This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Script For Backing Up Edirectory
Script For Backing Up Edirectory

Version management

Difference between version and

At line 1 added 358 lines
!! Script for Edirectory Backup
Based on our [Edirectory Backup Strategy], we use a scrip to perform the backups.
The script will perform a FULL backup from both [DSBK] and [LDIF] on the value of variable "FULLBACKUPDOW".
Every other day, an Incremental is performed.
The LDIF [Incremental Backup] is done based on any entry defined by the variable "LDAPPEOPLEBASE" that was modified in the last day.
The DSBK is a [Incremental Backup] as defined by Novell.
The script is expected to run on a server with [eDirectory] is installed.
The script can backup passwords to an LDIF by using [Dump Password Information Tool-Command Line Options] and setting the variable "PASSBKUP=TRUE".
%%error
[Use Entirely at Your Own Risk|Standard Disclaimer]
[CISUS.COM] nor anyone else is responsible if you use a tool or any information on this site and causes damages to anyone or anything! [You are required to read Our Standard Disclaimer|Standard Disclaimer]
%%
!! Usage
Of course you must modify this to meet your specific needs.
{{{
#!/bin/bash
#
# SCRIPT: willeke-idv-edir-backup.sh
# AUTHOR: jim@willeke.com
# DATE: 01/03/11 15:04:32
T_VER=3.1B # Script Version Number
#
# PLATFORM: SPECIFY: Linux
#
# REQUIREMENTS:
# - You must create the directories used in the script:
# - You must be certain of the proper settings for the variables in the script.
# - Assumes that eDirectory is installed on the server it runs.
#
# PURPOSE:
# Performs a dsbk and an LDIF backup on the server which the script runs.
# Does FULL and incremental
#
# REV LIST:
# DATE: 03/06/11 08:12:02
# BY: jim@Willeke.com
# MODIFICATION: Describe what was modified, new features, etc--
#
# DATE: 2011-08-16-07:02:10
# BY: jim@Willeke.com
# MODIFICATION:
# Changed the backup directory to point to the san
# From BACKUPDIR=/var/backups/edir
# to: BACKUPDIR=/export/backups/idm/edir
# Changed the backup directory to point to the san
# From LOGDIR=/var/log/iam/edir
# to: LOGDIR=/export/backups/idm/log
# Commented out the Compression commands
# Extracted variable DAYSTOKEEP so we could change the number of days to keep files.
# Fixed minor bug where /var/backups/edir was hardcoded to use BACKUPDIR.
# Changed T_VER=2.3B
# DATE: 2011-08-28-07:36:52
# BY: jim@Willeke.com
# MODIFICATION:
# Added abiity to backup passwords based on PASSBKUP
#
# set -n # Uncomment to check script syntax, without execution.
# # NOTE: Do not forget to put the # comment back in or
# # the shell script will never execute!
# set -x # Uncomment to debug this shell script
#
##########################################################
# DEFINE FILES AND VARIABLES HERE
##########################################################
# These first values will need to be set or verified for each host.
# path to eDIrectory bin directory defult is /opt/novell/eDirectory/bin
BINDIR=/opt/novell/eDirectory/bin
# Full path the the nds.conf config path
# Default for single instances: CONFIGFILE=/etc/opt/novell/eDirectory/conf/nds.conf
CONFIGFILE=/etc/opt/novell/eDirectory/conf/nds.conf
# Username to access the application server
USERNAME=admin.services.willeke.com
# LDAP Format Backup User
LDAPBACKUPUSER="cn=admin,ou=services,dc=willeke,dc=com"
# Username to access the application server e.g. password
PASSWORD=itisasecret
# Put the backups under here
BACKUPDIR=/var/opt/novell/eDirectory/backups
# Put the logs files here
LOGDIR=/var/opt/novell/eDirectory/backups
# How long to allow for DSBK to run in seconds
BACKUPPAUSE=100
# LDAP Format of People Container
LDAPPEOPLEBASE="ou=people,dc=willeke,dc=com"
# Day of week that is full backups
FULLBACKUPDOW=Sunday
# Maintain DAYSTOKEEP FILES
DAYSTOKEEP=14
# Perform password backup
PASSBKUP=TRUE
# JAVA_HOME
JAVA_HOME=/opt/novell/eDirectory/lib/nds-modules/jre1.6.0_20
# Path to dumpup/DumpPasswordInformation.jar
DUMPUPPATH=/root/Documents/usr/local/share/willeke/dumpup
##########################################################
# The following should not normally need to be changed
##########################################################
THIS_SCRIPT=$(basename $0)
SINGLEBAR="......................................................................"
