Environment
- Access Manager 4.5.x
- Access Manager 5.0
Situation
restoring a NAM backup runing
the "/opt/novell/devman/bin/ambckup.sh" script fails with:
restoring an Access Manager Backup fails if the a Trusted Root Certificate with a name including "_Tree " || "_tree " has been stored within the iManager => Certificates => Trusted Roots
Options Used:
-v -S LDIF -v -c -f __delAMContainer__.ldif -D LDAP -v -L ca.der -s login.kgast.local -p 636 -d cn=admin,o=novell
--------------------------------------------------------------
Restored configuration from /root/nambkup/login_20210810_1511.zip
--------------------------------------------------------------
Archive: /root/nambkup/login_20210810_1511.zip
extracting: /root/nambkup/delegatedusers_list
Archive: /root/nambkup/login_20210810_1511.zip
extracting: /root/nambkup/policyviewusers_list
Restoring certificates...
8/10/21 3:17 PM AM#301003056: Error importing CA key: login_tree CA. Error: PKI_E_BAD_REQUEST_SYNTAX, Error: -1214
8/10/21 3:17 PM AM#201003052: Not all items were restored.
Options:
-edirTree login_tree
-edirIP 192.168.0.170
-edirServer login.o=novell
-edirUser cn=admin.o=novell
-edirPwd **********
-restore
-file /root/nambkup/login_20210810_1511.zip
-pwd **********
-trcontainer trustedRoots.accessManagerContainer.novell
-caName login_tree CA
Resolution
- make sure there is no Trusted Root Certificate name using "_tree" or "_Tree" in the name before taking a backup of the existing Access Manager Configuration using
- another option is to avoid that the "/opt/novell/devman/bin/amrest-fn.sh" will exclude the "tr" directory within the backup.zip file by modifying the line
- from: ORIGCA=`unzip -l ${BKUP_DIR}/${BKUP_FILE}.zip | grep -i _tree | awk '{print $4,$5}'`
- to: ORIGCA=`unzip -l ${BKUP_DIR}/${BKUP_FILE}.zip | grep -iwv -e "tr"| grep -i _tree | awk '{print $4,$5}'`
Additional Information
- /opt/novell/devman/bin(amrestore.sh
- /opt/novell/devman/bin/amrest-fn.sh