Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP 9000 Networking: NetWare 4.1/9000 Installation and Administration Guide > Chapter 8 Managing NetWare

Backup/ Restore NDS Tree
» 

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

NDS, by its fault-tolerant nature (partitions and replicas), should typically not need to be restored. Since replicas (duplicates) of the database should exist on other servers, if corruption occurs, the partition could be restored from a replica. Thus, only in the event of a major catastrophe that destroys all replicas of a partition, should it be necessary to to use the NDS backup/restore utilities - ndsbackup and ndsrestore.

Caveats to using:

  • These utilities are only meant for disaster recovery.

  • The utilities only work on master replicas (not read/write or read-only).

  • The utilities do not back up system, schema, bindery or external reference partitions.

  • IMPORTANT: Although the ndsrestore utility restores objects to master replicas, it can't create master replicas. The system administrator must first run the PARTMGR utility and add the partition to the tree. Then, the ndsrestore utility can be used to restore the objects.

The most important issue to understand when there is a loss of NDS data is: What is really lost? Only when you know this can you take the proper steps to restore the NDS information. An overall understanding of how NDS works and an intimate knowledge of your particular tree (including proper records of how it is set up) are essential for success. For example, it is critical to have a record of where server objects, partitions, master replicas, read/write replicas, volume objects, and admin objects are located. HP recommends that you fill out and use the worksheet provided in Appendix A of this manual to help you.

General Backup Procedures

You use the ndsbackup command to backup NDS to tape or to a local file. The -o option of this command is used for both types of backup. Refer to the ndsbackup Man page at the end of this section, for additional information about the command.

In the example below, the NDS tree is stored to the default tape:

ndsbackup -o /dev/rmt/0m

If you have a preferred backup system and do not wish to store the NDS tree to tape, you can store the NDS tree to a local file which can be backed up using your preferred backup method.

In the example below, the NDS tree is stored to a local file.

ndsbackup -o /var/opt/netware4/tree_backup

Refer to the MAN page descriptions at the end of this section for additional information.

General Restore Procedures

Whenever possible, restore NDS from another replica and then restore trustee information (if affected) from your NetWare file system tape backup. (In a well- designed tree with multiple servers, a secondary replica for all partitions should exist somewhere on the network.) If this is not feasible, follow this general process to restore using the Backup-Restore utility in the /opt/netware4/bin directory :

  1. Reinstall NDS first.

  2. Restore file system data last.

It is vital that you restore data in this order. Restoring file system data before you restore NDS objects can result in lost or incorrect trustee rights.

NDS should be functional (partitions synchronizing normally) before you proceed with a restoration. It is difficult for an NDS restore to complete successfully in a dysfunctional tree. For information on time synchronization, refer to Supervising the Network.

When restoring file systems, users with trustee rights being restored should exist in the tree at restore time. The object ID for the user on the server being restored will be used. A replica containing the object does not have to be on the server. NDS creates external references as necessary. (An external reference is a pointer to an NDS object not found locally on the server; it is used to authenticate and reference objects that are not local to the server.)

Example Restore Scenarios

The instructions in this section detail specific recovery proced ures for the following scenarios:

  • Loss of a non-SYS volume

  • Loss of a SYS volume or an entire server

  • Loss of the entire NDS tree

Depending on what part of NDS you are trying to restore, certain precautions must be taken. Review these example restore scenarios and follow the steps that are appropriate for your situation.

Scenario 1: Loss of a Non-SYS Volume

If you experience a hard disk failure that does not involve the SYS volume, you do not need to modify or reinstall NDS. All that is required is a restoration of the file system data.

To restore a volume after a hard disk failure not involving the SYS volume, follow these steps:

IMPORTANT: Do not delete the Volume object for the failed volume in the NDS tree. Leaving the Volume object intact preserves any references that other objects (such as Directory Maps and Queues) may have to that volume.

  1. Stop the server using the commands below, shut down HP-UX to replace the bad hard disk(s) by doing the following:

    1. Stop the NetWare server by running the stopnw and stopnps commands. Refer to chapter 1 in this manual for detailed information about starting and stopping the server.

