The IBM® MFA database includes details about the
system configuration, details about all registered users, their configured policies, and
authentication methods. You should regularly back up the IBM MFA database.
Before you begin
As a general best practice, you should back up the IBM MFA database at the following times:
- After configuring users, policies, or authentication methods.
- Before performing maintenance activity on the system.
- Periodically, following your local policies and procedures.
About this task
To back up the IBM MFA database, complete the following
steps:
Procedure
-
Enter the following command as root to back up the database. The resulting
/opt/IBM/MFA/mfadb.sql file contains all of the commands that are needed to
re-create the database until that time.
/usr/bin/pg_dump -f /opt/IBM/MFA/mfadb.sql -d mfadb
-
If you need to restore the database from the backup, enter the following command as root to
restore the database:
/usr/bin/psql -U root -d mfadb -f /opt/IBM/MFA/mfadb.sql
The command populates the database by running all of the commands in the
/opt/IBM/MFA/mfadb.sql file.
Important: If the existing database
is not empty, commands will fail because the entries already exist in the database. If you need to
restore the database from the backup and the existing database is not empty, you must first delete
the existing database:
- Ensure that you have a valid mfadb.sql file before you continue:
ls -l /opt/IBM/MFA/mfadb.sql
- Enter the following command as root to delete the existing
database:
dropdb mfadb
- Become the postgres user and enter the following command to create the
database:
su - postgres
createdb -O root mfadb
- Exit the postgres user account:
exit
- Enter the following command as root to restore the
database:
/usr/bin/psql -U root -d mfadb -f /opt/IBM/MFA/mfadb.sql