Technical data

Backing Up Configuration and Security Data

Configuring and Managing WebLogic Server 10-9

providers cannot modify security data while the domain’s Administration Server is

unavailable. The LDAP repositories on Managed Servers are replicas and cannot be

modified.

The

ldap/ldapfiles subdirectory contains the data files for the LDAP server. The

files in this directory contain user, group, group membership, policies, and role

information. Other subdirectories under the

ldap directory contain LDAP server

message logs and data about replicated LDAP servers.

Do not update the configuration of a security provider while a backup of LDAP data

is in progress. If a change is made—for instance, if an administrator adds a user—

while you are backing up the

ldap directory tree, the backups in the ldapfiles

subdirectory could become inconsistent. If this does occur, consistent, but potentially

out-of-date, LDAP backups are available, as described in “WebLogic Server Backs Up

LDAP Files” on page 10-9.

WebLogic Server Backs Up LDAP Files

Once a day, a server suspends write operations and creates its own backup of the

LDAP data. It archives this backup in a

ZIP file below the ldap\backup directory and

then resumes write operations. This backup is guaranteed to be consistent, but it might

not contain the latest security data.

For information about configuring the LDAP backup, see “Configuring Backups for

the Embedded LDAP Server” in Administration Console Online Help.

Backing Up SerializedSystemIni.dat and Security Certificates

All servers create a file named SerializedSystemIni.dat and locate it in the

server’s root directory. This file contains encrypted security data that must be present

to boot the server. You must back up this file.

If you configured a server to use SSL, you must also back up the security certificates

and keys. The location of these files is user-configurable.