Project

General

Profile

Feature #6074

Backup Script for Samba4 Active Directory Domain Controller

Added by Marco Weber almost 5 years ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Important
Assignee:
William Grzybowski
Category:
OS
Target version:
Estimated time:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:

Description

Backup Samba4 Active Directory Domain Controller

Here's a suggestion for a script to properly backup Samb4 AD DC running on FreeNAS.
The script proposed is derived from the samba_backup script, stripped, simplified and optimized in regard to where FreeNAS places samba files.

The binary /usr/local/bin/tdbbackup needed to process the ldb and tdb files is allready present in FreeNAS.

Thank you for considering to include in FreeNAS.

Cheers

Marco

More on the topic:
[[https://wiki.samba.org/index.php/Backup_and_Recovery]]

The original samba_backup script is provided by the samba project. It is available in the samba4 source: [[http://www.samba.org/samba/ftp/samba-latest.tar.gz]]
source4/scripting/bin/samba_backup
Thanks and credit to Matthieu Patou for the original samba_backup script.

samba_backup_FreeNAS (1.86 KB) samba_backup_FreeNAS script to properly backup Samb4 AD DC running on FreeNAS Marco Weber, 09/11/2014 01:18 PM

Associated revisions

Revision f69b64f3 (diff)
Added by William Grzybowski almost 3 years ago

feat(base): add samba DC backup script

Ticket: #6074

Revision f91f1215 (diff)
Added by William Grzybowski almost 3 years ago

feat(base): add samba DC backup script

Ticket: #6074
(cherry picked from commit f69b64f38e0adafe98d24025deb0f97963803c7e)

Revision b1c72860 (diff)
Added by William Grzybowski almost 3 years ago

feat(base): add samba DC backup script

Ticket: #6074
(cherry picked from commit f69b64f38e0adafe98d24025deb0f97963803c7e)

History

#1 Updated by John Hixson almost 5 years ago

  • Status changed from Unscreened to Screened

#2 Updated by Jordan Hubbard over 3 years ago

  • Assignee changed from John Hixson to Wojciech Kloska

#3 Updated by Jordan Hubbard over 3 years ago

  • Assignee changed from Wojciech Kloska to Erin Clark

#4 Avatar?id=14398&size=24x24 Updated by Kris Moore about 3 years ago

  • Assignee changed from Erin Clark to Anonymous

Over to the calsoft team. Looks like most of the script is already here.

#5 Updated by Anonymous about 3 years ago

@Kris: I have tested the script by running it manually.
So, according to my understanding I'll have to backup DC at path /usr/local/backup.
But, when should the backup command be fired is what I would like to know.
Also is the path(/usr/local/backup) correct where the backup should be taken?

Thanks,
Deepika Dhiman

#6 Avatar?id=14398&size=24x24 Updated by Kris Moore about 3 years ago

John,

Looking for a little feedback here. Does it make sense to have the backup script run on some schedule, or do we have some value in doing it at other times? I.E before an upgrade / config change? If so, does this need any GUI functionality to backup / restore on demand?

#7 Avatar?id=14398&size=24x24 Updated by Kris Moore about 3 years ago

Adding Erin also, perhaps she has some insight on how this may best be utilized.

#8 Updated by Erin Clark about 3 years ago

I like the idea of having a gui backup/restore function, and possibly have it run on upgrades for now (I haven't actually dealt with support type issues on this functionality so I don't know how often it breaks or how often users want to back it up, perhaps have an optional cron job or something that lets the user determine how often they would like to back it up)

#9 Updated by Anonymous about 3 years ago

Hi Erin, I had some questions about the implementation.
1. Where should I create the button(in GUI) to manually create Domain Cotroler backup(for user).
2. Also after selecting the "Backup Domain Controler" button, what kind of path user should be able to select to create backup. Should it be inside /mnt/ or something else? I am thinking of providing a brouse option to select the desired path.
3. By default backup will get created at /usr/local/backup during system update.

Please provide your thoughts about it.

#10 Updated by Anonymous about 3 years ago

@Marco: Can you please explain the expected enhancement needed?
Please have a look at:

1. Where should I create the button(in GUI) to manually create Domain Cotroler backup(for user)?
2. Also after selecting the "Backup Domain Controler" button, what kind of path user should be able to select to create backup? Should it be inside /mnt/ or something else? I am thinking of providing a brouse option to select the desired path.
3. By default backup will get created at /usr/local/backup during system update.

