's Export feature. I don't mind losing the ability to export passwords as I can export and re-import those using the command line or not depending on what I want to achieve.


    As ever YMMV.





  • Antonio Rocco Level 6 Level 6 (10,100 points)
    Currently Being Moderated
    Jul 27, 2011 2:45 PM (in response to Erich Wetzel)

    Hi Erich


    Changing the IP address or Hostname on a mature OD Master is always going to have repercussions one way or another. Especially if you've archived the Database first, made the change and then restored it again. There is no easy and quick way of knowing how many references to the old IP address or hostname you need to change before restoring the database. I tried it once, it took ages and I would have spent less time in getting the Server operational again if I'd rebuilt from scratch. By that I mean reformatting, reinstalling and keying in all the Users etc again. However YMMV?


    I've learnt over the years to not depend too much on Server Admin for anything! It has to be one of the flakiest applications Apple have ever offered, although - to be fair - it has improved a little recently.


    Is 20 Users all you have? I've not bothered with passwords for databases containing hundreds of Users. A Password Policy prompting users to change their passwords at next login achieves a reliable result IMO. However it's your Server and you do what you feel is best.


    Apart from the Passwords all of the database that is of any use is preserved when exporting from WorkGroup Manager. If you want to go down the command line had an article that worked (I used to use it years ago) that went through how to export passwords using relevant command line tools. They may still have it available if you care to look?





  • Chuck Gentry Calculating status...
    Currently Being Moderated
    Jul 11, 2013 5:24 AM (in response to Erich Wetzel)

    Hi, I know this is an old thread but I feel the need to update for anyone else unfortunate enough to waste their time with such a silly error.


    The above hints to fix the issue are correct but the entry that needs to be changed in Keychain Access is different for 10.7+. What you want to make sure is correct is the entry "/LDAPv3/" not as this isn't created in 10.7 on.


    Hope this saves someone's time if they stumble upon this!


More Like This

  • Retrieving data ...

Bookmarked By (0)


  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.