Manualshelf

OSF DCE Administration Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series
101102103104105106107108109110
OSF DCE Administration Guide—Core Components
Fortunately, DCE includes features that let you back up these essential databases to
destinations of your choosing. Once you’ve begun using the DCE mechanism to back up
CDS and security data, you can redirect your traditional backup program to ignore these
DCE databases.
The cell backup operation backs up the master security database and each clearinghouse
with master replicas in the cell. This operation requires that a dced program is running
on each of the server hosts being backed up.
Prepare a cell for regular backup operations by setting up an Extended Registry Attribute
(ERA) that can specify a backup destination (typically a tape archive). Then add the
new attribute to the principals for the master DCE Security Service registry database and
all CDS clearinghouses with master replicas that you want to back up. To do this, follow
these steps:
1. Create an ERA as a string that specifies a backup destination. Name the ERA
/.:/sec/xattrschema/bckp_dest and the type pringstring. Select the ACL manager
named principal and set its four permission bits to r (read), m (manage), r (read),
and D (Delete) as shown in the following command:
dcecp> xattrschema create /.:/sec/xattrschema/bckp_dest \
-encoding printstring -aclmgr {principal r m r D}
2. Add the new ERA (bckp_dest) to the principal dce-rgy (the DCE Security Service
registry database). Set the value to be the tar filename or the device that is the
backup destination:
dcecp> principal modify dce-rgy \
-add {bckp_dest tarfilename_or_device}
3. Add the new ERA (bckp_dest) to the principal /.:/hosts/hostname/cds-server (the
CDS server). Set the value to be the tar filename or the device that is the backup
destination:
dcecp> principal modify /.:/hosts/hostname/cds-server \
-add {bckp_dest tarfilename_or_device}
Now, whenever you want to back up your registry database or CDS database, just invoke
a cell backup operation as follows:
dcecp> cell backup
You can back up another cell by including the cell name as an argument to the cell
backup operation. Note that you need the necessary permissions in the remote cell.
(Refer to the cell(8dce) reference page for the required privileges.)
5 4 Tandem Computers Incorporated 124243