Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Version 10.3 or Later

111

112

113

114

115

116

117

118

119

120

120 Chapter 8 Maintenance and Problem Solving

Restoring Open Directory Files

To restore an Open Directory master from backup files, you need to restore its shared

LDAP directory domain, its configuration files, and its Open Directory Password Server

database. You might want to restore the server’s local directory, which is a NetInfo

domain, as well.

To restore an Open Directory master from backup files:

1 If you have to recover from a catastrophic failure by reinstalling the Mac OS X Server

software, set the directory usage to standalone server when Server Assistant takes you

through the initial configuration of the server.

If Mac OS X Server was reinstalled but the directory usage was initially configured to

something other than standalone server in Server Assistant, open Server Admin, select

Open Directory, click Settings, click General, and change Role to Standalone Server.

2 Open a Terminal session as root.

3 Restore the /etc/openldap folder from a backup copy.

This folder contains files that determine the setup of the LDAP directory domain,

including schema files.

4 Restore the /etc/hostconfig file from a backup copy.

If you don’t have a backup copy of the /etc/hostconfig file, you can edit the existing

file. The file needs to contain the following line:

LDAPSERVER=-YES-

If the restored LDAP server will use SSL, the /etc/hostconfig file must also contain the

following line:

LDAPSSL=-YES-

5 If the restored LDAP server will use SSL, restore a copy of the server certificate file,

LDAP server’s private key file, and the certificate authority (CA) certificate file.

Restore these files to their previous locations. The correct pathnames are specified in

/etc/openldap/slapd_macosxserver.conf or /etc/openldap/slapd.conf.

6 Make sure the folder that will contain the LDAP database exists and is empty.

This folder’s pathname, which by default is /var/db/openldap/openldap-data/, is

specified in /etc/openldap/slapd_macosxserver.conf or /etc/openldap/slapd.conf.

7 Type the following command and press Return.

slapadd -c -l backup.ldif

This use of slapadd adds user records, group records, computer records, and so on to

the LDAP directory from the raw LDIF text file named backup.dif. You can specify a

different filename and a pathname. (Adding LDAP records from the LDIF text file does

not restore passwords for user records whose password type is Open Directory. These

passwords are not stored in the LDAP directory database. They are stored separately in

the Open Directory Password Server database.)

LL2352.Book Page 120 Friday, August 22, 2003 3:12 PM