Back up database in encrypted form (ARIS Server Administrator)

The best time for encrypting databases is during backup.

However, you can also back up databases in encrypted form using ARIS Server Administrator.

Prerequisite

Your user account has been assigned the Database administrator function privilege in ARIS Administration.

Procedure

  1. Start ARIS Server Administrator and connect to an ARIS server.

    You can start ARIS Server Administrator from any computer on which the ARIS client is installed either in interactive mode or command-line mode. In command-line mode you can perform actions automatically as there are no prompts in this mode. If you log in as a system user that has at least the Database administrator function privilege in ARIS Administration for each tenant, you can manage all databases of this tenant.

    You start interactive mode by clicking Start > Programs > ARIS > Administration > ARIS Server Administrator 10.0.

    You start command-line mode by opening the command prompt from the directory <ARIS installation directory>\tools\ArisAdm.

    You can use the following commands and options for the syntax of command-line mode:

    <_arisadm><version>.exe [<option>] <command> [<command argument 1>]

    or for the syntax of interactive mode:

    <command> [<command argument 1>]

    • If you use values with special characters (example: & in the password), you must enclose the value in quotes. For additional information, please refer to the help and support center for your operating system.

    • On the server, system messages in ARIS Server Administrator are always output in the ARIS installation language.

    • For example, if you use scripts for daily backups, we strongly recommend that you protect these scripts at the operating system level, or enter passwords encrypted.

    Option

    Description

    -s <server[:<port>]>

    Server on which the command should be carried out.

    -u <user> <password>

    User name and password of a system user with the required privileges.

    -l <file name>

    Enables the logging of all program operations in the specified log file. The file indicates which operation was performed at what time and with what result.

    -enc IBM<code page number>

    Specifies a code page to display diacritical characters correctly. If you do not enter an option parameter, the original character set of IBM PC 437 is used.

    If diacritical characters, such as é, ó or ñ used in Spanish, Portuguese or French are displayed as é, ó, or ñ, enter the option -enc IBM850.

    If problem occur in other languages, try other code page numbers, such as:

    850 Multilingual (DOS-Latin-1), Western Europe

    720 Arabic alphabet

    737 Greek alphabet

    775 Estonian, Lithuanian, and Latvian alphabet

    852 Slavic languages (Latin-2), Central and East Europe

    855 Cyrillic alphabet

    857 Turkish alphabet

    -cf <command file>

    Starts a command file containing executable commands.

    -sc <schema context>

    Context the schema uses. ARIS is set as the default.

    -t <tenant>

    Tenant for which the command should be carried out. The default is no tenant.

    -ssl

    The SSL connection used.

    Replace the text surrounded by <pointed brackets> by your individual values. The parts of the command that are surrounded by [brackets] are optional. You can use them if necessary. Default commands are listed below. Advanced commands are described in related documents if required.

    Command

    Description and syntax

    backup

    Saves a database <dbname> as an adb file in a directory <archivedir>.

    If the backup is started using the -c option, saving the database to the backup file starts only after all ongoing operations, such as a merge procedure or an XML import, are complete.

    Syntax

    backup <dbname>|-c |all <archivedir> [-p <password for encryption>] [<alternatename>]

    backupasn

    Extracts the state that corresponds to the specified change list number <asn> from a versioned database <dbname> to an ADB file in the directory <archivedir>. You can select either a change list number <asn> or 'head' as a state. 'head' represents the last versioned state

    Syntax

    backupasn <dbname>|all <archivedir> <asn>|head [-p <password for encryption>] [<alternatename>]

    backupsystemdb

    Saves the central system database that contains data such as filters, model templates, and scripts in an ADB file in a directory <archivedir>.

    Syntax

    backupsystemdb <archivedir> [<alternatename>]

    backupunversioned

    Saves a versioned database <dbname> as a non-versioned ADB file in a directory <archivedir>.

    Syntax

    backupunversioned <dbname> <archivedir>

    clearchartdata

    Removes statistics data that is used, for example, to generate charts displayed in ARIS Administration > Charts > Modeling. You can remove statistics data for one or all databases entirely or ahead of a certain date. The date must be given as dd/mm/yyyy.

    Syntax

    clearchartdata <dbname> [date]

    <dbname>: If you enter the name of a database, only statistic data of this specific database is deleted.

    all: Deletes statistic data of all databases on this tenant.

    date: Deletes statistic data from a certain date [dd/mm/yyy].

    copy

    Copies a database from <fromdbname> to <todbname>.

    Syntax

    copy <fromdbname> <todbname>

    createdb

    Creates a new ARIS database with the name <dbname>.

    Syntax

    createdb <dbname> [versioned]

    delete

    Deletes the database <dbname>. When using the force option, the database will be deleted even if users are logged in.

    Syntax

    delete <dbname>|all [force]

    dropversions

    Deletes all versions of a database <dbname> up to the version <new min version>.