    2. Shutdown the system using the /etc/shutdown -h command. Refer to your HP-UX system administrator manual for more information on /etc/shutdown -h.

    3. Replace the disk.

    4. Restart HP-UX and log in.

  2. Use your backup tape to restore the file system data. Refer to the previous section, "Restore a Single Volume" for detailed information about restoring a volume.

  3. If the NetWare server is not already started, start the server by running the following commands:

    1. To start the transport: /opt/netware4/bin/startnps.

    2. To start the services: /opt/netware4/bin/startnw.

  4. (Optional) Make sure data has been properly restored, including trustee assignments, file ownership, and other related information by spot-checking some of the restored directories and files.

    NetWare commands that might be helpful include RIGHTS /T /S (displays users, groups and other objects that have explicit trustee assignments in a directory and its subdirectories) and NDIR (displays owners and other NetWare file information).

Scenario 2: Loss of a SYS Volume or an Entire Server

Depending upon your particular configuration, a hard disk failure involving the SYS volume can affect the entire server and halt all NetWare operating system activities. Because the NDS files are stored on the SYS volume, loss of the SYS volume is equivalent to removing NDS from the server. If you lost the drive where HP-UX and NetWare Services are installed, you must also reinstall HP-UX and NetWare Services.

The procedures for loss of a SYS volume are divided into two cases: loss of the only server in a single-server network, and loss of a single server in a multiple- server network.

Scenario 2a: Single-Server Network

In a single-server network, loss of the SYS volume brings all NetWare network operations to a halt. The same situation exists if the failure affects only the hard disk(s) containing the SYS volume. Since there are no replicas in a single-server network, you can't recover any NDS information from a replica. After repairing or replacing the failed hardware, you may need to reinstall HP-UX, if HP-UX and the SYS volume are on the same HP-UX volume, and the entire NetWare Services environment, including NDS.

The next steps require three separate tape restores. First, restore the NDS database with your tape backup of Directory Services, then restore the SYS volume files, and finally restore any other affected NetWare volumes.

Reinstalling Software

To reinstall system software on a single-server network, do the following:

  1. Correct the problem that caused the server hardware to fail.

    For information on server hardware, refer to your HP-UX user guide.

  2. If required, reinstall HP-UX.

    For information on installing HP-UX, refer to your HP-UX user guide.

  3. Reinstall NetWare Services.

    For instructions on installing NetWare Services, refer to chapter 1 of the NetWare 4.1/ 9000 Installation and Administration Guide.

    NOTE: By default, only the SYS volume is configured during installation.

  4. Reinstall NDS by doing the following:

    1. Run the command: dsinstall.

      Refer to the NetWare 4.1/9000 Installation and Administration Guide for instructions on using dsinstall.

      NOTE: Use the same server name, Admin parent container, and password as were used when the backup was created

      Make sure all hard disk partitions are at least as large as they were on the previous server, and that all volumes are defined as before. (Reconfiguring your server and volumes during a restoration is not recommended.) Once your server is back up and running, you can make any changes that are necessary.

Restoring from Tapes

Use the following instructions to restore the Directory Services database, SYS volume files, and other affected NetWare volumes.

  1. Restore the entire NDS database from your tape backup. This tape should have been made when the ndsbackup command was last run. Refer to the ndsrestore Man page at the end of this chapter for additional information. For example:

    ndsrestore -i /dev/rmt/0m

  2. Restore SYS volume files and trustees from your tape backup as described in the previous section "Restore a Single Volume."

    NOTE: If your SYS volume has not been modified since NetWare Services was initially installed, you can skip step 2.

  3. Restore your tape backup of any other NetWare volumes that were affected using the same Restore procedure.

  4. If the server had volumes other than SYS that were not affected by the failure, run dsrepair to verify the integrity of the NDS database.

    Run /opt/netware4/bin dsrepair and then select the "Unattended full repair" option.

    Click on the Help button for further instructions.

  5. (Optional) Verify proper restoration of the data, trustee assignments, file ownership, and other related information by spot-checking some of the restored directories and files.