DOUBLEBAR="======================================================================"
APPNAME=EDIRBACKUP
TREENAME=UNKNOWN
# Host name (or IP address) of application server e.g localhost
APPHOST=localhost
# Log File Name
LOGFILE=$LOGDIR/$APPNAME.log
# Set path so we know we always get the right executables
PATH=/usr/local/bin:/usr/bin:/bin
# Our Standard Date format for files
DATE=`date +%Y-%m-%d` # Datestamp e.g 2002-09-21
# Get DOW
DOW=`date +%A` # Day of the week e.g. Monday
# Get DOM
DOM=`date +%d` # Date of the Month e.g. 27
# Get Month Name
M=`date +%B` # Month e.g January
# GET WEEK NUMBER
W=`date +%V` # Week Number e.g 37
# Create a LDAP formated date for yesterday
LDAPDATELESSONE="$(date -d 'yesterday' +%Y%m%d)010000Z"
##########################################################
# DEFINE FUNCTIONS HERE
##########################################################
f_set_hostname()
if [ "$APPHOST" = "localhost" ]; then
APPHOST=`hostname`
fi
##########################################################
# Subroutine to gMake sure we have edirectory bin in path
##########################################################
f_add_edir_path()
if [ -f "$BINDIR/ndspath" ]
then
. $BINDIR/ndspath
else
f_write_and_log "WARNING: Could not find . $BINDIR/ndspath"
fi
##########################################################
# Subroutine to get tree name from CONFIGFILE
##########################################################
f_get_treename_from_conf()
{
TREENAME=`cat $CONFIGFILE | grep "n4u.base.tree-name="|cut -d= -f2`;
}
######################################################################
# Subroutine to Log to LOGFILE does not show to console
######################################################################
f_write_log ()
{
if [ -n "$LOGFILE" -a -n "$*" ]
then
printf "$*\n" >> $LOGFILE
fi
}
######################################################################
# Sends output to console and to $LOGFILE
######################################################################
f_write_and_log ()
{
if [ -n "$*" ]
then
f_write_log "$*"
printf "$*\n"
fi
}
######################################################################
# Subroutine to echo & run command
# Sends output to console and to $LOGFILE
######################################################################
f_cmd ()
# arg_1 = Command to run
{
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'` $*"
cmdOutput=`eval $*`; f_write_and_log "$cmdOutput"
}
######################################################################
# Subroutine to remove files older than X days
# Sends outpuit to console and to $LOGFILE
######################################################################
f_remove_old_files ()
{
FILEEXTENSION=$2
DELETEFILEPATH=$1
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: Deleting '$DELETEFILEPATH/$FILEEXTENSION' files older than $DAYSTOKEEP days ..."
find $DELETEFILEPATH/ -name '$FILEEXTENSION' -mtime +$DAYSTOKEEP >> /tmp/$THIS_SCRIPT.tmp
cat /tmp/$THIS_SCRIPT.tmp | while read delfil
do
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: Deleting file ${delfil}"
f_cmd rm ${delfil}
done
[[ -s /tmp/$THIS_SCRIPT.tmp ]] && { rm /tmp/$THIS_SCRIPT.tmp ;}
}
######################################################################
# Subroutine be certain the required directories and files exist
######################################################################
f_checkfilelocations ()
{
if [ ! -d "$BINDIR" ]
then
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: $BINDIR does not exist can not continue"
exit 1
fi
if [ ! -d "$BACKUPDIR" ]
then
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: $BACKUPDIR does not exist can not continue"
exit 1
fi
if [ ! -d "$LOGDIR" ]
then
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: $LOGDIR does not exist can not continue"
exit 1
fi
if [ ! -f "$CONFIGFILE" ]
then
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: $CONFIGFILE does not exist can not continue"
exit 1
fi
if [ ! -f "/etc/dsbk.conf" ]
then
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: /etc/dsbk.conf does not exist can not continue"
exit 1
fi
if [ $PASSBKUP='TRUE' ]
then
if [ ! -d "$JAVA_HOME" ]
then
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: $JAVA_HOME does not exist can not continue"
exit 1
fi
if [ ! -d "$DUMPUPPATH" ]
then
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: $DUMPUPPATH does not exist can not continue"
exit 1
fi
fi
tcommand=`cat /etc/dsbk.conf`
if [ ! -f "$tcommand" ]
then
`touch $tcommand`
fi
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: Found required config files and Directories"
}
######################################################################
# Subroutine watch file to see if it changes
######################################################################
f_wait_for_no_mods_on_file ()
{
MYCHECKFILE=$1
# Check to see if backup is complete
sleep 10
i=`ls -l $MYCHECKFILE | cut -d' ' -f6`
sleep 10
i2=`ls -l $MYCHECKFILE | cut -d' ' -f6`
while [ $i -ne $i2 ]
do
sleep 60
i=`ls -l $MYCHECKFILE | cut -d' ' -f6`
sleep 60
i2=`ls -l $MYCHECKFILE | cut -d' ' -f6`
done
}
######################################################################
# Subroutine to dump passwords
######################################################################
f_dump_passwords ()
{
if [ $PASSBKUP='TRUE' ]
then
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: Captureing Passwords "
WHEREIAM=`pwd`
$JAVA_HOME/bin/java -jar $DUMPUPPATH/DumpPasswordInformation.jar -dvAL -h 192.168.1.7 -z 30000 -Z tls -D $LDAPBACKUPUSER -w $PASSWORD -b $LDAPPEOPLEBASE >/dev/null
# Put the password ldif file in the correct place.
mv $WHEREIAM/dumppasswordinformation.ldif $BACKUPDIR/dumppasswordinformation.ldif
# add the output to the current log file
cat $WHEREIAM/warn.log >> $LOGFILE
# remove all the log files for passwords
rm $WHEREIAM/debug.log
rm $WHEREIAM/warn.log
rm $WHEREIAM/error.log
rm $WHEREIAM/output.log
else
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: Captureing Passwords not enabled!"
