This article provides information about backing up the Active Roles Configuration Database.
Note: Backing up the Active Roles configuration data is not equivalent to backing up Active Directory data. The Active Directory data should be backed up separately.
BACKING UP A STANDALONE ARS DATABASE / ARS SHARED DATABASE.
Given that there is a relatively small amount of configuration data, the ARS database is usually around 50MB in size, and changes made to the database are small scale and infrequent. Therefore, it is sufficient to adopt a Simple Recovery Model for the ARS database and carry out a full backup approximately once per hour.
An alternative is to perform a differential backup at a higher frequency, perhaps once every 15 minutes, and a full backup once per day. Such a backup regime allows for manageable administration and provides adequate security for the ARS configuration data. Other methods of backup are also acceptable, depending on the customer's particular requirements.
BACKING UP AN ARS DATABASE IN A REPLICATION ENVIRONMENT
If Active Roles replication has been configured, the recovery model and backup regime for the Active Roles database itself will remain unchanged. A full backup of the Active Roles database can be carried out once per hour. Alternatively, a differential backup could be carried out at a higher frequency, perhaps once every 15 minutes, and a full backup once per day.
However, in addition to the Active Roles database, the system databases must also be included in the backup plan:
For ARS, the distribution database is by default named ActiveRoles745.
In a replication environment, it is necessary to consider two possible scenarios:
Scenario 1: the Publisher goes down
A backup of the Publisher alone may be used to restore the replication group. In the event of Publisher failure, the system databases should be restored first, followed by the Active Roles database. Then, the Active Roles Service should be installed, selecting the option to use an existing database and specifying the restored ARS database.
Scenario 2: The Subscriber goes down
In this case, no backup is required. The Subscriber can be restored by simply installing the Active Roles Service on a clean machine, and then adding the new Active Roles Service to the replication group. However, if preferred, the Publisher and all Subscribers can be backed up, and in the case of restore, individual Subscribers can be restored separately.
REFERENCES
The following links provide additional information on database recovery.
GENERAL DATABASE RECOVERY
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center