www.novell.com

Keeping Your Business Online with eDirectory™ Backup and Restore

Keeping Your Business Online with eDirectory™ Backup and Restore

Brian HawkinsSoftware EngineerNovell, Inc.bhawkins@novell.com

Roger HarrisonEngineering ManagerNovell, Inc.rharrison@novell.com

Vision…one NetA world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries

MissionTo solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world

Deployed Versions Novell eDirectory™ and Novell Directory Services® (NDS®)

Product Version Build Version

Platforms

NetWare 5.1 SP4 (NDS 7) DS.nlm v7.57 NetWare 5.1

NetWare 5.1 SP 4 (NDS 8) DS.nlm v8.79 NetWare 5.1

eDirectory 8 DS.nlm & DS.dlm v8.79

NetWare 5.0,Win NT/2K

eDirectory 8.5.x DS v85.23 NetWare 5.x,Win,Solaris

NetWare 6 (eDirectory 8.6) DS.nlm v10110.20 NetWare 6

eDirectory 8.6.1 DS v10210.43 NW 5.1,NW 6,Win,Solaris,Linux

NetWare 6 SP1 (eDirectory 8.6.2)

DS.nlm v10310.17 NetWare 6

eDirectory 8.6.2 DS v103xx.xx NW 5.1,NW 6,Win,Solaris,Linux

eDirectory 8.7 DS v10410.xx NW 5.1,NW 6,Win,Solaris,Linux,AIX

Differences between eDirectory and Novell Directory Services (NDS)

NetWare 6

NetWare

NDS eDirectory

NOS directory focused on managing NetWare® servers

A cross-platform, scalable, standards-based directory

used for managing identities that span all aspects of the network—eDirectory

is the foundation for eBusiness

NetWare 5

eDirectory Backup/Restore Design Goals

• High availability Ability to perform backups on a live server that is

performing updates concurrently with the backup

• Scalable Performance that enables backup of directory

servers containing tens or hundreds of millions of objects

Ability to restore in hours

• Work within the distributed nature of eDirectory

Solution: Hot Continuous Backup with Roll Forward Logging

• High availability Performs hot backups on a live server that is

performing updates concurrently with the backup

• Scalable Backup and restore entire DIB (Data Information

Base) Limited only by I/O channel bandwidth

• Work within the distributed nature of eDirectory

Keeps Roll Forward Logs to ensure recovered server matches the synchronization state that other servers in the tree expect

How Hot Backup Works

• Two “flavors” of backup Full backup includes all blocks in the entire DIB Incremental backup includes any blocks in the

DIB that were modified since the last full or incremental backup

How Hot Backup Works

Update Object

How Hot Backup Works

How Restore Works

• Restore last full backup• Apply incremental backups taken since last

full backup (in order)• Replay roll-forward logs since last incremental

backup• Verify that the synchronization status of

newly-restored DIB matches what other servers in the tree think it should be

• Open the DIB and bring the server back on line

Typical Backup Strategy

• Full backup weekly on Sunday night

• Incremental backup each night except Sunday

• Roll-forward logging enabledBackup

Schedule

Setup/Configuration

• Roll forward log settings are stored in the _ndsdb.ini file

• Roll forward logs are off by default• Changing the location of the roll forward logs

Place the logs on a separate drive system then the DIB set

Roll forward logs will contain sensitive information so control access to the roll forward log directory

Roll forward log volume must be monitored as the logs grow

Setup/Configuration (cont.)

• Maximum and minimum sizeMaximum: This is the maximum size the log can

reach before creating a new fileMinimum: After reaching this size a new log will

be started after the current transaction is finished

• Log stream files A copy of modified stream files are placed

inside the log file

Backing Up eDirectory

• Backup header contains valuable information

Backup file header is in XML format

• The backup file can be limited in sizeA 250 meg backup limited to 100 meg would be

Test.bak < 100 megTest.001 < 100 megTest.002 ~ 50 meg

Each file has its own header

• A log is kept of each backup

Backing Up eDirectory (cont.)

• Including the security files in the backup• Including other files in the backup

A file is given to the backup program that contains a list of files to include

Files are listed with a “;” between and a “;” at the end No spaces no returns These files are placed in the header of the first backup

file

sys:/system/autoexec.ncf;vol1:/personal.txt;

Backing Up eDirectory (cont.)

• Cold backups Database is closed during the backup Database can be disabled after the backup

• Provides the ability to migrate a database with security information

This method does not include file system trustee rights (NetWare only)

Restoring eDirectory

• Restore process1. NDS Database is closed2. Backup file is restored to RST3. Incremental backups and roll forward logs are

applied4. The RST database is disabled (to prevent

accidental opening)5. The RST undergoes the verification process6. On success the RST database is renamed to NDS

and opened

Restore Verification

• The restored DIB is opened and all partition entries are read

Items read Servers in replica ring Referrals for each server Local received up to vector

• Each server in the replica ring is contacted and the local received up to vector is compared to the transitive vector from the remote server

Trees Designed for Backups

• For catastrophic failure/recovery eDirectory needs to be designed so recovery can take place without using the roll forward logs

One server or a set of servers that contain replicas of the entire tree but do not share replicas• These servers are then used as master copies of the tree

and the rest of the servers are restored using replication Not configuring eDirectory for catastrophic failure

can still be restored using a lot of dsrepair work

Demo

Server 3

Server 2

X

Server 1

Demo

Server 3Server 1

Incremental Backups

Roll-Forward

Logs

Full Backup

New ServerServer

2

Updates

Demo

Server 1 Server 3

Updates

Updates

Getting More Information: BrainShare 2002

• IO206—Choices in Disaster Recovery Reviews the best strategies for providing

disaster recovery in Novell networks and presents a range of solutions from low-budget options to larger investments that provide everything plus the kitchen sink