December 20th, 2010
Open directory on the Mac OSX Server platform is a great directory platform using Kerberos and LDAP however I have found that there are two steps to a flawless directory experience. Since the directory is such a delicate system I find it necessary to create a backup of the OD Master at least once a day in the event that something goes south you can restore from any day in the past with ease. The other method is to use OD Replicas, and to use them often. A replica is far easier to fix than the actual OD Master if the master goes bad, and you have no backup then you have to decommission and start over, with replicas you can demote, and recreate without even having to deal with the OD Master.
1. Backing up the OD Master with Bash
#!/bin/sh
NOW=$(date +"%m-%d-%Y")
# Path to recovery directory (permissions should be 700 -- read-only root or admin)
recover="/Volumes/ODBackup"
# Backup Open Directory
day=`date ''+%u''`
od_backup="$recover/od_backup - "$NOW""
ts=`date ''+%F''`
echo "dirserv:backupArchiveParams:archivePassword = 908239032" > $od_backup
echo "dirserv:backupArchiveParams:archivePath = $recover/od_$ts" >> $od_backup
echo "dirserv:command = backupArchive" >> $od_backup
serveradmin command < $od_backup
The above script when run on a daily basis through CRON or LAUNCHD will create a recoverable sparse disk image of your OD Master that you can use to restore from, it saves each master with a date time stamp so you can see which one is which and the instructions to restore are logged to a separate file. The two variables you must change are
# Path to recovery directory (permissions should be 700 -- read-only root or admin)
recover="/Volumes/ODBackup"
This should be the location you want your OD Master backups to live, and
echo "dirserv:backupArchiveParams:archivePassword = 908239032" > $od_backup