    NetWare commands that might be helpful include RIGHTS /T /S (displays users, groups and other objects that have explicit trustee assignments in a directory and its subdirectories) and NDIR (displays owners and other NetWare file information).

Scenario 2b: Multiple-Server Network (Replica Still Intact)

In a multiple-server environment, it is possible for one server to go down but for the rest of the servers that contain replicas of partitions held by the failed server to remain intact.

NDS replication should assure the most accurate backup of your NDS data. If you know, however, that your last NDS backup is more accurate than the replicas on other servers (caused by lack of network connectivity), you should follow the procedures in the last section.

The recovery process in this scenario consists of several phases:

  • PHASE 1: "Clean up" the Directory to reflect the fact that the server has been lost from the NDS tree. You should first delete the lost server's Server object and its associated Volume object from the tree. If the server held the master replica of a partition, you must use dsrepair to change a remaining replica on another server to a master replica.

    WARNING! Use the procedure outlined here only to remove the Server object for an inoperable server. For correct procedures on how to remove the Server object for an active server, see the section titled, "Removing a Functional Server from an NDS Tree" later in this chapter.

  • PHASE 2: Reinstall NetWare Services and NDS and re-establish replicas on the new server. Once you install the new server hardware, you must reinstall NetWare Services and NDS on the server. You then re-establish the replica(s) on the server from one of the servers in the replica list.

  • PHASE 3: Restore file system data on the server volume(s). Use the restore procedures described in the previous ection "Backup/restore a Volume" to restore file system data.

Use the following steps to restore a server SYS volume in a multiple-server network when replicas are intact. The steps are grouped according to the three phases identified above.

PHASE 1: Clean Up the Directory

To clean up the remnants of the failed server from the Directory, follow these steps:

  1. Using NetWare Administrator (NWAdmin) or NETADMIN, delete the Volume object(s) associated with the server that failed.

    For information on using NetWare Administrator and NETADMIN, refer to Supervising the Network.

    If any NDS objects (such as Directory Maps or Queues) have dependencies on these volumes, make sure you have a current NDS backup of these objects before you delete the Volume objects.

  2. Use PARTMGR or the Partition Manager in NWAdmin to delete the Server object of the server that failed.

    For information on using PARTMGR, refer to Supervising the Network.

    NOTE: You can't delete a Server object from NETADMIN.

  3. Check replica synchronization by doing the following:

    1. Run the command: dsrepair.

      The Available Options menu appears.

    2. Select "Advanced options menu."

    3. Select "Replica and partition operations."

      A list is displayed of all the replicas stored on this server.

    4. Select the appropriate partition.

      The Replica Options menu appears.

    5. Select "Report synchronization status of all servers."

      The utility checks the status of each partition in the tree and displays the results on the screen. Look for "OK" under the Status column.

      Some time synchronization errors might appear while NDS is trying to connect to the server you deleted. This simply means that the deletion of the Server object has not yet been fully synchronized across the replica ring. Give it time and the errors should clear up.

  4. If the failed server held a master replica of any partition, use dsrepair to designate a new master replica on a different server in the replica list.

    To change the replica type, run dsrepair on another server in the replica list that has an active read/write replica of the partition by doing the following:

    1. Run the command: dsrepair .

      The Available Options menu appears.

    2. Select "Advanced options menu."

    3. Select "Replica and partition operations."

      Normally you should use PARTMGR or the Partition Manager tool in NWAdmin to perform partition operations. This option in dsrepair is to be used only when the master replica of a partition is lost because of server or hardware failure.

    4. Select the partition you want to edit.

    5. Select "View replica ring" to see a list of servers that have replicas of the partition.

    6. Choose the server you want to hold the master replica and select "Designate this server as the master replica."

  5. Check replica synchronizing. If sync errors persist, remove the replica pointers to the failed server.

    Check synchronization as described in Step 3 above. If synchronization errors persist, remove replica pointer to the failed server using the following instructions.

    WARNING! If performed improperly, the following operation can cause serious problems in NDS. Normally, you only need to perform this operation on the server containing the master replica. NDS should synchronize the deletion to the other servers in the replica list.

    1. From the dsrepair Available Options menu, select "View replica ring."

    2. Select the name of the failed server.

    3. Select "Remove this server from the replica ring."

    4. Choose "Yes" to continue.

    5. Exit dsrepair.

Check synchronization as described in Step 3 above. If following these steps doesn't clear up the errors, perform Steps 5a-e to remove the failed server from the replica ring on every server that contains a replica of the partition in question.

PHASE 2: Reinstall NetWare Services and NDS

Once you have removed the Server and Volume objects, cleaned up the Directory and resolved all synchronization errors, proceed as follows:

  1. Install the new hard disk or server hardware.

    Follow any instructions provided by the manufacturer to verify that the server's hard disks are working. The new hard disk should have the same (or larger) storage capacity as the drive it replaces.

  2. Reinstall NetWare Services.

    Refer to chapter 1 of the NetWare 4.1/9000 Installation and Administration Guide for instructions on installing NetWare Services.

  3. Reinstall NDS by doing the following:

    1. Run the command: dsinstall.

      Refer to chapter 5 in the NetWare 4.1/9000 Installation and Administration Guide for instructions on using dsinstall.

  4. Use the Partition Manager and your replication records to re-establish replicas on the server (if necessary for bindery emulation).

    Allow the NDS information to be copied to the new server from another replica. The completion time needed to restore replicas depends on the speed of your LAN or WAN links.

    NOTE: If you need to get users back online quickly, you can wait to re-establish replicas until after you restore the file system.
PHASE 3: Restore file system data on the affected volume(s)

Continue the procedure by restoring file system data on each volume that was lost due to the server failure.

  1. Restore the entire NetWare volume from your tape backup. This tape should have been made when the ndsbackupsync command and HP-UX backup were last run. Refer to the previous section, "Backup/Restore a Volume" and follow the instructions "Procedure to Restore a Volume" for each affected volume.

    NOTE: Trustee files are most likely not affected by a SYS volume failure. If trustee files were affected, they will also be restored (as saved in the backup) at this time.

  2. Run dsrepair in unattended mode on the server to verify the integrity of the NDS database.

  3. (Optional) Verify proper restoration of the data, trustee assignments, file ownership, and other related information by spot-checking some of the restored directories and files.

    NetWare commands that might be helpful include RIGHTS /T /S (displays users, groups and other objects that have explicit trustee assignments in a directory and its subdirectories) and NDIR (displays owners and other NetWare file information).

Scenario 3: Loss of the Entire NDS Tree

If all servers on a network are destroyed because of a disaster, you must perform a compete restoration of HP-UX, NetWare Services, NDS, and file system data. This process is possible only if you have documented your NDS tree and the location of Server objects, partitions, and replicas. Use the worksheets in Appendix A of this manual. It is also important to record bindery context settings and other relevant information.

Restoring the Root Server

To restore an entire network, start with the server that held the master replica of the root partition for the NDS tree. This server is referred to as the root server. When prompted, use the same names for Organization (O) objects immediately under the Root object as existed before in the tree. Otherwise, you'll end up with new, empty containers in the restored NDS tree.

  1. Correct the problem that caused the server hardware to fail.

    For information on server hardware, refer to your HP-UX user guide.

  2. If required, reinstall HP-UX.

    For information on installing HP-UX, refer to your HP-UX user guide.

  3. Reinstall NetWare Services.

    For instructions on installing NetWare Services, refer to chapter 1 or the NetWare 4.1/ 9000 Installation and Administration Guide.

    NOTE: NOTE: By default, only the SYS volume is configured during installation.

  4. Reinstall NDS by doing the following:

    1. Run the command: dsinstall.

      Refer to chapter 5 in this manual for instructions on using dsinstall.

      Use the same server name, Admin parent container, and password that were used when the backup was created.

  5. Stop the NetWare server by running the stopnw and stopnps commands. Refer to chapter 1 in this manual for detailed information about starting and stopping the server.