fi
}
##########################################################
# BEGINNING OF MAIN
##########################################################
f_set_hostname
f_add_edir_path
f_get_treename_from_conf
if [ $DOW = "$FULLBACKUPDOW" ]; then
BACKUPTYPE=FULL
else
BACKUPTYPE=INC
fi
LOGFILE=$LOGDIR/$APPNAME-$BACKUPTYPE.log
f_checkfilelocations
f_write_and_log "$DOUBLEBAR"
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: STARTED: $0 By User: $USER started $APPNAME on $APPHOST"
f_write_and_log "Backup of $APPNAME Server - $APPHOST to $BACKUPDIR See log at:$LOGFILE "
# Remove the previous temporary files.
rm /tmp/$APPNAME*
# Weekly Backup
if [ $BACKUPTYPE = "FULL" ]; then
f_remove_old_files "$BACKUPDIR" "*.gz"
f_remove_old_files "$LOGDIR" "*.log"
f_remove_old_files "$BACKUPDIR" "*.dsbk"
f_remove_old_files "$BACKUPDIR" "*.ldif"
f_write_and_log "$BACKUPTYPE Backup of $APPNAME on $APPHOST"
t_thisfile1=$DATE-$DOW-$TREENAME-$APPNAME-$APPHOST-$BACKUPTYPE
# CMD="backup -b -e $PASSWORD -f $BACKUPDIR/$t_thisfile1.dsbk -l /tmp/$APPNAME-$BACKUPTYPE.log -t -w"
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: DSBK Backup initiated "
# f_write_log "Command used: $CMD"
$BINDIR/dsbk backup -b -e $PASSWORD -f $BACKUPDIR/$t_thisfile1.dsbk -l /tmp/$APPNAME-$BACKUPTYPE.log -t -w
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: Waiting $BACKUPPAUSE seconds for DSBK backup to finish"
sleep $BACKUPPAUSE
cat /tmp/$APPNAME-$BACKUPTYPE.log >> $LOGFILE
f_write_and_log "$SINGLEBAR"
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: LDIF Backup initiated "
$BINDIR/ice -o -l /tmp/$APPNAME-$BACKUPTYPE-LDIF.log -S LDAP -s $APPHOST -p 389 -d $LDAPBACKUPUSER -w $PASSWORD -b "" -F "(objectclass=*)" -c sub -D LDIF -f $BACKUPDIR/$t_thisfile1.ldif
cat /tmp/$APPNAME-$BACKUPTYPE-LDIF.log >> $LOGFILE
f_write_and_log "$SINGLEBAR"
else
# Daily Backup
f_write_and_log "$BACKUPTYPE Backup of $APPNAME on $APPHOST"
t_thisfile1=$DATE-$DOW-$TREENAME-$APPNAME-$APPHOST-$BACKUPTYPE
# CMD="backup -i -e $PASSWORD -f $BACKUPDIR/$t_thisfile1.dsbk -l /tmp/$APPNAME-$BACKUPTYPE.log -t -w"
# f_write "Command used: $CMD"
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: DSBK Backup initiated "
$BINDIR/dsbk backup -i -e $PASSWORD -f $BACKUPDIR/$t_thisfile1.dsbk -l /tmp/$APPNAME-$BACKUPTYPE.log -t -w
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: Waiting $BACKUPPAUSE seconds for backup to finish"
sleep $BACKUPPAUSE
cat /tmp/$APPNAME-$BACKUPTYPE.log >> $LOGFILE
f_write_and_log "$SINGLEBAR"
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: LDIF Backup initiated See log at:$LOGDIR/$APPNAME-$BACKUPTYPE.log "
$BINDIR/ice -o -l /tmp/$APPNAME-$BACKUPTYPE-LDIF.log -S LDAP -s $APPHOST -p 389 -d $LDAPBACKUPUSER -w $PASSWORD -b $LDAPPEOPLEBASE -F "(&(objectclass=inetorgperson)(modifytimestamp>=$LDAPDATELESSONE))" -c sub -D LDIF -f $BACKUPDIR/$t_thisfile1.ldif
cat /tmp/$APPNAME-$BACKUPTYPE-LDIF.log >> $LOGFILE
f_write_and_log "$SINGLEBAR"
fi
f_dump_passwords
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`:Compressing Files: "
f_cmd tar cvzf $BACKUPDIR/$t_thisfile1.tar.gz $BACKUPDIR/$t_thisfile1.*
f_cmd rm $BACKUPDIR/$t_thisfile1.dsbk*
f_write_and_log "`date '+%Y-%m-%d %H:%M:%S'`: FINISHED: $0 on $APPHOST Check log file: $LOGFILE "
f_write_and_log "$DOUBLEBAR"
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop