Chapter 3. Restoring Directory Server

In certain situations, for example after a hardware failure, you need to restore Directory Server. You can do that using the command line or the web console. Note that Directory Server does not support restoration of individual databases.

When you want to populate the database with custom data, use the import feature. You can import specific data from a server in LDIF format. For details, see Importing data to Directory Server.

3.1. Restoring all databases using the command line while the instance is running

To restore all databases on the Directory Server instance that is running, use the dsconf backup restore command.

Prerequisites

  • You have a Directory Server backup.
  • The dirsrv user has read permissions in the backup directory.
  • The Directory Server instance is running.

Procedure

  1. Restore all databases from the backup stored in the /var/lib/dirsrv/slapd-instance_name/bak/instance_name-YYYY_MM_DD_hh_mm_ss directory: 

    # dsconf -D "cn=Directory Manager" ldap://server.example.com backup restore /var/lib/dirsrv/slapd-instance_name/bak/instance_name-YYYY_MM_DD_hh_mm_ss
The backup restore task has finished successfully
  2. Search the /var/log/dirsrv/slapd-instance_name/errors log for problems during the restore.

Additional resources

3.2. Restoring all databases using the command line while the instance is offline

To restore all databases when the instance is offline, use the dsctl bak2db command.

Prerequisites

  • You have a Directory Server backup.
  • The dirsrv user has read permissions in the backup directory.
  • The Directory Server instance is not running.

Procedure

  1. Restore all databases from the backup stored in the /var/lib/dirsrv/slapd-instance_name/bak/instance_name-YYYY_MM_DD_hh_mm_ss directory: 

    # dsctl instance_name bak2db /var/lib/dirsrv/slapd-instance_name/bak/instance_name-YYYY_MM_DD_hh_mm_ss/
bak2db successful

    Optionally, pass the -v option to the command to display verbose output: 

    # dsctl -v instance_name bak2db /var/lib/dirsrv/slapd-instance_name/bak/instance_name-YYYY_MM_DD_hh_mm_ss/
...
DEBUG: Instance allocated
DEBUG: OK group dirsrv exists
DEBUG: OK user dirsrv exists
DEBUG: systemd status -> True
...
INFO: bak2db successful
  2. Search the /var/log/dirsrv/slapd-instance_name/errors log for problems during the restore.

  3. Optional: Start the instance: 

    # dsctl instance_name start

Additional resources

3.3. Restoring all databases using the web console

Directory Server supports restoring data using the web console.

Prerequisites

  • A backup is stored in the /var/lib/dirsrv/slapd-instance_name/bak/ directory.
  • The dirsrv user has read permissions in the backup directory.
  • You are logged in to the instance in the web console.

Procedure

  1. Click the Actions menu, and select Manage Backups. The displayed window lists the available backups in the /var/lib/dirsrv/slapd-instance_name/bak/ directory.
  2. Open the Actions menu next to the backup you want to restore, and select Restore Backup.
  3. Click Yes to confirm.
  4. To check the log for problems during the restore, open the MonitoringLoggingErrors Log menu.

Additional resources

3.4. Restoring databases that include replicated entries

Several situations can occur when a supplier server is restored:

  • The consumer servers are also restored.

    For the very unlikely situation, that all databases are restored from backups taken at exactly the same time (so that the data are in sync), the consumers remain synchronized with the supplier, and it is not necessary to do anything else. Replication resumes without interruption.

  • Only the supplier is restored.

    If only the supplier is restored or if the consumers are restored from backups taken at different times, reinitialize the consumers for the supplier to update the data in the database.

  • Changelog entries have not yet expired on the supplier server.

    If the supplier’s changelog has not expired since the database backup was taken, then restore the local consumer and continue with normal operations. This situation occurs only if the backup was taken within a period of time that is shorter than the value set for the maximum changelog age attribute, nsslapd-changelogmaxage, in the cn=changelog,cn=database_name,cn=ldbm database,cn=plugins,cn=config entry.

    Directory Server automatically detects the compatibility between the replica and its changelog. If a mismatch is detected, the server removes the old changelog file and creates a new, empty one.

  • Changelog entries have expired on the supplier server since the time of the local backup.

    If changelog entries have expired, reinitialize the consumer.

Example 3.1. Restoring a Directory Server replication topology

To restore all servers in a replication environment, consisting of two suppliers and two consumer servers:

  1. Reinitialize the first supplier using either restore or import.

  2. Online-initialize the remaining servers by using replication:

    1. Initialize the second supplier from the first one.
    2. Initialize the consumers from the supplier.
  3. On each server, display the replication status to verify that replication works correctly.

The changelog associated with the restored database will be erased during the restore operation. A message will be logged to the supplier server’s log files indicating that reinitialization is required.

Additional resources

3.5. Restoring configuration files, the certificate database, and custom schema files

You can manually restore configuration files, the certificate database, and custom schema files from the backup.

Prerequisites

  • You have a Directory Server backup.
  • The dirsrv user has read permissions in the /var/lib/dirsrv/slapd-instance_name/bak/ backup directory.
  • The Directory Server instance is not running.

Procedure

  1. Copy files you want to restore from the the backup directory to the Directory Server configuration directory. For example, to restore the dse.ldif configuration file, enter: 

    # cp /var/lib/dirsrv/slapd-instance_name/bak/example_backup/config_files/dse.ldif /etc/dirsrv/slapd-instance_name/

  2. Start the instance: 

    # dsctl instance_name start

Verification

  • Verify that the server restored the server configuration: 

    # dsconf -D "cn=Directory Manager" ldap://server.example.com config get

Additional resources