How to export and import rules safely and rebuild the database from scratch with Access Control.

Document ID : KB000054174
Last Modified Date : 14/02/2018
Show Technical Document Details

Description

It should help you if you need to backup your Access Control database (seosdb) safely and if you need rebuild the database from scratch.

Solution

The procedure will be the following in your UNIX / LINUX environment as "root":

  1. Check if Access Control is running: Run: 'issec'

  • Stop Access Control: Run: 'secons -s'

  • You need to be inside the 'seosdb' directory: Run: 'cd /opt/CA/eTrustAccessControl/seosdb'
  • Export the existing rules: Run: 'dbmgr -e -l -f /tmp/dbrules.txt'
  • Export user-related data: Run: 'dbmgr -m -r /tmp/pmdb.pwd'
  • One level up from 'seosdb': Run: 'cd ..'
  • Create a new directory 'seosdb_new': Run: 'mkdir seosdb_new'
  • You need to be inside the new directory 'seosdb_new': Run: 'cd seosdb_new' Run: 'mkdir seosdb_new'
  • Create the new database files from scratch: Run: 'dbmgr -create -cq' (-cq does not prompt for verification)
  • Import the rule set exported at the step D) Run: 'selang -l -d . -f /tmp/dbrules.txt'
  • Import user-related data exported at the step E) Run: 'dbmgr -m -w /tmp/pmdb.pwd'
  • One level up from 'seosdb_new': Run: 'cd ..'
  • Rename the previous seosdb directory from 'seosdb' to 'seosdb_old': Run: 'mv seosdb seosdb_old'
  • Rename the new seosdb directory created at the step G) from 'seosdb_new' to 'seosdb': Run: 'mv seosdb_new seosdb'
  • Restart Access Control: Run: 'seload'
  • The procedure will be the following in your WINDOWS environment as "Administrator":

    1. Check if Access Control is running: Run: 'net start|find "Access Control"
    2. Stop Access Control: Run: 'secons -s'
    3. You need to be inside the 'seosdb' directory: Run: 'cd \Program Files\CA\eTrustAccessControl\data\seosdb'
    4. Export the existing rules: Run: 'dbmgr -e -l -f C:\TEMP\dbrules.txt'
    5. Export user-related data: Run: 'dbmgr -m -r C:\TEMP\pmdb.pwd'
    6. One level up from 'seosdb': Run: 'cd ..'
    7. Create a new directory 'seosdb_new': Run: 'mkdir seosdb_new'
    8. You need to be inside the new directory 'seosdb_new': Run: 'cd seosdb_new'
    9. Create the new database files from scratch: Run: 'dbmgr -create -cq' (-cq does not prompt for verification)
    10. Import the rule set exported at the step D): Run: 'selang -l -f C:\TEMP\dbrules.txt'
    11. Import user-related data exported at the step E) Run: 'dbmgr -m -w C:\TEMP\pmdb.pwd'
    12. One level up from 'seosdb_new': Run: 'cd ..'
    13. Rename the previous seosdb directory from 'seosdb' to 'seosdb_old': Run: 'ren seosdb seosdb_old'
    14. Rename the new seosdb directory created at the step G) from 'seosdb_new' to 'seosdb': Run: 'ren seosdb_new seosdb'
    15. Restart Access Control: run 'seosd -start'