6443N/A<?
xml version="1.0" encoding="UTF-8"?>
6443N/A ! This work is licensed under the Creative Commons 6443N/A ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. 6443N/A ! To view a copy of this license, visit 6443N/A ! or send a letter to Creative Commons, 444 Castro Street, 6443N/A ! Suite 900, Mountain View, California, 94041, USA. 6443N/A ! You can also obtain a copy of the license at 6443N/A ! See the License for the specific language governing permissions 6443N/A ! and limitations under the License. 6443N/A ! If applicable, add the following below this CCPL HEADER, with the fields 6443N/A ! enclosed by brackets "[]" replaced with your own identifying information: 6443N/A ! Portions Copyright [yyyy] [name of copyright owner] 7321N/A ! Copyright 2011-2015 ForgeRock AS. 6443N/A<
chapter xml:
id='chap-backup-restore' 6443N/A <
title>Backing Up & Restoring Data</
title>
6443N/A <
para>OpenDJ lets you backup and restore your data either in compressed,
6443N/A binary format, or in LDAP Data Interchange Format. This chapter shows you how
6443N/A to backup and to restore OpenDJ data from archives, and explains portability
6443N/A of backup archives, as well as backing up server configuration
6443N/A <
title>Backing Up Directory Data</
title>
6443N/A <
indexterm><
primary>Backup</
primary></
indexterm>
6443N/A <
para>A <
filename>bak/</
filename> directory is provided when you install
6443N/A OpenDJ, as a location to save binary backups. When you create a backup,
6443N/A <
para>Archives produced by the <
command>backup</
command> command contain
6443N/A backups only of the directory data. Backups of server configuration are
7088N/A This section includes the following procedures:
7088N/A <
xref linkend="backup-immediately" />
7088N/A <
xref linkend="schedule-backup" />
7088N/A <
xref linkend="schedule-incremental-backup" />
6443N/A <
procedure xml:
id="backup-immediately">
6443N/A <
title>To Back Up Data Immediately</
title>
6443N/A <
para>To perform online backup, you start backup as a task by connecting to
6443N/A the administrative port and authenticating as a user with the
6443N/A <
literal>backend-backup</
literal> privilege, and also setting a start time
6443N/A for the task by using the <
option>--start</
option> option.</
para>
7255N/A To perform offline backup when OpenDJ is stopped,
7321N/A xlink:
href="reference#backup-1" 7255N/A ><
command>backup</
command></
link> command
7255N/A without connecting to the server, authenticating, or requesting a backup task.
6443N/A <
para>Use one of the following alternatives.</
para>
6443N/A is stored in the backend named <
literal>userRoot</
literal>.</
para>
6443N/A <
para>The following example requests an online backup task that
6443N/A starts immediately, backing up only the <
literal>userRoot</
literal>
7097N/A --bindDN "cn=Directory Manager" \
7097N/A<
computeroutput>Backup task 20110613143715983 scheduled to start Jun 13, 2011 2:37:15 PM CEST</
computeroutput>
6443N/A <
para>The following example stops OpenDJ, runs offline backup, and
6443N/A starts the server after backup has completed.</
para>
7097N/A$ <
userinput>stop-ds</
userinput>
7097N/A<
computeroutput>Stopping Server...
6443N/A[
13/
Jun/
2011:14:31:00 +0200] category=BACKEND severity=NOTICE msgID=9896306
6443N/A msg=The backend userRoot is now taken offline
6443N/A msg=The Directory Server is now stopped
6443N/A[
13/
Jun/
2011:14:33:48 +0200] category=TOOLS severity=NOTICE msgID=10944792
6443N/A msg=Starting backup for backend userRoot
6443N/A[
13/
Jun/
2011:14:33:48 +0200] category=TOOLS severity=NOTICE msgID=10944795
7097N/A msg=The backup process completed successfully</
computeroutput>
7097N/A$ <
userinput>start-ds</
userinput>
7097N/A<
computeroutput>... The Directory Server has started successfully</
computeroutput>
6443N/A <
para>Back up all user data on the server.</
para>
6443N/A <
para>The following example requests an online backup task that
6443N/A starts immediately, backing up all backends.</
para>
7097N/A --bindDN "cn=Directory Manager" \
7097N/A<
computeroutput>Backup task 20110613143801866 scheduled to start Jun 13, 2011 2:38:01 PM CEST</
computeroutput>
6443N/A <
procedure xml:
id="schedule-backup">
6443N/A <
title>To Schedule Data Backup</
title>
6443N/A <
para>You can schedule online data backup using <
command>crontab</
command>
6443N/A <
para>Back up all user data every night at 2 AM, and notify
6443N/A diradmin@example.com when finished, or on error.</
para>
7097N/A --bindDN "cn=Directory Manager" \
7097N/A --recurringTask "00 02 * * *" \
7097N/A --completionNotify diradmin@example.com \
7097N/A --errorNotify diradmin@example.com</
userinput>
7097N/A<
computeroutput>Recurring Backup task BackupTask-988d6adf-4d65-44bf-8546-6ea74a2480b0
7097N/Ascheduled successfully</
computeroutput>
7088N/A <
procedure xml:
id="schedule-incremental-backup">
7088N/A <
title>To Schedule Incremental Data Backup</
title>
7088N/A You can schedule an incremental backup
7088N/A by using the <
option>--incremental</
option> option.
7088N/A If you do not set the <
option>--incrementalBaseID</
option> option,
7088N/A then OpenDJ increments based on the last backup taken.
