Publishers of technology books, eBooks, and videos for creative people

Home > Articles > Apple > Operating Systems

  • Print
  • + Share This
This chapter is from the book

Archiving and Restoring Open Directory Data

Once your Open Directory master (and any replicas) has been established, it is advisable to archive all of your Open Directory data. This enables you to quickly recover all LDAP user information, passwords, and machine configuration information quickly. It also permits the transferring of Open Directory from one computer to another by restoring the Open Directory information, provided the IP address of the new machine is the same as the old one.

Understanding the Archival Structure

When you archive the Open Directory data, Server Admin creates an encrypted sparse disk image and stores it wherever you choose. The items archived include all three major components of Open Directory masters, which are the LDAP database, Password Server database, and Kerberos Key Distribution Center, along with the local database and passwords, the local KDC, and the host name and directory service files.

Archiving the Open Directory Master

You will now archive all your critical information related the your Open Directory master.

  1. Open the Server Admin tool if it is not already open and select Open Directory in the service list on the left.
  2. Select the Archive icon from the toolbar, click the Choose button next to the “Archive in” field, and navigate to the location you want to archive the information.
  3. Once the location is selected, you are asked to name the disk image and supply a password.

    You can now view the progress bar during the archival process.

  4. Navigate to and locate your sparse disk image to ensure the archival creation actually took place, then copy the image off the server for safekeeping.

Restoring Directory Data to the Open Directory Master

Once Open Directory data has been archived, it can be restored just as easily.

  1. Quit Workgroup Manager if it is open and open Server Admin.
  2. Select Open Directory in the services list, select Settings from the toolbar, and click the General tab.
  3. Change the role of the server from an Open Directory master to a standalone server using the Change button, which launches the Service Configuration Assistant.
  4. Select Standalone and click Continue two times to remove the LDAP database, Password Server database, and Kerberos KDC—all of which comprise the Open Directory master. Click Close to close the Service Configuration Assistant.

    You now have no LDAP database and, consequently, no users in that database.

  5. Click the Change button to launch the Service Configuration Assistant again, select Open Directory master in the list, and click Continue.
  6. Select the defaults for UNIX user ID and short name, enter the same password you used when you first set up the Open Directory master (the password was the same as the short name, diradmin), and click Continue.
  7. Accept the defaults for the Kerberos KDC and LDAP information and click Continue two more times.
  8. Click Close to close the Service Configuration Assistant, then verify in Server Admin that the Role is an Open Directory master.
  9. Click the Archive button in the toolbar, click the Choose button next to the “Restore from” field, and navigate to the location of your archived sparse disk image. Click Choose to select that image for restore.
  10. Click the Restore button, then enter the password for the encrypted sparse disk image.

    Other than a progress bar, there is no indication that you successfully completed a restore of your Open Directory data.

  11. Open Workgroup Manager and view the LDAP database to ensure all users are restored.

You have now successfully restored Open Directory data to your Mac OS X Server.

  • + Share This
  • 🔖 Save To Your Account