Backing Up/Restoring the Appliance User Role Configuration

LunaSH allows you to store a snapshot of the administrative user database (the names and status of all named LunaSH users) that can later be restored if desired.

CAUTION!   Restoring from backup restores the database of user profiles that existed at the time the backup was made. You will lose any user accounts created since the backup; passwords of existing users could be reverted without their knowledge; enabled users might be disabled; disabled users might be enabled; and any user accounts removed since that backup will be restored.

Your records should indicate when user-profile changes were made, and what those changes were. Any time you restore a backup, reconcile the changed statuses and inform anyone who is affected. For example, users need to know to use their previous password, and to change it immediately.

NOTE   While the built-in admin, operator, and monitor accounts are not deleted or added by a restore operation (those accounts are permanent), both their enabled/disabled status and their passwords are changed to whatever prevailed at the time the backup was originally taken.

To back up the appliance user role configuration

1.Connect to the appliance via SSH or a serial connection, and log in to LunaSH as admin or a custom user with an admin role (seeLogging In to LunaSH).

2.Back up the user role configuration, specifying a description for the backup file.

lunash:> sysconf config backup -description <description>

lunash:>sysconf config backup -description "Configuration Backup 17-03-01"


Created configuration backup file: myLuna_Config_20170301_1200.tar.gz


Command Result : 0 (Success)
To restore the appliance user role configuration

1.Connect to the appliance via SSH or a serial connection, and log in to LunaSH as admin or a custom user with an admin role (seeLogging In to LunaSH).

2.List the available configuration backup files.

lunash:> sysconf config list

Configuration backup files in file system:

Size    |  File Name                                                |  Description
-----------------------------------------------------------------------------------------------------
34099   |  myLuna_Config_20180507_1629.tar.gz                       |  Configuration Backup 2018-05-07

Command Result : 0 (Success)

3.Restore the user role configuration. If you only wish to restore the user configuration, excluding other services on the appliance, specify -service users.

lunash:> sysconf config restore -file <filename> [-service users]

lunash:>sysconf config restore -file myLuna_Config_20180507_1629.tar.gz -service users


WARNING !! This command restores the configuration from the backup file: myLuna_Config_20180507_1629.tar.gz.
It first creates a backup of the current configuration before restoring: myLuna_Config_20180507_1629.tar.gz.
If you are sure that you wish to proceed, then type 'proceed', otherwise type 'quit'.

> proceed
Proceeding...


Created configuration backup file: myLuna_Config_20180507_1634.tar.gz


Restore the users configuration: Succeeded.

You must either reboot the appliance or restart the service(s) for the changes to take effect.
Please check the new configurations BEFORE rebooting or restarting the services.
You can restore the previous configurations if the new settings are not acceptable.

Command Result : 0 (Success)

4.Reboot the SafeNet Luna Network HSM appliance.

lunash:> sysconf appliance reboot


Customer Support Portal

SafeNet Luna Network HSM 7.4 Product Documentation  16 December 2019  Copyright 2001-2019 Thales. All rights reserved.