Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Version 10.3 or Later
111112113114115116117118119120
Chapter 8 Maintenance and Problem Solving 119
This use of slapcat saves the complete contents of the LDAP directory as a raw LDIF
dump in a text file named backup.ldif. You can specify a different filename and a
pathname. The file you specify contains all user records, group records, computer
records, and so on. (The file does not contain passwords for user records whose
password type is Open Directory. These passwords are not stored in the LDAP directory
database. They are stored separately in the Open Directory Password Server database.)
3 Make a copy of the /etc/openldap folder.
This folder contains files that determine the setup of the LDAP directory domain,
including schema files.
4 If your LDAP server uses SSL, make a copy of the server certificate file, LDAP server’s
private key file, and the certificate authority (CA) certificate file.
5 Type the following commands, pressing Return after each.
mkdir -p backup folder pathname
mkpassdb -backupdb backup folder pathname
The Open Directory Password backup folder, located at backup folder pathname, will
contain backup copies of all Open Directory Password Server files, including the
database.
Carefully safeguard the Open Directory Password Server backup folder! It contains the
passwords of all users who have an Open Directory password, both in the shared LDAP
directory domain and in the local NetInfo directory domain. Keep the backup media as
secure as the Open Directory master server.
6 Optionally, make a copy of the Library/Preferences/DirectoryService folder.
Files in this folder specify the server’s search policies and specify how the server
accesses its LDAP directory. The folder may contain additional files that specify how the
server access other directory domains.
7 Optionally, make a copy of the /etc/hostconfig file.
8 If you want to back up the local NetInfo directory domain, type the following
command and press Return:
nidump -r / . > local.dump
This use of nidump saves the entire contents of the local NetInfo domain as a raw text
file named local.dump. You can specify a different filename and a pathname.
Note: If all user accounts have an Open Directory password and the Open Directory
Password Server stops working, you can log in as root. The root user account in the
local directory domain has a shadow password, which is not stored in the Open
Directory Password Server database.
LL2352.Book Page 119 Friday, August 22, 2003 3:12 PM