How to Restore Open Directory Using Lion’s Server Admin
In the event that your Open Directory domain on Lion Server becomes corrupt or you lose user records, you can restore from an archive. The process is essentially the same as the backup process, but in reverse.
Before you restore from an archive, though, be cognizant of the conditions that restoring imposes. When you restore, you’re prompted to either merge or to completely restore the directory data on the server:
If you click the Restore button, the data in the archive completely destroys your existing directory data; all users, passwords, and KDC data are replaced from the archive.
If you click the Merge button, the data in the archive is combined with the existing domain data.
Prior to restoring an archive, if your directory is still working, you may want to create an additional archive as a precaution.
You can also restore an archive to a newly promoted Open Directory master that has no user data. However, if this is your plan, make sure that the new Open Directory administrator short name and numeric user ID match the old administrator’s short name and user ID when you change the server’s role from stand-alone to master.
Also realize that any Open Directory replica servers in your shared domain need to be demoted to stand-alone and then reconnected to the new master after you restore from an archive.
You can restore only from an archive that’s located on the local file system of the server. If your archives are stored elsewhere, copy them to the server’s hard drive. Then follow these steps to restore the archive:
Open Server Admin and connect to the Open Directory master server.
Click Open Directory in Server Admin’s expanded list of services and then click the Archive button.
Click the Choose button next to the Restore From field to select the location of the archive disk image or type a path.
The archive disk image won’t appear if it is mounted in the Finder. If that’s the case, eject it first by right-clicking (or Control-clicking) and choosing Eject.
Click the Restore button and then enter the password for the archive.
Server Admin processes the restoration and then enables the background directory services.
Verify the directory contents by using Workgroup Manager to browse accounts and other elements of the directory.