[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: BDB backup and security

To: openldap-software@OpenLDAP.org
Subject: Re: BDB backup and security
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Tue, 22 Apr 2003 11:49:13 -0700
Content-disposition: inline
In-reply-to: <DC7AAC9FAF16D711B8A7000629A81695676BAA@C010893.winterthur.ch>
References: <DC7AAC9FAF16D711B8A7000629A81695676BAA@C010893.winterthur.ch>

--On Tuesday, April 22, 2003 7:50 PM +0200 Tarassov Vadim <Vadim.Tarassov@winterthur.ch> wrote:

Hi Quanah,

So, I personally have no input into which of
those methods is best, because that solution is not one we chose to
pursue.  If you want to think about what OpenLDAP provides as a backup
mechanism,  that is slapcat.  BDB provides db_dump or db_archive.


And what is the one you choose to pursue? You see, due to some reasons I
am paranoid when goes about security things. Putting gziped LDIF
representing your LDAP instance on corporate backup facility (sort of
TSM) is definitely not acceptable for me. How do you solve this problem
(if of course it is a problem for you)? Do you encrypt it?


Vadim,

at the top of that email, I noted.. we export via slapcat to LDIF. That LDIF file is compressed and copied into a secure location of our AFS space (controlled by AFS ACL's), with 5 days worth of exports stored there.

--Quanah


--
Quanah Gibson-Mount
Senior Systems Administrator
ITSS/TSS/Computing Systems
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

References:
- BDB backup and security
  - From: Tarassov Vadim <Vadim.Tarassov@winterthur.ch>

Prev by Date: contributing to OpenLDAP's documentation
Next by Date: host order of query
Index(es):
- Chronological
- Thread