Backups create a snapshot of the configuration of One Identity Safeguard for Privileged Sessions (SPS) or the data which can be used for recovery in case of errors. SPS can create automatic backups of its configuration and the stored audit-trails to a remote server.

Configuring backups is a two-step process:

  1. Create a backup policy.

  2. Assign that policy to the system or a connection — depending on what it is that you wish to back up, SPS's configuration or a connection.

Creating a backup policy

Backup policies define the address of the backup server, which protocol to use to access it, and other parameters. SPS can be configured to use the Rsync, SMB/CIFS, and NFS protocols to access the backup server:

The different backup protocols assign different file ownerships to the files saved on the backup server. The owners of the backup files created using the different protocols are the following:

  • Rsync: The user provided on the web interface.

  • SMB/CIFS: The user provided on the web interface.

  • NFS: root with no-root-squash, nobody otherwise.

Caution:

SPS cannot modify the ownership of a file that already exists on the remote server. If you change the backup protocol but you use the same directory of the remote server to store the backups, make sure to adjust the ownership of the existing files according to the new protocol. Otherwise SPS cannot overwrite the files and the backup procedure fails.

Assigning a backup policy

Once you have configured a backup policy, set it as a system backup policy (for configuration backups) or data backup policy (for connections backups):

NOTE: Backup deletes all other data from the target directory. Restoring a backup deletes all other data from SPS. For details on restoring configuration and data from backup, see Restoring One Identity Safeguard for Privileged Sessions (SPS) configuration and data to the same SPS appliance.