Backup and restore are invoked by script files:
defbkparm.sh: Created by install. This has the default values for the scripts.
getparams.sh: Prompts administrators for the information needed for the back up or restore operation.
ambkup.sh: Script to run to perform a backup.
amrestore.sh: Script to run to perform a restore.
Other programs used by backup and restore:
ICE: The eDirectory utility to import and export the LDIF file in and out of eDirectory.
ldifReverse: A program that reverses the order of the records in the LDIF file exported from eDirectory. Reversing the order of records allows the LDIF file to be imported without errors.
certtool.jar: An eDirectory certificate utility that backs up and restores the CA key, server keys, and trusted roots to a zip file.
Component 010
Subgroup 01: Backup
Subgroup 02: Restore
Subgroup 03: certtool (certificate backup and restore)
Messages are logged to the ambkup.log file.
Event Code |
Description |
Remedy |
---|---|---|
Backup |
||
201001001 |
Backup failed to export data from the configuration store. |
Cause: The ICE utility failed to export directory information to an LDIF file. Action: Ensure that ICE is in the proper location (Linux: /opt/novell/eDirectory/bin). Action: Ensure that the host IP address, port, administrator, and password are correct. Action: Ensure the back up file is writable. |
201001002 |
Backup failed to format data for a successful restore. |
Cause: The ldifReverse utility failed to sort the LDIF records. Action: Ensure that ldifReverse is in the proper location (Same directory as backup command). Action: Ensure the back up file is writable Action: Check for the backup file you specified with "_pre" appended to the file name. If the file exists, run the following command: ldifReverse bkupfile_pre bkupfile Replace bkupfile with the filename you specified for the backup file. It should create bkupfile which is the desired back up file. |
201001003 |
Backup failed to export certificates to the backup zip file. |
Cause: The certtool utility failed to export the certificates to a zip file. Action: Ensure that certtool.jar is in the proper location (Same directory as backup command). Action: Ensure the back up file is writable. Action: Manually export the certificates to a zip file: java -Djava.library.path=/opt/novell/lib -jar certtool.jar -edirTree your_tree -edirIP 000.000.000.000 -edirServer cn=!ServerName.0=novell -edirUser cn=admin.o=novell -edirPwd secret -bkup -file ServerName _20060828_0930.zip -pwd certsecret -trcontainer trustedRoots.access ManagerContainer.novell -caName "your_tree CA" |
Restore |
||
201002001 |
Backup file does not exist. |
Cause: The backup file does not exist. The name of the backup file specified in answer to the prompt should not include the final .ldif or .zip extension. Action: Specify the correct name of the back up file. |
201002002 |
Backup file does not appear to be valid. |
Cause: An simple analysis of the backup file indicates that the LDIF file specified backup file (with .ldif appended to the name) is not a valid backup file. Action: Ensure to specify a backup file that was created by the Access Manager Backup utility. |
201002003 |
Restore failed to access the configuration store. |
Cause: The ICE utility failed to access the eDirectory configuration store. Action: Ensure that ICE is in the proper location (Linux: /opt/novell/eDirectory/bin). Ensure that host IP address, port, administrator, and password are correct. |
201002004 |
Restore failed to format the current configuration store data. |
Cause: Restore could not save a copy of the current configuration store. A current copy of the config store is saved before the import in case the import fails. Action: Ensure that ldifReverse is in the proper location (Same directory as backup command). |
201002005 |
Restore failed to prepare the configuration store for data import. |
Cause: ICE failed. Unknown reason because it has previously been invoked successfully in the restore script. |
201002006 |
Restore failed to prepare the configuration store for data import. |
Cause: ICE failed. Unknown reason because it has previously been invoked successfully in the restore script. |
101002007 |
Restore failed to restore the backup data. |
Cause: ICE failed. Unknown reason because it has previously been invoked successfully in the restore script. Action: Check the configuration store for the following container: ou=accessManagerContainer,o=novell If it is not there, locate the recover.ldif file. It is in the directory where you ran the restore command. Run ICE to recover the configuration store to the previous state before you attempted the restore. Enter the following command: /opt/novell/eDirectory/bin/ice -SLDIF -f recover.ldif -C -n -DLDAP -sxxx.xxx.xxx.xxx -p636 -k -dcn=admin, o=novell -wadmin_password -F |
101002008 |
Failed to restore certificate from backup file. |
Cause: The java program (certtool.jar) restores the failed certificate. It provides command line access to various eDirectory certificate functions. Action: See the log file (ambkup.log) for specific details. The log file contains relevant parameters with error message. Assuming the back up using that you are trying to restore was successful, failure to restore is probably an incorrect parameter. Run the following command: JAVA -classpath vcdnbkup.jar:cert tool.jar com.novell.nids.bkuputil. Util -userid cn=admin,o=novell -pwd secret -vcdnUser |
101002009 |
Failed to reconfigure VCDN user objects. |
Cause: VCDN user objects were not restored with their passwords. Device Manager will not start up until the passwords have been properly set. Action: This is accompanied with an error x01004xxx. Refer to that error. |
certtool utility |
||
201003002 |
IP address is missing. |
Cause: certtool.jar was launched without the -edirIP option. A script file might have been incorrectly modified. Action: Ensure the -edirIP option is specified in the script when it launches the certtool utility. |
