Policy Model Backup

When you back up a PMDB, you copy the data in the Policy Model database to another directory. This includes:
capamsc141
When you back up a PMDB, you copy the data in the Policy Model database to another directory. This includes:
  • Policy information
  • The list of the Policy Model's subscribers
  • Configuration settings
  • Registry entries
  • The updates.dat file
You cannot restore a PMDB from backup files that use another platform, operating system, or version of
Privileged Access Manager
. Ensure you back up the Policy Model to a host running the same platform, operating system, and version of
Privileged Access Manager
.
Back Up a PMDB Using sepmd
When you back up the PMDB, you copy the data from the Policy Model database to a specified directory. You should store the backed up PMDB files in a secure location, preferably protected by
Privileged Access Manager
access rules.
You can use the sepmd utility to back up a PMDB on a local host. You can also use selang commands to back up a PMDB on a remote host.
Note:
You can back up a PMDB recursively. A recursive backup backs up all the PMDBs in a hierarchy to the host you specify, and modifies the PMDB subscribers so that the subscription still works when the backup is moved to the host. You can only use a recursive backup if the master and child PMDBs are deployed on the same host.
To back up a PMDB using sepmd:
  1. Lock the PMDB using the following command:
sepmd -bl pmdb_name
      The PMDB is locked and cannot send commands to its subscribers.
     2. Do one of the following:
  • Back up the PMDB using the following command:
sepmd -bh pmdb_name [destination_directory]
  • Back up the PMDB recursively using the following command:
sepmd -bh pmdb_name [destination_directory] [backup_host_name]
If you do not specify a destination directory, the backup is saved to the following directory:
ACInstallDir
/data/policies_backup/pmdb_namn
       3. Unlock the PMDB using the following command:
sepmd -ul pmdb_name
The PMDB is unlocked and can send commands to its subscribers.
Back Up a PMDB Using selang
When you back up the PMDB, you copy the data from the Policy Model database to a specified directory. You should store the backed up PMDB files in a secure location, preferably protected by
Privileged Access Manager
access rules.
You can use selang commands to back up a PMDB on a local or remote host. You can also use the sepmd utility to back up a PMDB on a local host.
You can back up a PMDB recursively. A recursive backup backs up all the PMDBs in a hierarchy to the host you specify, and modifies the PMDB subscribers so that the subscription still works when the backup is moved to the host. You can only use a recursive backup if the master and child PMDBs are deployed on the same host.
Follow these steps:
  1. (Optional) If you are using selang to connect to the PMDB from a remote host, connect to the PMDB host using the following command:
host pmdb_host_name
     2. Move to the PMD environment using the following command:
env pmd
     3. Lock the DMS using the following command:
pmd pmdb_name lock
          The PMDB is locked and cannot send commands to its subscribers.
      4. Back up the DMS database using the following command:
backuppmd pmdb_name [destination(destination_directory)] [hir_host(host_name)]
If you do not specify a destination directory, the backup is saved to the following directory:
ACInstallDir
/data/policies_backup/pmdbName
      5. Unlock the PMDB using the following command:
pmd pmdb_name unlock
The PMDB is unlocked and can send commands to its subscribers.