How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I restore old backup data to a DS 6.x replication topology?

Last updated Jan 11, 2023

The purpose of this article is to provide information on restoring old backup data to a DS replication topology and using this old data to initialize replication. In this way, you can restore good data from an old backup and ensure it replicates across all servers. This article assumes replication has already been enabled.

Note

This article does not apply to DS 7 and later, because DS 7 introduces improvements to simplify replication and backup/restore. If you need to restore old backup data in DS 7 and later, you should refer to Restore to a Known State.

Overview

There are two types of backup data:

  • A binary backup - created using the DS backup --backUpAll command.
  • In LDIF format - created using the DS export-ldif command.
Note

If you are restoring a binary backup, you must ensure that the backup file exists on the local server on which you want to run the restore command. You cannot restore a backup file from a remote instance.

Restoring old backup data and initializing replication

You can restore old backup data to a DS replication topology and initialize replication as follows:

  1. Enter the following command on one of the servers (server1 for purposes of example) to prepare the domain on all servers for being externally initialized: You must specify the baseDN of the data you are going to be changing, for example, dc=example,dc=com. $ ./dsreplication pre-external-initialization --hostname ds.example.com --port 4444 --baseDN dc=example,dc=com --adminUID admin --adminPassword password --no-prompt
  2. Restore the backup data to server1 as follows, depending on what type it is:
    • Binary backup - run the restore command on server1, for example: $ ./restore --hostname ds.example.com --port 4444 --bindDN "cn=Directory Manager" --bindPassword password --backupID 20161019100952Z --backupDirectory /path/to/ds/binaryBackup_bak
    • LDIF format - use the import-ldif command, for example: $ ./import-ldif --hostname ds.example.com --port 4444 --baseDN dc=example,dc=com --backendID userRoot --ldifFile /path/to/backupfile.ldif
  3. Back up server1 (which now includes your restored backup data) using the backup command, for example: $ ./backup --hostname ds.example.com --port 4444 --bindDN "cn=Directory Manager" --bindPassword password --backendID userRoot --backupDirectory /path/to/ds/server1_bak --start 0
  4. Copy the backup file you created in the previous step and the accompanying backup.info file to each server you want to restore (server2 and server3 in this example).
  5. Restore this backup to all the other servers by running the restore command locally on each server in the topology, for example: $ server2/bin/restore --hostname ds2.example.com --port 4444 --bindDN "cn=Directory Manager" --bindPassword password --backupID 20161019102414Z --backupDirectory /path/to/ds/server1_bak $ server3/bin/restore --hostname ds3.example.com --port 4444 --bindDN "cn=Directory Manager" --bindPassword password --backupID 20161019102414Z --backupDirectory /path/to/ds/server1_bak [...]
  6. Enter the following command on server1 to set the new generation ID for the entire domain. Ensure you use the same baseDN as in step 1: $ ./dsreplication post-external-initialization --hostname ds.example.com --port 4444 --baseDN dc=example,dc=com --adminUID admin --adminPassword password --no-prompt
Note

Instead of backing up and restoring (steps 3 and 5), you could use the dsreplication initialize-all command to initialize all servers via the network. This command Initializes the contents of the data under the specified base DN on all the servers with the contents on the specified server. See dsreplication for further details.

The above steps alter the generation ID of the replicated domain. "Old" changes will not get replayed because they were targeting the data using the previous generation ID. The final step calculates a new generation ID for the domain and broadcasts it to all the servers, which allows them to replicate again.

Replication will now proceed as normal, but from the restored point in time.

See Also

Generation IDs do not match error after restoring a DS (All versions) replica

How do I roll back an entire network of DS 6.x replicas to a previous backup?

How do I configure DS 6.x to ensure accidentally deleted or changed data can be restored when replication is enabled?

How do I design and implement my backup and restore strategies for DS (All versions)?

FAQ: Backup and restore in DS 6.x

How do I quickly create a new DS 6.x replica?

Backing Up and Restoring Data

Initializing Replicas

Related Training

N/A

Related Issue Tracker IDs

N/A
Copyright and Trademarks Copyright © 2023 ForgeRock, all rights reserved.