  6. Re-create the NetWare volumes by doing the following in the System Administration Manager (SAM)

    1. Log into the system as root.

    2. At the HP-UX prompt, type: sam

    3. Double click Networking and Communications at the SAM main window.

    4. Double click NetWare at the Networking and Communications window.

    5. Double click File and Print Services Configuration at the Netware window.

    6. The current NetWare volumes are displayed in the object list in the middle of the screen. To add a volume, choose Add Volume from the "Actions" menu and enter the information from the following table.

      Field

      Value

      Volume Name

      Enter a name in lowercase characters.

      Name Space

      Use long file name (or not)

      Set Default Control Path (optional) default: /var/opt/netware4/NWControl/ new_vol

      Where new_vol is your new volume name. Press <Enter>to accept the default control path, or type in another valid directory.

      Security Mode

      NetWare, UNIX, Both, or None

      Volume Access

      RW, RO

      1. Enter the information about the new volume. To do so, press the Tab key to move through the data entry fields.

      2. Activate the OK button to perform the task(s) and return to the Services Configuration Window.

        For more detailed information about adding a volume, go to "Add a NetWare Volume" later in this chapter.

    7. After you have added the new volume, return to the NetWare menu in SAM.

    8. Repeat the above steps for each lost volume on the server. Then, restart NetWare.

  7. Using your recordkeeping, recreate all NDS partitions using PARTMGR or Partition Manager in NWAdmin.

    For information on using PARTMGR, refer to the NetWare Services document, Supervising the Network.

    After this process is complete you are ready to restore other servers in the network.

Restoring Other Servers in the Network

Before restoring a full NDS session, you should create a "skeleton" of your network; all servers and volumes should be up and running; their NDS objects should exist in the NDS tree in the same context as they resided in before (the dsinstall utility prompts for information on which container you want each server to be placed inside); all servers should be in communication with one another; and time synchronization should be working properly.

NOTE: If you can get some of the servers up, but not all of them, you can still proceed with the restoration. However, you may see errors and experience problems due to NDS objects having dependencies that cannot be resolved.

The User object used to create the backup session (such as Admin or equivalent) should exist in the same container, with the same password, and with the same NDS rights, as when the backup was performed.

NOTE: If applications are used that extend the schema, those should also be installed at this time. If the schema was extended when the backup was created, it should be extended before the restore is done. Otherwise, the new objects will not be restored correctly.

Once this step is completed, you still have just one partition—the Root—but (because of defaults) you now have two replicas of that partition. These are stored on the second and third servers you installed.

If your network is small and you have a server with enough disk space to hold the entire NDS tree, the restoration will go faster if you do not re-establish your former partitions and replicas yet. Use PARTMGR or the Partition Manager tool in NWAdmin to remove the two default replicas created during installation before proceeding.

In larger networks, you may not have a server with enough disk space to restore the entire NDS tree without partitioning it first. If this is the case, you should re- establish your former partitions and replicas at this time and skip to Step 4 below.

When this installation is complete, you'll have a working NDS tree containing one NetWare server with a Root partition.

  1. Complete steps 1 through 8 described at the beginning of this scenario for each of the remaining servers in the network.

    The next steps require you to re-create the partitions that held master replicas on each server.

  2. Re-create partitions for each server's master replicas using PARTMGR or the Partition Manager in NWAdmin.

    For information on using PARTMGR, refer to the NetWare Services manual Supervising the Network.

Restoring File Systems

Use the following instructions to restore the Directory Services database, SYS volume files, and other affected NetWare volumes. For each server in the network, do the following:

  1. Restore the entire NDS database from your tape backup. This tape should have been made when the ndsbackup command was last run. Refer to the ndsrestore MAN page at the end of this chapter for additional information. For example:

    ndsrestore -i /dev/rmt 0m

  2. Restore SYS volume files and trustees from your tape backup using the same HP-UX Restore procedure. Refer to the section "Restore a Volume" in this chapter for additional information.

    NOTE: If your SYS volume has not been modified since NetWare Services was initially installed, you can skip step 2.

  3. Restore your tape backup of any other NetWare volumes that were affected using the same HP-UX Restore procedure.

  4. Re-establish partition boundaries and distribute replicas to the other servers.

    Refer to your recordkeeping for the network. When you are finished your NDS tree should exist as it did before the disaster, with all partitions and replicas in place.

