Versions Compared

Old Version 2

changes.mady.by.user Former user

Saved on

compared with

New Version 3

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space IDS and version 8.2.0

...

  1. Stop Ubisecure Directory

  2. Back up the installation directory

    Code Block
    languagetext
    themeRDark
    cp -r /usr/local/ubisecure/ubilogin-sso/openldap <BACKUP_DIRECTORY>

    Where <BACKUP_DIRECTORY> is the path to the location where the backup will be stored, for example, mnt/backups/25_10_2010.

...

An alternative way is to export all LDAP entries using the following command:

Code Block
languagetext
themeRDark
ldapsearch -x -h <HOST> -p <PORT> -b <BASEDN> -D <USERDN> -w <PASSWORD> (objectClass=*) > <LDIF>

...

You can import a previously created export from OpenLDAP by using the ldapmodify command:

Code Block
languagetextthemeRDark
ldapmodify -a -x -h <HOST> -p <PORT> -D <USERDN> -w <PASSWORD> -f <LDIF>

...

The limiting matter is, namely, the default value of the MaxPageSize attribute. To change the default value of the MaxPageSize attribute, you can use the dsmgmt tool as described below. You must have sufficient privileges to perform these steps.

Code Block
languagetextthemeRDark
#Start command prompt
start => run => cmd

#Start dsmgmt tool
dsmgmt 

#open ldap policies
ldap policies 

#open connections
connections 

#Connect to server <host>:<port> with current user
connect to server localhost:389 

#exit connections
quit 

#Display current values. MaxPageSize is 1000
show values 

#Set new value to 10000 ( set maxpagesize to <value> )
set maxpagesize to 10000 

#Commit changes
commit changes 

#Check the new value
show values 

#quit 
quit 
quit

...

A typical installation location of the AD LDS, which should be included in the backup, is as follows:

Code Block
languagetext
themeRDark
C:\Program Files\Microsoft ADAM\UbiloginDirectory

...

Microsoft Windows 2008 Server R2 provides the dsdbutil tool, which can also be used to back up the AD LDS. The following example demonstrates how to use the tool.

Code Block
languagetextthemeRDark
dsdbutil 
activate instance UbiloginDirectory 
ifm 
create full <location> 
quit 
quit

...

The following REST request lists all organizations as plain text.

Code Block
theme
languagetextRDark
https://<CustomerID_HOST>/eidm2/services/orgs?username=<USERNAME>&password=<PASSWORD>&entities=true&recursive=true&responseIDFormat=entityName&responseFormat=string&members=true&exportMode=true

...

The following REST request lists all users in all organizations as plain text.

Code Block
languagetext
themeRDark
https://<CUSTOMERID_HOST>/eidm2/services/users?username=<USERNAME>&password=<PASSWORD>&entities=true&assignments=true&authInfo=true&recursive=true&responseIDFormat=entientity&responseFormat=string

...

The output of the REST requests can then be imported to the Ubisecure Directory by using Importtool, which can be found from the installation directory:

Code Block
languagetextthemeRDark
C:\Program Files\Ubisecure\customerid\tools\import.cmd

...

The syntax of importtool is as follows:

Code Block
theme
languagetextRDark
import.cmd <FILENAME>

Where <FILENAME> is the name of file that contains previously exported data.

...

Using the recommended backup methods, the disaster recovery can be done by following the procedure below: 

Code Block
languagetextthemeRDark
# Copy ubilogin-sso directory from backup to
C:\Program Files\Ubisecure


# Copy customerid directory from backup to
C:\Program Files\Ubisecure


# Install Ubisecure Directory if needed
 C:\Program Files\Ubisecure\ubilogin-sso\adam\ADAMSP1_x86_English.exe


# Setup Ubisecure Directory
 C:\Program Files\Ubisecure\ubilogin-sso\ubilogin>ldap\adam\adaminstall.cmd


# Stop UbiloginDirectory Service
net stop UbiloginDirectory


# Copy a backup made with the dsdbutil to Ubisecure Directory path. Note! If
# the AD LDS instance is not empty, take a backup copy of the current data.
copy <BACKUP_LOCATION>\adamntds.dit C:\Program Files\Microsoft ADAM\UbiloginDirectory\data


# Start Ubisecure Directory
net start UbiloginDirectory


# Install Ubisecure SSO Services
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\config\tomcat\install.cmd


# Install Ubisecure CustomerID services
C:\Program Files\Ubisecure\customerid\application\config\db-derby\install.cmd
C:\Program Files\Ubisecure\customerid\application\config\tomcat\install.cmd


# Stop Ubisecure CustomerID database
net stop CustomerIDDB


# Restore database
C:\Program Files\Ubisecure\customerid\db-derby>call ..\setenv.cmd
C:\Program Files\Ubisecure\customerid\db-derby>"%JRE_HOME%/bin/java" -jar "%DERBY_HOME%/lib/derbyrun.jar" ij
ij> connect 'jdbc:derby:eidm2db;restoreFrom=<BACKUP_LOCATION>';

...