Backup
The Samba backup script isn't installed by 'make install'. You need to you copy it from the sources directory (source4/scripting/bin/samba_backup) to somewhere like /usr/sbin, and set secure permissions:
# cp .../source4/scripting/bin/samba_backup /usr/sbin
# chown root:root /usr/sbin/samba_backup
# chmod 750 /usr/sbin/samba_backup
Adjust the following variables inside the script to your needs:
FROMWHERE=/usr/local/samba
WHERE=/usr/local/backups
DAYS=90
Create the destination folder, you have configured in the $WHERE variable and set permissions:
# mkdir /usr/local/backups
# chmod 750 /usr/local/backups
Start the backup script for a first test:
# /usr/sbin/samba_backup
If the script exits without an error, you should find three files in the destination folder:
etc.{Timestamp}.tar.bz2
samba4_private.{Timestamp}.tar.bz2
sysvol.{Timestamp}.tar.bz2
If your test backup succeeded, you should add a cron-job for daily backup:
# crontab -e
Add the following line to backup daily at 2am:
0 2 * * * /usr/sbin/samba_backup
Note: Ensure, when running the script via cron, all required binaries are in directories that are part of the $PATH variable. If the correct path isn't defined system-wide, you can either set the variable in your crontab or at the beginning of the script after the shebang (#!) line.
Restore
The following restore guide assumes that you backed-up your databases with the 'samba_backup' script. If you have your own script, adjust the steps.
Very important notes:
Never do a restore and a version change at the same time! Always restore on a system using the same Samba version as the one you created the backup on!
Always Restore on a system with the same IP and Hostname. Otherwise you will run into Kerberos and DNS issues.
Recommended: Restore on the same OS as you created the backup on.
The most important thing in a restore situation is to bring your system back to a running state. Once everything is up and tested, you can then do any required changes. Never try to make changes together with a restore!
If your whole system is broken, you will first have to setup the whole machine as described in the HowTo (Active Directory Controller).
Remove the folders, that we will restore (samba must not be running!):
# rm -rf /usr/local/samba/etc
# rm -rf /usr/local/samba/private
# rm -rf /usr/local/samba/var/locks/sysvol
Now unpack your latest working backup files to their old location:
# cd /usr/local/backups
# tar -jxf etc.{Timestamp}.tar.bz2 -C /usr/local/samba/
# tar -jxf samba4_private.{Timestamp}.tar.bz2 -C /usr/local/samba/
# tar -jxf sysvol.{Timestamp}.tar.bz2 -C /usr/local/samba/var/locks/
Rename *.ldb.bak files in the 'private' directory back to *.ldb. This can be done with GNU find and Bash:
# find /usr/local/samba/private/ -type f -name '*.ldb.bak' -print0 | while read -d $'\0' f ; do mv "$f" "${f%.bak}" ; done
# samba-tool ntacl sysvolreset
If you use Bind as DNS backend, you have to fix the hardlinks for the DNS databases:
# samba_upgradedns --dns-backend=BIND9_DLZ
The Samba backup script isn't installed by 'make install'. You need to you copy it from the sources directory (source4/scripting/bin/samba_backup) to somewhere like /usr/sbin, and set secure permissions:
# cp .../source4/scripting/bin/samba_backup /usr/sbin
# chown root:root /usr/sbin/samba_backup
# chmod 750 /usr/sbin/samba_backup
Adjust the following variables inside the script to your needs:
FROMWHERE=/usr/local/samba
WHERE=/usr/local/backups
DAYS=90
Create the destination folder, you have configured in the $WHERE variable and set permissions:
# mkdir /usr/local/backups
# chmod 750 /usr/local/backups
Start the backup script for a first test:
# /usr/sbin/samba_backup
If the script exits without an error, you should find three files in the destination folder:
etc.{Timestamp}.tar.bz2
samba4_private.{Timestamp}.tar.bz2
sysvol.{Timestamp}.tar.bz2
If your test backup succeeded, you should add a cron-job for daily backup:
# crontab -e
Add the following line to backup daily at 2am:
0 2 * * * /usr/sbin/samba_backup
Note: Ensure, when running the script via cron, all required binaries are in directories that are part of the $PATH variable. If the correct path isn't defined system-wide, you can either set the variable in your crontab or at the beginning of the script after the shebang (#!) line.
Restore
The following restore guide assumes that you backed-up your databases with the 'samba_backup' script. If you have your own script, adjust the steps.
Very important notes:
Never do a restore and a version change at the same time! Always restore on a system using the same Samba version as the one you created the backup on!
Always Restore on a system with the same IP and Hostname. Otherwise you will run into Kerberos and DNS issues.
Recommended: Restore on the same OS as you created the backup on.
The most important thing in a restore situation is to bring your system back to a running state. Once everything is up and tested, you can then do any required changes. Never try to make changes together with a restore!
If your whole system is broken, you will first have to setup the whole machine as described in the HowTo (Active Directory Controller).
Remove the folders, that we will restore (samba must not be running!):
# rm -rf /usr/local/samba/etc
# rm -rf /usr/local/samba/private
# rm -rf /usr/local/samba/var/locks/sysvol
Now unpack your latest working backup files to their old location:
# cd /usr/local/backups
# tar -jxf etc.{Timestamp}.tar.bz2 -C /usr/local/samba/
# tar -jxf samba4_private.{Timestamp}.tar.bz2 -C /usr/local/samba/
# tar -jxf sysvol.{Timestamp}.tar.bz2 -C /usr/local/samba/var/locks/
Rename *.ldb.bak files in the 'private' directory back to *.ldb. This can be done with GNU find and Bash:
# find /usr/local/samba/private/ -type f -name '*.ldb.bak' -print0 | while read -d $'\0' f ; do mv "$f" "${f%.bak}" ; done
# samba-tool ntacl sysvolreset
If you use Bind as DNS backend, you have to fix the hardlinks for the DNS databases:
# samba_upgradedns --dns-backend=BIND9_DLZ
No comments:
Post a Comment