Manualshelf

Setup guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE DIRECTORY SERVER 6.01
51525354555657585960
Restoring Data
56 Netscape Certificate Management System Command-Line Tools Guide May 2002
You cannot restore data to a CMS instance that has not been configured. If you
re-installed CMS prior to attempting to restore data, you must configure the new
CMS instance. When you configure the new installation, keep the following points
in mind:
All services should be running on the same netw ork ports as they were when
the backup archive was created. For example, the administration console port
isarandomnumberbydefault;besuretochangethedefaulttothesameport
that your original installation used.
During configuration, you still need to create new keys and certificates for any
servers that use the internal token. You only need to create these keys to
complete the configuration process. Your signing, SSL, or DRM transport
certificates will be restored (replacing whatever you create during the new
configuration) when you run the restore script.
The user running the res tore tool will probably need superuser (UNIX) or
Administrator (Windows NT) privileges. The user running the tool will need
privileges to do the following:
Read the backup zip a rchive
Create a temporary working directory in the directory where the archive is
located
Create directories and files in t he server root and server instance directories
(for example, if the
CMS.cfg file needs to be restored)
•Runthe
bak2db tool for any Netscape Directory Servers that are being res tored
(UNIX) Change file ownership of the LDAP database backup files to the
Directory Server user. The Directory Server user is defined by the
localuser
parameterin slapd.conf.If theDirectoryServer useris differentfrom theuser
running
cmsrestore, the user running the tool must be able to run chown to
change the owner of the files t o the LDAP server u ser (typically only the
superuser has this privilege).
The process of restoring data will require that some servers be stopped and
restarted. If any of your servers require passwords to start (for example, if t hey
need to unlock the key database in order to listen for SSL requests), you will be
prompted for the password. If any p asswords have changed si nce you created the
backup archive, make sure you know the password that was valid at the time the
archive was created.