On the primary Administration Console, change to the utility directory.
Linux: /opt/novell/devman/bin
Windows Server 2008: \Program Files (x86)\Novell\bin
Run the following command:
Linux: ./ambkup.sh
Windows: ambkup.bat
Specify the Access Manager administration password.
Re-specify the password for verification.
Specify a path for where you want the backup files stored. Press Enter to use the default location.
If the specified path does not exist, the backup script displays a message to confirm whether you want to create this location.
(Windows) Specify the name for the ZIP file.
Specify a password for encrypting and decrypting private keys, then re-specify it for verification.
You must use the same password for both backup and restore.
Press Enter.
NOTE:After running the backup script, check the logs to verify that no errors occurred while running the backup script. The log file location is displayed at the end of the script execution.
The backup script creates a ZIP file containing several files, including the certificate information. This file contains the following:
The configurations store’s CA key.
The certificates contained in the configuration store.
The trusted roots in the trustedRoots container of the accessManagerContainer object.
An encrypted LDIF file, containing everything found in the OU=accessManagerContainer,O=novell container.
A server.xml file containing the Tomcat configuration information for the Administration Console.
A “delegatedusers_list” file containing the details of delegated users.
A “policyviewusers_list” file containing the details of delegated users.
A “backup_info” file that contains the basic details of the system on which the backup is being taken.
The trusted roots are backed up in both the LDIF file and the ZIP file. They are added to the ZIP file so that the ZIP file has the complete certificate-related configuration.
IMPORTANT:The backup utility prompts you for a location to store the backup file. Select a location from where the backup file will not be deleted when you uninstall the product. The default locationfor Linux is /root/nambkup and for Windows it is C:/nambkup.
Name of the backup zip file stores some information. Do not change the name.
NOTE:Whenever the configuration store contains a Key Material Object (KMO) with a certificate signing request in pending state, the KMO will not be exported by using the amdiagcfg script and not be backed up by using the ambkup script.
NOTE:For security purposes, delegated users, policy view users, and users in the trusted and configuration stores are not backed up. You need to recreate them while restoring the configuration. You can find the common name and full name of these users during the restore process or in the files in the zip file.