Backing-up a Siteminder Policy Store on Symantec Directory Server
search cancel

Backing-up a Siteminder Policy Store on Symantec Directory Server

book

Article ID: 262030

calendar_today

Updated On:

Products

SITEMINDER CA Directory

Issue/Introduction

In some rare cases you may need to dump the Siteminder Policy Store as an LDIF file.  Siteminder XPSExport only exports the policy store as an XML file.  If XPSExport fails due to policy store data corruption, an LDAP policy store can still be exported as an LDIF.  This document discusses creating an LDIF export of the Siteminder Policy Store when hosted on a Symantec Directory Server.

There are two methods of backing-up a Symantec Directory Server DSA:

Online Back-up

Offline Back-up

Environment

[Siteminder]

Policy Server: r12.8.x

Policy Server OS: Any

Policy Store: Symantec Directory Server

Directory Server Version: 14.x

 

Cause

It is considered best practices to back-up the DSA on a regular basis.  The 'dxdumpdb' utility can only create an LDIF back-up of a DSA that is offline or from an online dump file (.zdb).  The 'dump dxgrid-db' command will schedule the recurring online backups to occur.  The 'dxdumpdb' command with the '-z' switch can be run against the online back-ups (.zbd) file rather than the active DSA.  This will allow you to avoid have to take the DSA offline.

In the event that you need to back-up the DSA immediately, like before implementing a major change, you can take the DSA offline and run dxdumpdb directly against the offline DSA.  The other option is to use 'dxserver onlinebackup' to immediately dump a <DSA>.zdb file which the 'dxdumpdb -z' command can be run against instead.

Resolution

Online Backup of DSA

Windows

1) Logon to the Symantec Directory Server

2) launch 'cmd.exe' with elevated privileges (Run As Administrator)

3) Create an online back-up of the DSA

dxserver onlinebackup <DSA_Name>

NOTE: This creates a online dump file (<DSA_Name>.zbd) in <Install_Dir>\CA\Directory\dxserver\data\

4) Create an ldif from the online back-up file

dxdumpdb -f <filename>.ldif -z <DSA_Name> 

LINUX

1) Logon to the Symantec Directory Server

2) Create an online back-up of the DSA

dxserver onlinebackup <DSA_Name>

NOTE: This creates a online dump file (<DSA_Name>.zbd) in <Install_Dir>/CA/Directory/dxserver/data\

3) Create an ldif from the online back-up file

dxdumpdb -f <filename>.ldif -z <DSA_Name> 

Offline Backup of DSA

Windows

1) Logon to the Symantec Directory Server

2) launch 'cmd.exe' with elevated privileges (Run As Administrator)

3) Stop the DSA

dxserver stop <DSA_Name>

4) Back-up the DSA

dxdumpdb -f <filename>.ldif <DSA_Name> 

5) Start the DSA

dxserver start <DSA_Name>

LINUX

1) Logon to the Symantec Directory Server

3) Stop the DSA

dxserver stop <DSA_Name>

4) Back-up the DSA

dxdumpdb -f <filename>.ldif <DSA_Name> 

5) Start the DSA

dxserver start <DSA_Name>

Powered by Wolken Software