  5. Run dsrepair in unattended mode on each server that contains a master replica to verify the integrity of the NDS database.

  6. (Optional) Verify proper restoration of the data, trustee assignments, file ownership, and other related information by spot-checking some of the restored directories and files.

    NetWare commands that might be helpful include RIGHTS /T /S (displays users, groups and other objects that have explicit trustee assignation in a directory and its subdirectories) and NDIR (displays owners and other NetWare file information).

Removing a Functional Server from an NDS Tree

NetWare is a distributed network environment in which servers are constantly communicating with each other. If you need to permanently remove a functioning NetWare server from an NDS tree, it must be done properly using the dsinstall utility located. Do not just disconnect the server from the network! If a server is removed incorrectly, it could cause Directory synchronization problems.

  1. Run the command: dsinstall.

    The Directory Services option menu appears.

  2. Select "Remove Directory Services from this server" and press <Enter>.

  3. Answer "Yes" to the confirmation prompt, and type the password for an administrative user when prompted.

  4. Respond to the on-screen prompts to continue through the process.

    The dsinstall utility checks to make sure it is safe to remove NDS from the server. If the server holds a master replica, the utility takes care of placing the master on another server and changing this one to a read/write replica. If no downed servers or links to servers in a replica list exist, the dsinstall utility removes NDS and deletes the Server object and its associated Volume objects from the tree. When this process is finished, select "Exit" on the Directory Services Options menu.

  5. (Optional) In NETADMIN or NWAdmin, confirm that the Server object and its associated Volume objects have indeed been removed from the tree.

Backup and Restore Tips for NetWare Services

  • Use replication as the first level of protection for NDS. In multiple server networks, have at least three replicas of every NDS partition stored on various servers throughout the network.

  • Use the nwbackupsync and ndsbackup utilities perform your HP-UX backups on a regular basis.

  • Stay current with the newest operating system patches.

  • Keep a record of where NDS partitions and replicas are located. Restoring NDS is much smoother if you have a record of your partitions and replicas. Be sure to note the full name of the container into which each server is added and which replicas (if any) are stored on the server. To help you do this, a replication worksheet is included in Appendix A of this manual. You can also use dsrepair to record this information in a log file.

ndsbackup

Used to backup the NDS tree to tape or local file.

Syntax:

ndsbackup -l | [-v] -o filename

  • -l Lists all master replicas on the server.

  • -v Verbose. Prints out objects backed up.

  • -o file Backs up all master replicas on the server to the file or device specified by filename.

The ndsbackup utility first verifies that the user has sufficient rights to backup the partition. The information that gets backed consists of a header and then a series of NDS records, one for each object being backed up.

Examples:

  1. In the example below, the NDS tree is stored to the default tape:

    ndsbackup -o /dev/rmt/0m.

  2. If you have a preferred backup system and do not wish to store the NDS tree to tape, you can store the NDS tree to a local file which can be backed up using your preferred backup method.

    In the example below, the NDS tree is stored to a local file:

    ndsbackup -o /var/opt/netware4/tree_backup

ndsrestore

Use to restore NDS tree from tape or local file.

Syntax:

ndsrestore [-v] -i filename

  • -v Verbose. Prints out objects that have been restored.

  • -i filename restores all master replicas on the server to the file or device specified by the filename.

The ndsrestore utility first verifies that the user has sufficient rights to restore the partition. Assuming a master replica has been re-created and ndsrestore can't create master replicas, then ndsrestore restores each object in the replica.

Examples:

  1. In the example below, the NDS tree is restored from the default tape:

    ndsrestore -i /dev/rmt/0m.

  2. If you stored your NDS tree backup to tape, use example 1 above to restore from the default tape. If, however, you stored your NDS tree to a file, determine whether the file on the system is up-to-date, and use it, or restore that file from tape.

    ndsrestore -i /var/opt/netware4/tree_backup



Backup/Restore a Volume
  		 


Repair/Recover NDS  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1997 Hewlett-Packard Development Company, L.P.