How to export and import rules safely and rebuild the database from scratch with PIM.
book
Article ID: 54174
calendar_today
Updated On:
Products
CA Privileged Identity Management Endpoint (PIM)
CA Privileged Access Manager - Server Control (PAMSC)
CA Virtual Privilege Manager
Issue/Introduction
This article describes the steps for backup and restore of seosdb for Unix/Linux and Windows environments.
Environment
Privileged Identity Manager 12.x
PAM Server Control 14.x
Resolution
The procedure will be the following in your UNIX / LINUX environment as "root":
- Check if Access Control is running: Run: 'issec'
- Stop Access Control: Run: 'secons -s'
- You need to be inside the 'seosdb' directory: Run: 'cd /opt/CA/eTrustAccessControl/seosdb'
- Export the existing rules: Run: 'dbmgr -e -l -f /tmp/dbrules.txt'
- Export user-related data: Run: 'dbmgr -m -r /tmp/pmdb.pwd'
- One level up from 'seosdb': Run: 'cd ..'
- Create a new directory 'seosdb_new': Run: 'mkdir seosdb_new'
- You need to be inside the new directory 'seosdb_new': Run: 'cd seosdb_new' Run: 'mkdir seosdb_new'
- Create the new database files from scratch: Run: 'dbmgr -create -cq' (-cq does not prompt for verification)
- Import the rule set exported at the step D) Run: 'selang -l -d . -f /tmp/dbrules.txt'
- Import user-related data exported at the step E) Run: 'dbmgr -m -w /tmp/pmdb.pwd'
- One level up from 'seosdb_new': Run: 'cd ..'
- Rename the previous seosdb directory from 'seosdb' to 'seosdb_old': Run: 'mv seosdb seosdb_old'
- Rename the new seosdb directory created at the step G) from 'seosdb_new' to 'seosdb': Run: 'mv seosdb_new seosdb'
- Restart Access Control: Run: 'seload'
The procedure will be the following in your WINDOWS environment as "Administrator":
- Check if Access Control is running: Run: 'net start|find "Access Control"
- Stop Access Control: Run: 'secons -s'
- You need to be inside the 'seosdb' directory: Run: 'cd \Program Files\CA\eTrustAccessControl\data\seosdb'
- Export the existing rules: Run: 'dbmgr -e -l -f C:\TEMP\dbrules.txt'
- Export user-related data: Run: 'dbmgr -m -r C:\TEMP\pmdb.pwd'
- One level up from 'seosdb': Run: 'cd ..'
- Create a new directory 'seosdb_new': Run: 'mkdir seosdb_new'
- You need to be inside the new directory 'seosdb_new': Run: 'cd seosdb_new'
- Create the new database files from scratch: Run: 'dbmgr -create -cq' (-cq does not prompt for verification)
- Import the rule set exported at the step D): Run: 'selang -l -f C:\TEMP\dbrules.txt'
- Import user-related data exported at the step E) Run: 'dbmgr -m -w C:\TEMP\pmdb.pwd'
- One level up from 'seosdb_new': Run: 'cd ..'
- Rename the previous seosdb directory from 'seosdb' to 'seosdb_old': Run: 'ren seosdb seosdb_old'
- Rename the new seosdb directory created at the step G) from 'seosdb_new' to 'seosdb': Run: 'ren seosdb_new seosdb'
- Restart Access Control: run 'seosd -start'
Feedback
thumb_up
Yes
thumb_down
No