°Bernz°

Q: Backing up open directory on Mountain Lion

Hello all,

 

I've installed 10.8 Server and I am once again a bit concerned on the available features... While the features of 10.8 are a bit better than 10.7, I believe that they are far from those of 10.6. (Anyway, that's another story...)

 

My question has to do with the Server Admin tools, which don't seem to be available for 10.8 (and might never be from what I read...):

 

  • If I were to need to backup my Open Directory (LDAP) database, how should I proceed? With Server Admin, this is a simple task. And God knows that it saved my a** a few times in the past! Must I use a command-line task, or is there a tool somewhere to do this?

 

Thanks for anyone's insight!

OS X Mountain Lion

Posted on Jul 26, 2012 4:15 PM

Close

Q: Backing up open directory on Mountain Lion

  • All replies
  • Helpful answers

Previous Page 2
  • by quickthyme,

    quickthyme quickthyme Mar 18, 2013 9:28 AM in response to Guru Evi
    Level 1 (0 points)
    Mar 18, 2013 9:28 AM in response to Guru Evi

    Ok, I tested the script on a live OD server and compared the resulting sparseimage with one that was created using the Server Admin GUI. (Using Lion Server)

     

    Interestingly enough, I noticed that the backup file generated from the CLI (via Guru Evi's perl script) includes a couple of extra files that were not included in the Server Admin GUI backup. In particular, the additional files appear to be related to Kerberos.

     

    Here's a screen shot showing the difference between the two:

    SS_OD_Backup_Compare.png

     

    Most notably is KerberosKDC.plist and krb5backup.tar.gz.

     

    I have not yet tested restoring this file, as I will need to find a Mac that I can use as a test OD server, but so far looks like Guru Evi > Apple Support Engineers.

     

    Thanks! If this proves true, then most of my OD nightmares are over. Why won't Apple reveal this information in the Administrator's Guide? And why would the Enterprise Support team there not share the superior CLI method of creating the OD backup??

  • by essandess,

    essandess essandess Apr 9, 2013 9:31 AM in response to Guru Evi
    Level 1 (28 points)
    Applications
    Apr 9, 2013 9:31 AM in response to Guru Evi

    Thanks to some help from Mike Bombich and this thread, I've put together this bash script for Open Directory backup (using opendirectorybackup), an OD backup backup (using serveradmin), and PostgreSQL backup (using pg_dumpall). This puts all the db backups in /private/var/backups, and keeps two-week-old sequential OD backups.

  • by Guru Evi,

    Guru Evi Guru Evi Apr 9, 2013 9:46 AM in response to quickthyme
    Level 1 (50 points)
    Apr 9, 2013 9:46 AM in response to quickthyme

    I don't know where I got the script from and it doesn't have any copyright information so I suppose it's public domain.

     

    I might have written it a long time ago or someone else did but I have been using it since at least Feb  8  2008 (the create time says so) and if I remember correctly, it came from a Flash drive from another company I worked for which had OD systems on 10.3 which I integrated into Windows NT/2000 domain controllers.

     

    It might've been an edit from another script that does something similar, it's really a simple script. The problem with Apple Support Engineers is that you need to engage the older ones, the ones that have been around since 10.2-10.3 because back then, everything needed to be manually scripted.

  • by sonicsoul,

    sonicsoul sonicsoul Sep 9, 2013 9:23 AM in response to quickthyme
    Level 1 (0 points)
    Sep 9, 2013 9:23 AM in response to quickthyme

    Guru, thanks for the script.  I'm beginning to implement it in a testing environment I'm setting up before we grow our OD setup into multiple locations.

     

    However, what is the process of restoring from these backups, including user passwords?  I'm not really clear on that.

     

    Thanks for any help in advance.

  • by Guru Evi,

    Guru Evi Guru Evi Sep 9, 2013 9:42 AM in response to sonicsoul
    Level 1 (50 points)
    Sep 9, 2013 9:42 AM in response to sonicsoul

    Just use the built-in restore. It generates a disk image that can be used in the Server Admin tool. There is probably a way to do it from command line using serveradmin but that would probably be more painful to use.

  • by robertbla,

    robertbla robertbla Mar 5, 2014 4:15 AM in response to Blaidd Drwg
    Level 1 (0 points)
    Mar 5, 2014 4:15 AM in response to Blaidd Drwg

    Hi

    I do not know if you can help but I have time machine enabled and have backups. My Open Directory corrupted and I have been going all over the internet but I cannot see how to restore the OD from the backup. Do I have to do a full restore of the entire disk?

     

    When I go into the Server App and turn on Open Directory it will let me go into the backup (under restore) but when I click 'continue' it opens the next branch of the directory. Once I get to file level everything is grayed out and cannot be selected.

     

    Many thanks

     

    Rob

  • by essandess,

    essandess essandess Mar 5, 2014 4:23 AM in response to robertbla
    Level 1 (28 points)
    Applications
    Mar 5, 2014 4:23 AM in response to robertbla
  • by Phil Brown2,

    Phil Brown2 Phil Brown2 Dec 11, 2014 11:21 AM in response to quickthyme
    Level 1 (69 points)
    Mac OS X
    Dec 11, 2014 11:21 AM in response to quickthyme

    I realize this is an old thread, but I've been researching this lately myself on Mavericks Server. For the sake of others seeing this for the first time, I wanted to point out that the OD sparseimage backup that Time Machine creates and the OD archive you can create manually from Server App's Open Directory window both contain the two Kerberos files. I looked at them both today, and the file lists are identical. I guess Apple fixed this at some point.

     

    I am running Server App 3.2.2 on Mavericks 10.9.5.

Previous Page 2