0

We have an openLDAP cluster running with 2 Master(producers) and 1 consumer. I read the below guides and got a good enough idea about using slapcat/ldapsearch with slapadd/ldapadd to backup & restore the data.

For me using ldapsearch with ldapadd worked on taking a backup and restoring it. However, I ended up changing the entryUUID, contextCSN, create & modifyTimestamp of the entries.

ldapsearch -x -H ldaps://ldap.server.net -D "dc=mycompany,dc=net" -W -b "dc=admin,dc=mycompany,dc=net" -LLL > ldapd-"`date +%Y%m%d`".ldif

ldapadd -x -c -H ldapi:/// -D "dc=admin,dc=mycompany,dc=net" -y "${PASSWORD_FILE}" -f "ldapd-"`date +%Y%m%d`".ldif

I wanted to check if this is a preferred way of doing a backup & restore operations or is there any better practices ?

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
swetad90
  • 784
  • 1
  • 13
  • 34

1 Answers1

0

I would propose to try installing Bacula Community open source product (www.bacula.org) and follow the guide from here. You only need to create a script that exports the DIT in a single file. Then you just need to create a job that backups this file with Bacula. The benefit of this solution will be able to backup something else from your infrastructure with Bacula later on, it's pretty much a universal system.

  • This is for automating the backup of ldap..My question was more for the method of backup.Like in your script you used ldapsearch..Also How do you restore this backup ? – swetad90 Nov 26 '19 at 20:12
  • There are some other resources that may be helpful, like this info on using bpipe to make the backups run directly to the SD (http://www.bacula.lat/db2-bpipe-backup-with-community-bacula/?lang=en). And this blog post is also showing how to integrate it all into Bacula (https://karellen.blogspot.com/2012/02/ldap-backup-with-bacula.html). –  Dec 04 '19 at 22:14