I am looking for the path to the files( Domain Controller data) that I should provide to my backup script to create backup ( Domain Controller backup). I am stuck here, please share some knowledge.

#11 Updated by Anonymous about 3 years ago

  • Status changed from Screened to 15

#12 Avatar?id=14398&size=24x24 Updated by Kris Moore about 3 years ago

1) I'm thinking probably in the Domain Controller setup page.
2) Browse button makes sense. I would allow it to be placed anywhere in /mnt, unless somebody has a good case to be made for allowing it on the system media?
3) You can leave that default I'm thinking, its a sane default.

Erin, any comments?

#13 Updated by William Grzybowski about 3 years ago

I dont like /usr/local/backup being the default. It will taint the installation media. Default could be within the system dataset, e.g. /var/db/system/whatever

#14 Avatar?id=14398&size=24x24 Updated by Kris Moore about 3 years ago

Deepika, that works for me. Change default to /var/db/system

Thanks William!

#15 Updated by Anonymous about 3 years ago

@Kris: I am unaware of the path from where I'll take the data to create backup, because according to my knowledge the DC data should be on DC itself, not on Freenas side. Also from "Domain Controller Setup" page, do you mean Domain Controller service settings under Services tab or it is inside Active Directory Advanced settings Form under Directory?

#16 Avatar?id=14398&size=24x24 Updated by Kris Moore about 3 years ago

Deepika,

Looking at this script, this appears to only backup the DC files on the FreeNAS side. In which case the directories mentioned by william make the most sense.

As for the location, I would probably list this as something in the "AD Advanced settings" form, since its not directly related to the initial connection to the DC itself.

#17 Updated by Anonymous about 3 years ago

Hi Kris, William,

I have a checkbox (if user wants to create the backup of Domain Controller) and a path field to select the path where backup should get created. If the checkbox is not selected path field should stay "disabled" or it should be invisible to user, And when user selects the checkbox he should be able to select the path. For that, I have tried to call function "toggleGeneric()" inside "gui/freeadmin/static/lib/js/freeadmin.js" but it's not getting called from "diretoryServices/forms.py", What can be the solution for this?

#18 Updated by William Grzybowski about 3 years ago

Answered on slack.

#19 Updated by Anonymous about 3 years ago

  • Status changed from 15 to Fix In Progress

#20 Updated by Anonymous almost 3 years ago

@Kris, I want to push the changes I have made for the fix, but at what path should I push the samba-backup script?
If I get to know this path I'll be able to push the changes.

#21 Avatar?id=14398&size=24x24 Updated by Kris Moore almost 3 years ago

Deepika, throw it into /usr/local/bin please, so it shows up in $PATH.

Thanks!

#22 Avatar?id=14398&size=24x24 Updated by Kris Moore almost 3 years ago

  • Target version changed from 49 to 9.10.2

#23 Updated by Anonymous almost 3 years ago

Thanks Kris,
I have created the pull request at https://github.com/freenas/freenas/pull/200

#24 Avatar?id=14398&size=24x24 Updated by Kris Moore almost 3 years ago

  • Status changed from Fix In Progress to Needs Developer Review
  • Assignee changed from Anonymous to William Grzybowski

The shell script looks fine here. William, over to you for review of the python UI bits.

#25 Updated by William Grzybowski almost 3 years ago

Kris Moore wrote:

The shell script looks fine here. William, over to you for review of the python UI bits.

I have strong concerns about the UI part which I'll have to do myself.

Do we really want it in the UI though?
Also apparently the DC feature is broken: #17872

#26 Avatar?id=14398&size=24x24 Updated by Kris Moore almost 3 years ago

Yea, you're probably right. We could just pull in the script itself, see if there is any clamor down the road to have it in the UI in any way.

#27 Updated by William Grzybowski almost 3 years ago

  • Status changed from Needs Developer Review to Fix In Progress

Kris Moore wrote:

Yea, you're probably right. We could just pull in the script itself, see if there is any clamor down the road to have it in the UI in any way.

I'll import the script then. Doc team can just document it for now.

#28 Updated by William Grzybowski almost 3 years ago

  • Status changed from Fix In Progress to Reviewed

#29 Updated by Vaibhav Chauhan over 2 years ago

  • Status changed from Reviewed to Ready For Release

#30 Updated by Vaibhav Chauhan over 2 years ago

  • Priority changed from No priority to Important

#31 Updated by Dru Lavigne over 1 year ago

  • Status changed from Ready For Release to Resolved

Also available in: Atom PDF