Command-Line Backup Methods#

This document covers the command-line interface methods for backing up and restoring the Identity Server configuration using the idsvr and idsh commands.

Overview#

The Identity Server provides two primary command-line tools for configuration management:

  • idsvr: Direct server command for configuration dump and load operations
  • idsh: Interactive shell for advanced configuration management

Command-line methods are ideal for automated backup scripts, scheduled tasks, and integration with deployment workflows.

Backup Operations#

Using the idsvr Command#

The idsvr command provides the simplest way to dump the running configuration. Execute this command on the machine where the admin node is running:

$ idsvr --dump-config

This command outputs the entire running configuration to standard output in XML format.

Key Features:

  • Direct configuration export
  • XML output format
  • Complete system configuration
  • Single command operation

Using the idsh Command#

The idsh command provides more flexibility through an interactive shell interface. This method supports both operational and configuration modes.

Interactive Mode#

In operational mode (default after starting the shell), create a complete backup using:

$ idsh
$ admin@localhost> show configuration | display xml | save /tmp/backup.xml
$ exit

Non-Interactive Mode#

For automation, use the non-interactive approach:

$ idsh -s <<< "show configuration | display xml | save /tmp/backup.xml"

Key Features:

  • Interactive and non-interactive modes
  • Flexible output destinations
  • Advanced configuration queries
  • Shell-based command chaining

Restoration Operations#

Using the idsvr Command for Restoration#

The idsvr command supports configuration restoration through the --load-config flag:

$ idsvr --load-config backup.xml

Alternative syntax using the short flag:

$ idsvr -l backup.xml

The --load-config flag completely replaces the current configuration with the contents of the specified backup file. This operation updates the running configuration database but does not modify files in ${IDSVR_HOME}/etc/init.

Restoration Process:

  1. Validation: The system validates the backup file format
  2. Replacement: Current configuration is replaced entirely
  3. Database Update: Running configuration database is updated
  4. Service Impact: Configuration changes take effect immediately

Best Practices#

Automation Integration#

  • Scripting: Integrate CLI commands into backup scripts
  • Scheduling: Use cron jobs or task schedulers for regular backups
  • Error Handling: Implement proper error checking in automated workflows
  • Logging: Capture command output for audit trails

File Management#

  • Naming Convention: Use timestamp-based naming for backup files
  • Storage Location: Store backups in secure, accessible locations
  • Retention Policy: Implement appropriate backup retention strategies
  • Permissions: Ensure proper file system permissions for backup operations

CLI backup methods produce XML configuration files that are compatible with all restoration methods, including REST API operations.

Was this helpful?

New Documentation Site Available!


Check out our new docs at curity.io/docs/identity-server/