The restore script replaces the existing configurations in the configuration database with the configuration in the backup of the configuration store. It should be used to restore configuration data in one of the following scenarios:
An upgrade failed and you need to return to the configuration before the upgrade.
You want to return to the backed up configuration because the current modified configuration does not meet your needs.
If the primary Administration Console machine has failed, you have lost both the configuration and the configuration database. To recover from this scenario, you need to do more than restore the configuration.
For instructions, see Section 30.1.6, Moving the Primary Administration Console to New Hardware.
The restore script cannot be used to move Administration Console to a different platform, even if the new machine is configured to use the same IP address and DNS name. The backup files contains path information that is specific to the operating system. You can convert a secondary Administration Console to a primary Administration Console. For more information, see Section 30.1.7, Converting a Secondary Administration Console into a Primary Console.
The restoration steps are dependent upon whether Administration Console is installed on its own machine or with other Access Manager components:
NOTE:Restore should be made on the same version that was used to take the backup.
Ensure that the .zip file created during the backup process is accessible.
Log in as root.
Change to the utility directory.
Linux: /opt/novell/devman/bin
Windows Server 2012: \Program Files (x86)\Novell\bin
Run the following command:
Linux: ./amrestore.sh
Windows: amrestore.bat
Specify and confirm the Access Manager administration password.
Specify the path where the backup file is stored.
Specify the name of the backup file. Do not include the .zip extension.
Specify the private key encryption password, then press Enter.
Confirm the private key encryption password, then press Enter.
(Conditional) If you have modified the Tomcat password or any other configuration on the Linux machine:
Modify the server.xml file with changes that you have made in the Tomcat directory.
/opt/novell/nam/adminconsole/conf
Restart Tomcat by running the following command:
/etc/init.d/novell-ac restart OR rcnovell-ac restart
(Windows) Reboot the machine.
If you have a secondary Administration Console installed, reboot the machines.
If any devices report certificate errors, you need to re-push the certificates.
Click Troubleshooting > Certificates.
Select the store that is reporting errors, then click Re-push certificates.
You can select multiple stores at the same time.
(Optional) To verify that the re-push of the certificates was successful, click Security > Command Status.
If you are restoring only Administration Console, other components should still function properly after the restore.
Select the type of machine Administration Console is installed on:
Whenever you run the amrestore.sh script, Administration Console is restored as a standalone Administration Console. You must perform the steps described in Step 8 to restore your Identity Server into the configuration.
Ensure that the .zip file created during the backup process is accessible.
Log in as root.
Change to the /opt/novell/devman/bin directory.
Run the following command:
./amrestore.sh
Specify the Access Manager administration user ID and password.
Specify the name of the backup file. Do not include the .zip extension.
Specify the private key encryption password, then press Enter.
Confirm the private key encryption password, then press Enter.
For Identity Server, complete the following steps after the restore process is completed:
Remove Identity Server from the cluster configuration. See Removing a Server from a Cluster Configuration.
Delete Identity Server from Administration Console. (See Managing a Cluster of Identity Servers.)
Uninstall Identity Server. (See Uninstalling the Identity Server in the NetIQ Access Manager 4.3 Installation and Upgrade Guide.
This is required if Identity Server is installed on the machine. If you installed Identity Server before running the amrestore.sh script, you need to uninstall Identity Server.
Install Identity Server. (See Installing the Identity Server on Windows in the NetIQ Access Manager 4.3 Installation and Upgrade Guide.
If you have customized login pages, error pages, messages, or configuration files, copy these files to Identity Server.
Reassign Identity Server to the cluster configuration that it was removed from. (See Assigning an Identity Server to a Cluster Configuration
.)
Update Identity Server.
(Conditional) If any devices report certificate errors, you need to re-push the certificates.
Click Troubleshooting > Certificates.
Select the store that is reporting errors, then click Re-push certificates.
You can select multiple stores at the same time.
(Optional) To verify that the re-push of the certificates was successful, click Security > Command Status.
To perform a restore when an Administration Console and an Identity Server are installed on the same machine:
Log in to as an administrator user.
Run the Access Manager restore utility.
From a command line, change to the utility directory:
Windows Server 2012: \Program Files (x86)\Novell\bin directory.
Specify amrestore.bat.
Answer the prompts.
Remove Identity Server from the cluster configuration. (See Removing a Server from a Cluster Configuration
.)
Delete Identity Server from Administration Console. (See Managing a Cluster of Identity Servers
.)
Install Identity Server on Administration Console. (See Installing the Identity Server on Windows in the NetIQ Access Manager 4.3 Installation and Upgrade Guide
.
If you have customized login pages, error pages, messages, or configuration files, copy these files to Identity Server.
Reassign Identity Server to the cluster configuration that it was removed from. (See Assigning an Identity Server to a Cluster Configuration
.)
Update Identity Server.