201003005 |
eDirectory user id missing. |
Cause: certtool.jar was launched without the -eDirUser option. A script file might have been incorrectly modified. Action: Ensure the -edirUser cn=admin.o=novell option is specified in the script when it launches the certtool utility. |
201003006 |
eDirectory user password missing. |
Cause: certtool.jar was launched without the -edirPwd option. A script file may have been incorrectly modified. Action: Make sure the -edirPwd option is specified in the script when it launches the certtool utility. |
201003009 |
File name missing. |
Cause: certtool.jar was launched without the -file (name of backup file) option. A script file may have been incorrectly modified. Action: Make sure the -file option is specified in the script when it launches the certtool utility. |
201003011 |
Encryption password missing. |
Cause: certtool.jar was launched without the -pwd option. A script file may have been incorrectly modified. Action: Make sure the -pwd option is specified in the script when it launches the certtool utility. |
201003013 |
Name of trusted root container missing. |
Cause: certtool.jar was launched without the -trContainer (trusted root container) option. A script file may have been incorrectly modified. Action: Make sure the -trcontainer option is specified in the script when it launches the certtool utility. |
201003040 |
Failed to open backup file for writing. |
Cause: Backup was unable to create or access the backup file in which to save certificate information. Action: Ensure that user running backup sufficient rights. |
201003041 |
Failed to retrieve certificate names from eDirectory. |
Cause: A PKI or eDirectory error. Action: This error will be accompanied by an error string. |
201003042 |
Failed to retrieve certificate xxxx from eDirectory. |
Cause: The certtool failed to retrieve the certificate identified in the error. Problems have been seen trying to export certificate with pending CSRs. Action: This error will be accompanied by an error string. |
201003043 |
Failed to write certificate xxxx to backup file. |
Cause: The certificate identified in the error message did not get saved to the backup file. Action: An exception string included in the message my provide additional information. |
301003044 |
Error closing backup. |
Cause: Likely will not cause a problem. Action: Try extracting the contents of the zip file created by backup to verify the integrity of the zip file. |
201003045 |
Failed to write trusted root xxxx to backup file. |
Cause: The trusted root identified in error messages did not get saved to the backup file. Action: An exception string included in the message might provide additional information. |
201003046 |
Failed to retrieve trusted root xxxx from eDirectory. |
Cause: The certtool failed to retrieve the trusted root identified in the error. Likely a PKI or eDirectory error. Action: This error will be accompanied by an error string. |
201003048 |
Not all items were backed up. |
Cause: See accompanying errors. Action: Refer to previous error messages to identify which certificates or trusted roots were not backed up. |
201003049 |
Failed to retrieve the CA xxxx from eDirectory. Likely a PKI or eDirectory error. |
Cause: The certtool failed to retrieve the CA key identified in the error. Action: This error will be accompanied by an error string. |
201003050 |
Failed to write CA key xxxx to backup file. |
Cause: The CA key identified in the error did not get written to the backup file. Action: An exception string included in the message my provide additional information. |
201003051 |
Failed to open backup file for reading. |
Action: Make sure the backup file exists. Do not include .ldif or .zip in the name of the back up file. Action: Ensure the user logged in has sufficient rights to access the file. |
201003052 |
Not all items were restored. |
Cause: See accompanying errors. Action: Refer to previous error messages to identify which certificates or trusted roots were not backed up. |
301003053 |
Error closing backup. |
Action: This error occurred after all restore operations had completed. Should not cause any problem. |
201003056 |
Error importing CA key: xxxx |
Action: The CA key was not restored. See the accompanying Error for more information. Likely a PKI error. Action: Make sure the password you provided matches the encryption password used when backing up the data. |
201003057 |
Error importing key: xxxx |
Cause: The CA key was not restored. See the accompanying Error for more information. Likely a PKI error. Action: Make sure the password you provided matches the encryption password used when backing up the data. |
201003058 |
Error importing trusted root: xxxx |
Cause: The trusted root was not restored. See the accompanying Error for more information. Likely a PKI error. |
VCDN configuration |
||
201004001 |
Failed to configure VCDN objects for data store access. |
The VCDN user objects were not restored with their passwords. Device Manager will not start up until the passwords have been properly set. Cause: The vcdnbkup.jar utility failed to reset passwords for VCDN objects. This causes errors starting up device manager. Action: Make sure /opt/volera/roma/conf/vcdn.conf file is present and has the correct information. To fix, run the following command in /opt/novell/devman/bin: java -jar vcdnbkup.jar -userid cn=admin,o=novell -pwd admin_password -vcdnUser |
201004002 |
Application Error. |
The VCDN user objects were not restored with their passwords. Device Manager will not start up until the passwords have been properly set. Accompanied by a stack trace with more information. Cause: vcdnbkup.jar utility failed to reset passwords for VCDN objects. This will cause errors starting up device manager. Action: Make sure the information in /opt/volera/roma/conf/vcdn.conf file is correct: To fix, run the following command in /opt/novell/devman/bin: java -jar vcdnbkup.jar -userid cn=admin,o=novell -pwd admin_password -vcdnUser |