Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
pborenich Trusted Contributor.
Trusted Contributor.
109 views

ndsbackup – provide encryption password in script

Dear MF community,

I have a question concerning the usage of ndsbackup utility for eDirectory with attribute encryption enabled:

Setup:

Red Hat Enterprise Linux 7.6

eDirectory 9.1.4 v40105.10

TSA Backup utility for NetIQ eDirectory 9.1.4 v40105.02

(IDM 4.7.3)

The ndsbackup man page shows the following info on using the -E switch to backup objects with encrypted attributes:

-E password               

Prompts  for password to encrypt or decrypt backup data if any attributes are marked for encryption. If you do not use this option and if you have attributes marked for encryption, the backup/restore fails with  the  "Requires  a Password" error.

We use a daily cron for our backup routine (doing dsbk and ndsbackup) and therefore need to pass the password in the script. What is the supposed syntax to privide a password for the -E switch when exucuted in the backup script?

The following statement results in ndsbackup printing the supposed usage and exiting ([PWD] being the provided password value) :

$BINDIR/ndsbackup cvf $BACKUPDIR/$t_thisfile1.ndsbak -a $USERNAME -p passstore -E [PWD] --config-file $CONFIGFILE >> /tmp/$APPNAME-$BACKUPTYPE-NDS.log 2>&1

Does anyone know how to properly pass the required encryption password here? Or is it necessary to utilize ndspassstore, similar to the syntax for the user credentials?

Many thanks and best regards,

Philipp

Labels (1)
0 Likes
1 Reply
pborenich Trusted Contributor.
Trusted Contributor.

Re: ndsbackup – provide encryption password in script

Dear community,

for those interested...

Opened a SR on the topic and got the following response:

At the moment, there does not seem to be a "proper way” of passing the <password> “argument” when using the -E switch. The mentioned behaviour might be a limitation in the utility and/or the MAN page is written ambiguously in this regard.

A bug has been filed by support and engineering will give feedback on the issue. I will you keep you posted…

Best regards,

Philipp

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.