Manualshelf

OSF DCE Administration Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series
471472473474475476477478479480
OSF DCE Administration Guide—Core Components
same tape, store the tape in a locked area with restricted access. Alternatively,
you can write the database and the key file to separate tapes and store each tape in
a different location.
3. When the backup completes, take the master replica out of maintenance state, as
follows:
dcecp> registry enable /.../giverny.com/subsys/dce/sec/master
The security server resumes accepting updates.
Note that the previous examples supplied the name of the registry master site to the
registry enable and registry disable commands. If you do not supply a registry site
name, the commands use the site named in the _s(sec_) variable. If this variable is not
set, the commands use the master registry of the machine’s default cell. See Section 36.6
for more information.
36.5.2 Procedure for Restoring the Registry Database
This section provides instructions for restoring the master replica’s database files and
master key file. The procedure assumes that the database is being restored to the same
machine from which it was backed up, and that you are using the DCE control program.
If you are moving the database to a different machine, follow the instructions in Chapter
37.
To restore the registry database to a machine, perform the following steps:
1. Log in as root at the master registry site.
2. If secd is running, stop it by issuing the registry stop command. When you use
this command, you must supply the fully qualified name of a specific replica as an
argument. The followng sample command stops the secd named master:
dcecp> registry stop /.../giverny.com/subsys/dce/sec/master
3. Copy the backup files from the backup media to the machine. If you have backed
up only the registry data files and the master key files, be sure to copy the registry
database to dcelocal/var/security/rgy_data and the master key le to
dcelocal/var/security/.mkey. Note that, because the dcelocal/var/security/.mkey
file contains the master key, restoring a backup of the registry database is useless
unless the dcelocal/var/security/.mkey file is also restored.
4. Restart the server by invoking secd with the -restore_master option, as follows:
dcelocal/bin/secd -restore_master &
This command will start secd and cause the master to mark all slaves to be
reinitialized.
5. Verify that secd starts automatically at system startup.
36 12 Tandem Computers Incorporated 124243