What to do when restoring a backup fails
The restore backup process fails sometimes. This may be caused for divergences between eBox versions. For example, due to different LDAP schemas any Debian Sarge based eBox backup restore fails in a Ubuntu based one.
If your restore has failed, that means one or more modules have failed its restore, so you could restore those ones which succeed and configure manually the remainder ones. Some modules depend on others, in this case, if the dependencies for a module fail to restore, you will need to configure them manually restoring the dependent module. If you have many of these situations you will be engaged in various configure manually - restoring dependent modules operations.
As we have said a lot or errors occurs because of LDAP schemas mismatch, so we have written a tool to import data from a LDIF file (LDAP dumped data) to the modules. Using this tool you might avoid a great deal of configuration by hand if some LDAP based module fails.
Restoring only a set of modules
The web interface to restore backup always tries to restore all the modules, if you only want to restore a set of modules you ought to use a command line tool. It is mandatory to have the backup archive in the same computer where the restore will take place. Run:
$ sudo /usr/share/ebox/ebox-restore-backup --module MODULE1_TO_RESTORE --module MODULE2_TO_RESTORE --module MODULE3_TO_RESTORE ... BACKUP_FILE
After the restore is done, keep in mind entering in the web interface in order to save changes.
Restoring module's associated data
The previous restore process restores only the modules configuration, if you want to restore also the associated data. (for instance, user's files and mails). You need to add the --full-restore flag:
$ sudo /usr/share/ebox/ebox-restore-backup --full-restore --module MODULE1_TO_RESTORE --module MODULE2_TO_RESTORE --module MODULE3_TO_RESTORE ... BACKUP_FILE
In fact, if you are interested only the associated data and want to skip the configuration restore, you can use the '--data-restore' flag:
$ sudo /usr/share/ebox/ebox-restore-backup --data-restore --module MODULE1_TO_RESTORE --module MODULE2_TO_RESTORE --module MODULE3_TO_RESTORE ... BACKUP_FILE
Overriding modules dependencies
There are modules which depend on other modules, if you try to restore one module without restoring the modules upon it depends you will get an error. This is the intended behaviour because if the dependent module has a restored configuration which is not coherent with the configuration in its dependencies you may reach a broken configuration.
However, there are some situations where you want to override this behaviour. To achieve so firstly, you must be sure that the dependencies had a correct and coherent configuration, either you have restored it correctly before, you have fixed it with the import LDIF tool or you have set up it by hand. Whatever the method you used, the dependencies configuration must be correct or you can end with an erroneous configuration.
To disable the dependencies checking add the --force-dependencies flag to the command. For example:
$ sudo /usr/share/ebox/ebox-restore-backup --force-dependencies --module MODULE1_TO_RESTORE --module MODULE2_TO_RESTORE --module MODULE3_TO_RESTORE ... BACKUP_FILE
Importing LDAP configuration
Incompatible LDAP schemas or entries may be a problems source. The schemas may be incompatible if different modules are active, due to eBox modules are able to append information to LDAP schemas. Another cause is that you are moving backups between different distributions which use conflicting LDAP schemas, such Debian Sarge and Ubuntu Hardy.
In this case, we can use the import LDIF tool to try to recreate the contents of the LDAP directory. We must follow those steps to do so:
- Activate wanted modules
The tool will import only data in modules that have been at least activated one time. This is because when we activate any module for the first time, we signal to eBox that it must take care of the associate services and it does the basic configuration to allow its management.
So if you want to import data related to a module you must enable it at least one time, you can disable it afterwards if you don't want the service active.
- Get the LDIF file
The contents of the LDAP are stored in LDIF files, you will need the file with the data you want to import. You can get the file either from a backup archive or you can create it manually.
If you have a backup archive you must follow those steps:
- unpack the archive backup
$ tar xzf FILE_NAME.tar.gz
- enter in the unpacked directory
$ cd eboxbackup
- extract modules data
$ tar xzf files.tgz
- go into the users directory and get the file
$ cd users.bak $ cp ldap.ldif DESTINATION_FOLDER
Another option is to create the LDIF file yourself, to do so you must login in the computer running the LDAP server and use this command:$ slapcat > FILE_NAME.ldif
After the command FILE_NAME.ldif will be contain all the LDAP data. - Use the import tool
You need to run the tool with superuser privileges, one wa to do so is:
$ sudo /usr/share/ebox-usersandgroups/import-from-ldif LDIF_FILE
- Save changes if needed The majority of LDAP configuration changes don't need to be explicitly saved, but here are a few that need it. Go to the web interface, click in 'Save Changes' and then accept the changes if there is any.
As last note keep in mind that modules which uses LDAP configuration can also use another sources to store some of its configuration so you restore could be not complete and you will need to establish some settings through the web interface.