7088N/A Back up <
literal>userRoot</
literal> backend data incrementally
7088N/A and notify diradmin@example.com when finished, or on error.
7097N/A --bindDN "cn=Directory Manager" \
7097N/A --recurringTask "00 03 * * *" \
7097N/A --completionNotify diradmin@example.com \
7097N/A --errorNotify diradmin@example.com</
userinput>
7097N/A<
computeroutput>Recurring Backup task BackupTask-6988c19d-9afc-4f50-89b7-d3e167255d3e
7097N/Ascheduled successfully</
computeroutput>
6443N/A <
section xml:
id="restore-data">
6443N/A <
title>Restoring Directory Data From Backup</
title>
6443N/A <
indexterm><
primary>Backup</
primary></
indexterm>
6443N/A <
primary>Restoring</
primary>
6443N/A <
secondary>From backup</
secondary>
6443N/A <
para>When you restore data, the procedure to follow depends on whether
6443N/A the OpenDJ directory server is replicated.</
para>
6443N/A <
procedure xml:
id="restore-standalone-server">
6443N/A <
title>To Restore a Stand-alone Server</
title>
6443N/A <
para>To restore OpenDJ when the server is online, you start a restore task
6443N/A by connecting to the administrative port and authenticating as a user with
6443N/A the <
literal>backend-restore</
literal> privilege, and also setting a start
6443N/A time for the task by using the <
option>--start</
option> option.</
para>
7255N/A To restore data when OpenDJ is stopped, you run the
7321N/A xlink:
href="reference#restore-1" 7255N/A ><
command>restore</
command></
link> command
7255N/A without connecting to the server, authenticating, or requesting a restore task.
6443N/A <
para>Use one of the following alternatives.</
para>
6443N/A <
para>The following example stops OpenDJ, restores data offline from
6443N/A one of the available backups, and then starts the server after the
6443N/A restore is complete.</
para>
7097N/A$ <
userinput>stop-ds</
userinput>
7097N/A<
computeroutput>Stopping Server...
6443N/A[
13/
Jun/
2011:15:44:06 +0200] category=BACKEND severity=NOTICE msgID=9896306
6443N/A msg=The backend userRoot is now taken offline
7097N/A msg=The Directory Server is now stopped</
computeroutput>
7097N/A<
computeroutput>Backup ID: 20110613080032
7097N/ADependent Upon: none</
computeroutput>
7097N/A<
computeroutput>[
13/
Jun/
2011:15:47:41 +0200] category=JEB severity=NOTICE msgID=8847445
7097N/A$ <
userinput>start-ds</
userinput>
7097N/A<
computeroutput>... The Directory Server has started successfully</
computeroutput>
6443N/A <
para>Schedule the restore as a task to begin immediately.</
para>
6443N/A <
para>The following example requests an online restore task, scheduled
6443N/A to start immediately.</
para>
7097N/A --bindDN "cn=Directory Manager" \
7097N/A --backupID 20110613080032 \
7097N/A<
computeroutput>Restore task 20110613155052932 scheduled to start Jun 13, 2011 3:50:52 PM CEST</
computeroutput>
6443N/A <
procedure xml:
id="restore-replica">
6443N/A <
title>To Restore a Replica</
title>
6443N/A <
primary>Replication</
primary>
6443N/A <
secondary>Restoring from backup</
secondary>
6443N/A <
para>After you restore a replica from backup, replication brings the replica
6443N/A up to date with changes that happened after you created the backup. In order
6443N/A to bring the replica up to date, replication must apply changes that
6443N/A happened after the backup was made. Replication uses internal change log
6443N/A records to determine what changes to apply.</
para>
6443N/A <
para>Internal change log records are not kept forever, though. Replication
6443N/A is configured to purge the change log of old changes, preventing the log
6443N/A from growing indefinitely. Yet, for replication to determine what changes
6443N/A to apply to a restored replica, it must find change log records dating back
6443N/A at least to the last change in the backup. In other words, replication can
6443N/A bring the restored replica up to date <
emphasis>as long as the change log
6443N/A records used to determine which changes to apply have not been
6443N/A <
para>Therefore, when you restore a replicated server from backup, make sure
6443N/A the backup you use is newer than the last purge of the replication change
6443N/A log (default: 3 days). If all your backups are older than the replication
6443N/A purge delay, do not restore from a backup, but instead initialize a new
7097N/A replica as described in <
link 7097N/A xlink:
href="admin-guide#init-repl" 6443N/A Replicas</
citetitle></
link>.</
para>
6443N/A <
para>Restore the server database from the backup archive that you are
6443N/A sure is newer than the last purge of the replication change log.</
para>
7097N/A$ <
userinput>stop-ds</
userinput>
7097N/A<
computeroutput>Stopping Server...
6443N/A[
13/
Jun/
2011:15:44:06 +0200] category=BACKEND severity=NOTICE msgID=9896306
6443N/A msg=The backend userRoot is now taken offline
7097N/A msg=The Directory Server is now stopped</
computeroutput>
7097N/A<
computeroutput>Backup ID: 20110613080032
7097N/ADependent Upon: none</
computeroutput>
7097N/A<
computeroutput>[
13/
Jun/
2011:15:47:41 +0200] category=JEB severity=NOTICE msgID=8847445
7097N/A$ <
userinput>start-ds</
userinput>
7097N/A<
computeroutput>... The Directory Server has started successfully</
computeroutput>