Backup and restore - CustomerID

Contents


This documentation describes the backup and restore procedures as well as the disaster recovery strategies for Ubisecure Ubisecure CustomerID.

Ubisecure CustomerID is used to manage user and role related data stored in Ubisecure Directory. Additionally, it uses a PostgreSQL database to store workflow related data. 

Most files related to the configuration and to the internal database, and other files, are stored in the installation directory of Ubisecure CustomerID. This makes the backup procedure simple as only one directory needs to be backed up. PostgreSQL and WildFly need to be handled separately from the Ubisecure CustomerID application. 

Backup and restore procedures are of essential importance, as they remarkably improve data safety in case of various failures. These failures may be caused by hardware failure, power outages, human errors or other unforeseen problems. Therefore, performing regular backups should be considered one of a responsible system administrator's top priorities.

The safest method of making backups is to record them on separate media, such as a network drive, tape, removable drive, and so on. It is also recommended to store your backup sets in a location separate from the system.

For best results, test the backup and restore procedures at system testing prior to production use. Thorough testing using the same data volume and system configuration as will be used in production is important.

Description of the environment

A typical installation consists of the following products:

  • Ubisecure CustomerID - Ubisecure CustomerID is used to manage user and role related data stored in Ubisecure Directory or Active Directory and in the internal SQL database.
  • Ubisecure SSO - A Ubisecure SSO installation consists of many applications including Ubisecure SSO Authentication Server (UAS in short for historical reasons) and Ubisecure SSO Management.
  • Ubisecure Directory - Ubisecure Directory is the main data repository for both Ubisecure SSO and Ubisecure CustomerID. It holds most of the configuration and user related data within the environment if Active Directory is not used as the main user repository.

Backup considerations

When you consider your backup and restore scheme, pay attention to the following aspects:

  • Backing up and restoring high data volumes can take a long time and they also consume CPU resources and possibly network bandwidth. Perform the backups and possible restore operations when the system load is at its lowest, if possible.
  • Consider carefully the impact of backing up and of restoring data to the system. For example:
    • If a password is changed after the backup is made, the new password will not work if the backup is restored. This happens because the restored data also restores the original password.
    • If an account is locked is after the backup is made, the account will become unlocked if the backup is restored. This happens because the restored data also restores the original unlocked status of the account.
  • The backup commands in this manual can be scheduled using native operating system commands such as cron or task scheduler.

Backup schedule

The following table describes the backup intervals for the typical system components.

Component

Recommended Backup Interval

Ubisecure CustomerID

Back up the Ubisecure CustomerID installation directory whenever the configuration is changed or after the product has been updated or upgraded.
Back up the SQL database daily

Typical installation paths

The tables below describe the typical installation paths for the typical system components in the Windows and Linux operating systems.

Windows

Product

Path

Ubisecure CustomerID

C:\Program Files\Ubisecure\customerid

Linux

Product

Path

Ubisecure CustomerID

/usr/local/ubisecure/customerid


Ubisecure CustomerID backup

The easiest way to backup Ubisecure CustomerID is to stop the Ubisecure CustomerID server service and copy the installation directory to the backup destination. This will copy most of the configurations and files needed in the restore operation.

If a restore is needed, the Ubisecure CustomerID directory can be copied from the backup destination back to the server and can be used as is.

The procedure is as follows:

  1. Stop the Ubisecure CustomerID server service:

    Windows:

    C:\>net stop wildfly

    Linux:

    systemctl stop wildfly
  2. Back up the installation directory:

    Windows:

    xcopy /e/q/y "C:\Program Files\Ubisecure\customerid" <BACKUP_DIRECTORY>

    Linux:

    cp -r /usr/local/ubisecure <BACKUP_DIRECTORY>

Where <BACKUP_DIRECTORY> is the path to the backup target, for example, D:\backups\25_10_2010.

Ubisecure CustomerID restore

First restore PostgreSQL and WildFly.

When a Ubisecure CustomerID application backup is restored to a fresh operating system installation, the steps are reversed compared to the backup procedure:

  1. Restore the installation directory:

    Windows:

    xcopy /e/q/y <BACKUP_DIRECTORY> "C:\Program Files\Ubisecure\customerid"

    Linux:

    cp -r <BACKUP_DIRECTORY> /usr/local/ubisecure
  2. Stop the Ubisecure CustomerID server service:

    Windows:

    C:\>net start wildfly

    Linux:

    systemctl start wildfly