In my experience - and opinion - the archiving tools available in Server Admin don't work. Even if you managed to actually save an archive and wanted to restore from it you'll either find it won't restore properly or, if it does, the database will be mangled. This has been the case since 10.6 and up to 10.6.5. I've not tried it since because it became clear it was a waste of time. Seeing as you're at 10.6.7 it does not look like Apple have made any real efforts at fixing this 'feature' - that worked perfectly well in previous versions - yet.
Who knows perhaps in 10.7 this facility might start working again? I would not hold your breath though.
In my experience exporting relevant files using the command line has been the most reliable.
The most reliable way I've found of 'backing' up LDAP data, using the Interface, is via WorkGroup Manager's Export feature. I don't mind losing the ability to export passwords as I can export and re-import those using the command line or not depending on what I want to achieve.
As ever YMMV.
Thanks for looking at this.
I have had Server Admin actually do pretty well with all of this in the past. I believe that the problem started when I moved the server to another IP. I assume I did the damage then. I have been able to get users in and out using export, I'd like to avoid losing the passwords.
We have less than 20 users but I would still like to avoid the work of manually recreating the entire database from scratch.
Clearly I'd like to do what Server Admin did automatically, save users, groups, computers, passwords, sharing privileges, and user and computer preferences.
I have always depended on Server Admin. My Unix is modest at best. Do you have suggestions or know of a tutorial somewhere?
Changing the IP address or Hostname on a mature OD Master is always going to have repercussions one way or another. Especially if you've archived the Database first, made the change and then restored it again. There is no easy and quick way of knowing how many references to the old IP address or hostname you need to change before restoring the database. I tried it once, it took ages and I would have spent less time in getting the Server operational again if I'd rebuilt from scratch. By that I mean reformatting, reinstalling and keying in all the Users etc again. However YMMV?
I've learnt over the years to not depend too much on Server Admin for anything! It has to be one of the flakiest applications Apple have ever offered, although - to be fair - it has improved a little recently.
Is 20 Users all you have? I've not bothered with passwords for databases containing hundreds of Users. A Password Policy prompting users to change their passwords at next login achieves a reliable result IMO. However it's your Server and you do what you feel is best.
Apart from the Passwords all of the database that is of any use is preserved when exporting from WorkGroup Manager. If you want to go down the command line AFP548.com had an article that worked (I used to use it years ago) that went through how to export passwords using relevant command line tools. They may still have it available if you care to look?
The correction for this problem is simple and can be found in a link posted by Dave_Tech in this discussion https://discussions.apple.com/message/16013583#16013583.
The solution in the linked page solved this problem for me.
Hi, I know this is an old thread but I feel the need to update for anyone else unfortunate enough to waste their time with such a silly error.
The above hints to fix the issue are correct but the entry that needs to be changed in Keychain Access is different for 10.7+. What you want to make sure is correct is the entry "/LDAPv3/127.0.0.1" not com.apple.opendirectory as this isn't created in 10.7 on.
Hope this saves someone's time if they stumble upon this!