Linux: All scripts call the getparams.sh script to request the parameters from users. The defbkparm.sh script is created by the Access Manager installation. It contains the default parameters for different options required by the underlying backup and restore utilities. If the entries in this file are commented out, the user is prompted for additional parameters.
Windows: The default parameters are specified in the defbkparm.properties file. It contains the default parameters for different options required by the underlying backup and restore utilities. If the entries in this file are commented out, the user is prompted for additional parameters.
The backup script must be run on the primary Administration Console. It creates a ZIP file that contains all certificates that various devices use and an encrypted LDIF file that contains configuration parameters for all imported devices. You do not need to back up the configuration of individual devices. By backing up the primary Administration Console, you back up the configuration of all Access Manager devices.
The backup script backs up objects in the ou=accessManagerContainer.o=novell container. It does not back up the following:
Admin user account and password
Delegated administrator accounts, their passwords, or rights
Policy View user accounts, their passwords, or rights
Role Based Services (RBS) configuration
Modified configuration files on the devices such as the web.xml file
Local files installed on devices such as log files
Custom login pages, custom error pages, or custom messages
You need to perform you own backup of custom or modified configuration files.
For information on how to perform a configuration backup, see Section 24.2, Backing Up the Access Manager Configuration.
You need to restore a backup when the Administration Console fails. If another device fails, you simply replace the hardware, reinstall the device using the IP address of the failed device, and the device imports into the Administration Console and acquires the configuration of the failed device.
For the details of this process, see Section 24.4, Restoring an Identity Server and Section 24.5, Restoring an Access Gateway.
If the Administration Console fails, you need to restore the configurations you backed up. Replace the hardware and reinstall the Administration Console by using the DNS name and IP address of the failed console. Then use the restore utility to restore the certificates and the device configuration. The Administration Console notifies all devices that it is online and they resume communicating with it rather than using a secondary console.
For details of this process, see Section 24.3.1, Restoring the Configuration on a Standalone Administration Console.
If the Identity Server was installed with the Administration Console, the backup file contains only the Tomcat configuration details for the Administration Console. After you have installed the Administration Console and restored the configuration, you need to install the Identity Server. The Identity Server will acquire its configuration parameters from the Administration Console. For details of this process, see Section 24.3.2, Restoring the Configuration with an Identity Server on the Same Machine.