1 (edited by c33s 2011-05-17 12:43:44)

Topic: [Problem][solved] ldap; backup don't work

i haven't worked with ldap since now, only used sql database servers. i have choosen to use ldap for iredmail (pro admin) because of having more features (i would exchance ldap version with mysql version if i could (would be great if the database abstraction feature would not be packed in a 2nd version of the programm)).

the backup results in i quite short file, see below. all my accounts are not there. what i found in google, also said that the backup, which is using slapcat, should work and dump the whole database, but it does not work.

also if i call slapcat direct on the command-line i only get the short output.
if i connect myself with the phpldapadmin, there is no problem, i can see domain and user.

any help is welcome.

the backup script only:

dn: dc=mydomain,dc=com
objectClass: top
objectClass: dcObject
objectClass: organizcomion
o: mydomain.com
dc: mydomain
structuralObjectClass: organizcomion
entryUUID: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
crecomorsName: cn=admin,dc=mydomain,dc=com
crecomeTimestamp: 20110323043759Z
entryCSN: 20110323043759.391623Z#000000#000#000000
modifiersName: cn=admin,dc=mydomain,dc=com
modifyTimestamp: 20110323043759Z

dn: cn=admin,dc=mydomain,dc=com
objectClass: simpleSecurityObject
objectClass: organizcomionalRole
cn: admin
description: LDAP administrcomor
userPassword:: passwordhash
structuralObjectClass: organizcomionalRole
entryUUID: yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
crecomorsName: cn=admin,dc=mydomain,dc=com
crecomeTimestamp: 20110323043759Z
entryCSN: 20110323043759.395618Z#000000#000#000000
modifiersName: cn=admin,dc=mydomain,dc=com
modifyTimestamp: 20110323043759Z

backup log

* Starting backup: 2011.05.11.14.22.46.
* Log file: /backup/logs/2011.05//ldap-2011.05.11.14.22.46.log.
* Backup copies: /backup/ldap/2011.05/2011.05.11.
* Dumping LDAP data into file: /backup/ldap/2011.05/2011.05.11/2011.05.11.14.22.46.ldif...
    Done
* File size:
4.0K    /backup/ldap/2011.05/2011.05.11/2011.05.11.14.22.46.ldif.bz2
* Backup complete. 

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: [Problem][solved] ldap; backup don't work

The backup script (iRedMail-x.y.z/tools/backup_openldap.sh) works fine for me here, it dumps whole LDAP tree successfully.
Could you try to execute the script like below, it will show more debug message:

# cd /path/to/iRedMail-x.y.z/tools/
# bash -xv backup_openldap.sh

Also, iRedMail doesn't create "dn: cn=admin,dc=mydomain,dc=com" by default, did you create it manually?

3

Re: [Problem][solved] ldap; backup don't work

as i mentioned before, i have no knowledge of ldap, in the section of ldap i am a plain user. that is what i have done:
- installed iredmail rc1
- entered data with iRedAdmin-Pro-LDAP-1.4.1
- tried to batch add shadow email adresses with phpldapadmin, but stoped on "duplicate data" warning
- started the official backup script which produced only the following output (also tried with exactly the commands you mentioned above):

dn: dc=domain,dc=com
objectClass: top
objectClass: dcObject
objectClass: organizcomion
o: domain.com
dc: domain
structuralObjectClass: organizcomion
entryUUID: 1330b13a-e953-102f-8cec-b55551bc0c60
crecomorsName: cn=admin,dc=domain,dc=com
crecomeTimestamp: 20110323043759Z
entryCSN: 20110323043759.391623Z#000000#000#000000
modifiersName: cn=admin,dc=domain,dc=com
modifyTimestamp: 20110323043759Z

dn: cn=admin,dc=domain,dc=com
objectClass: simpleSecurityObject
objectClass: organizcomionalRole
cn: admin
description: LDAP administrcomor
userPassword:: e1NTSEF9UEsrRCtXcUFzRkMySTdMRmdYYTFMVmF6c0xLMlZPZEc=
structuralObjectClass: organizcomionalRole
entryUUID: 13314cda-e953-102f-8ced-b55551bc0c60
crecomorsName: cn=admin,dc=domain,dc=com
crecomeTimestamp: 20110323043759Z
entryCSN: 20110323043759.395618Z#000000#000#000000
modifiersName: cn=admin,dc=domain,dc=com
modifyTimestamp: 20110323043759Z

i made a backup with ldapsearch and copied the whole ldap directory. will try to reinstall the server. but i really need a working and relyable backup solution.

4

Re: [Problem][solved] ldap; backup don't work

I updated backup tutorial below, with new section "Hot to restore from LDIF file":
http://www.iredmail.org/wiki/index.php? … FAQ/Backup

I tested backup + restore last week, it works fine. Would you like to give it a try?

5

Re: [Problem][solved] ldap; backup don't work

the problem i have ist not that i can't restore, the problem i have ist that i can't dump. the command slapcat produces the wrong output. it looks like the subnodes are missing.

one addition to the backup wiki page:
you should not mix the slapcat with ldapadd. slapcat works in the filesystem itself, ldapadd is a ldap client which works over the ldap protocol.

so the it should be: slapcat(8)/slapadd(8) OR ldapsearch(1)/ldapmodify(1)
http://stackoverflow.com/questions/7925 … p-database

for me, the ldap dump works with ldapsearch but not with slapcat. its an iredmail setup on a plain debian squeeze server. because i will reinstall the server, i can give you root access to the server if you like to investigate. i will try to setup the server again and test the backup with just a few files.

6

Re: [Problem][solved] ldap; backup don't work

it's strange that slapcat can't dump whole LDAP tree. Did you try this:

# slapcat -f /path/to/slapd.conf

If you have correct file localtion of slapd.conf in '-f', it should work as expected. Still no idea why it doesn't work for you, sorry.

c33s wrote:

you should not mix the slapcat with ldapadd. slapcat works in the filesystem itself, ldapadd is a ldap client which works over the ldap protocol.

Dump to LDIF file with slapcat, restore LDIF file with ldapadd.
May i know where i mixed slapcat with ldapadd? I can't find incorrect description in wiki page.

7

Re: [Problem][solved] ldap; backup don't work

HA! you are great defining the exact path to the slapd.conf with the -f works. i got an full dump.


you use slap... for backup and ldap... for the restore. this commands should not be mixed. because the slap commands have a different way to process the data than the ldap commands.

if you dump the data with slap... you should also restore with a slap command (slap accesses the database files directly). the ldap commands act as a regular ldap client and talk with the ldap server over the ldap protocoll. so if you would backup the data with ldapsearch then you should restore the data with ldapadd.

(i just repeat that what i have read on my search to get the ldap backup to work)


so the correct way to restore the database dumped with your backupscript (which uses slapcat) would be slapadd.

if you want to restore with ldapadd or ldapmodify you should change your backupscript to use ldapsearch for the backup

8

Re: [Problem][solved] ldap; backup don't work

c33s wrote:

you use slap... for backup and ldap... for the restore. this commands should not be mixed. because the slap commands have a different way to process the data than the ldap commands.

Understood, and fixed in wiki tutorial:
http://www.iredmail.org/wiki/index.php? … _LDIF_file

Thanks for sharing with community. smile