Restoring Open Directory from Time Machine

Avatar
Richard Charbonneau
S’abonner
 

I just ran across an ugly situation where my Open Directory account went bad and was refusing to login to any services.

I was seeing these repeated errors in the System log :

Jun 20 18:40:51 www.infrageeks.com PasswordService[168]: -[AuthDBFile getPasswordRec:putItHere:unObfuscate:]: no entries found for d24bd7b0-d8a7-11e1-ad93-000c29b10837
Jun 20 18:40:51 www.infrageeks.com log[3195]: auth: Error: od(erik,192.168.2.222): Credential operation failed because an invalid parameter was provided.
Jun 20 18:40:51 www.infrageeks.com log[3195]: auth: Error: od(erik,192.168.2.222): authentication failed for user=erik, method=CRAM-MD5

And the Password Service log was full of: Jun 20 2013 16:25:24 74348us USER: {0xd24bd7b0d8a711e1ad93000c29b10837} bad ID.

Which were all of my various devices trying to catch up on mail.

So the obvious thing to do is restore Open Directory. But I know that I had made a number of changes since the last archive operation (yes, bad me) so I needed another way to get this back up and running quickly.

I do backup the server using Time Machine, SuperDuper and zfs snapshots, so I could easily do a full rollback to a previous point in time, but I would also lose whatever mail had arrived in the meantime. And the problem is so specific, I should be able to fix it by restoring just the Open Directory data.

So here’s how to restore your Open Directory from a Time Machine backup. Some steps can be accomplished different ways, but this is probably overall the easiest way.

  • On the server, go to the Time Machine menu item and select enter Time Machine. This will mount your Time Machine disk image automatically.
  • On another machine open up an ssh session as an administrator (or you can mount the Time Machine backup image manually and do this locally) 
  • sudo bash to get a root shell (the Open Directory files are not accessible to a regular admin account)
  • Stop the Open Directory Service with “serveradmin stop dirserv” 
  • cd to /Volumes/Time Machine Backups/Backups.backupdb/servername
  • Here you will find a list of directories with the Time Machine backup sessions. Find one that is just before OD started going south and cd into it and descend to :
  • /Volumes/Time Machine Backups/Backups.backupdb/servername/date/servername/private/var/db
  • Then sync the data from the backup onto the source disk with :
  • rsync -av openldap/ /private/var/db/openldap/
  • Start the Open Directory Service with “serveradmin start dirserv” 

You should be back in business.

 

http://blog.infrageeks.com/blog/2013/6/20/restoring-open-directory-from-time-machine-on-mountain-lion.html

 

Cet article vous a-t-il été utile ?
Utilisateurs qui ont trouvé cela utile : 0 sur 0
Vous avez d’autres questions ? Envoyer une demande

0 Commentaires

Vous devez vous connecter pour laisser un commentaire.
Réalisé par Zendesk