    Syntax

    dropversions <dbname> <new min version>

    encrypt

    Encrypts passwords <password> for use in batch files.

    Syntax

    encrypt <password>

    exit

    Exits the interactive mode.

    exportscript

    Exports a script of type <MACRO|REPORT|REPORTTEMPLATE|SEMCHECK|PROFILE> with the identifier <scriptid> to an export directory <exportdirectory>.

    Syntax

    <MACRO|REPORT|REPORTTEMPLATE|SEMCHECK|PROFILE> <scriptid> <exportdirectory>

    help

    help provides an overview of all commands including syntax description and possible parameters. help <command> provides help for the command you specified.

    Syntax

    help [<command>]

    importfilter

    Imports a method filter <importfile>.

    Syntax

    importfilter <importfile>

    importscript

    Imports a script <importfile> of type <MACRO|REPORT|REPORTTEMPLATE|SEMCHECK|PROFILE> in the specified category <categoryname>.

    Syntax

    importscript <MACRO|REPORT|REPORTTEMPLATE|SEMCHECK|PROFILE> <importfile> <categoryname>

    indexstate

    Displays the status of the internal cloud search data index.

    Syntax

    indexstate <database name>

    interactive

    Starts the program in the interactive mode.

    kill

    Closes the connection <sessionid> of the current tenant.

    Syntax

    kill <sessionid>|all

    killtask

    Terminates the given server activity <taskid> on instance <instanceid>, for example, a report that is unable to complete.

    Syntax

    killtask <instance id> <task id> [force]

    To obtain the <instanceid> and <taskid> identifiers, use the monitor command.

    list

    Lists all of the tenant's registered databases. By default, only the databases of the current schema context will be listed. When using the all option, all databases will be listed (including BO databases, for example).

    Syntax

    list [all]

    lockdb

    Locks the database with the name <dbname>, or all databases. Users can no longer log in.

    Syntax

    lockdb <dbname>|all

    maintain

    Starts the regeneration of search indexes (Cloud Search) for the specified ARIS database or all ARIS databases. Given the fact that running this command may be very time-consuming, it is recommended that you run it only if an error occurs and that you schedule a corresponding maintenance window.

    Syntax

    maintain <dbname>|all

    maintainancemode

    Indicates the current maintenance mode. maintenancemode on prevents ARIS server from automatically updating databases. This can help you reduce the downtime after an ARIS server update because time-consuming maintenance jobs are automatically stopped for all databases. If you use this option, make sure to run the maintain command manually for related databases if required. If you select maintenancemode off, all database maintenance jobs are run again.

    Starts the regeneration of search indexes (Cloud Search) for the specified ARIS database or all ARIS databases. Given the fact that running this command may be very time-consuming, it is recommended that you run it only if an error occurs and that you schedule a corresponding maintenance window.

    Syntax

    maintain <dbname>|all

    Syntax

    maintainacemode on|off

    no parameter: Reports the current mode.

    on: Turns the maintenance mode on and prevents ARIS server from maintaining databases.

    off: Turns the maintenance mode off and allows ARIS server maintaining databases automatically.

    migrate

    Migrates an ARIS 7.1 or 7.2 database <dbname> from an ADB file <archive>, or migrates all ADB files from a directory <archivedir>. You need the password of the system user system to migrate an individual database. To migrate multiple databases the passwords must be supplied to every single database in command-line mode. Use the -fv option (forward versioning) to store database versions only for ARIS versions prior to 10.0.14.

    Syntax

    migrate [<archive>|<archivedir>]|<systempassword> [-fv]

    monitor

    Displays all tenant activities in progress, such as backup, XML export etc.

    rename

    Renames the database from <olddbname> to <newdbname>. When using the force option, the database will be renamed even if users are still logged in.

    Syntax

    rename <olddbname> <newdbname> [force]

    reorg

    Semantically reorganizes the database <dbname> or all databases by deleting all objects and connection definitions that do not have occurrences in any model.

    Options available:

    • CXNDEFS_IN_MATRIX_MODELS

      Connection definitions for which no occurrence exists are not deleted when used in models of type Matrix model.

    • USERDEF_CONTENT_SYMBOLS

      User-defined symbols that are not allowed by ARIS Method on the current server are replaced by the method-based default symbol.

    • USERDEF_CONTENT_MODELS

      User-defined models that are not allowed by ARIS Method on the current server are deleted.

    • USERDEF_CONTENT_ATTRS

      User-defined attributes that are not allowed by ARIS Method on the current server are deleted.

    • NO_DEFS

      If you do not set an option, object definitions for which no occurrence exists are deleted by default.

    Syntax

    <dbname>|all [options]

    restore

    Restores a database <dbname> from an ADB file <archive>, or restores all ADB/BDB files from a directory. Use the -fv option (forward versioning) to store database versions only for ARIS versions prior to 10.0.14.

    Syntax

    restore <archive>|<archivedir> [<dbname>] [-p <password for decryption>] [-b <bucket ID>] [-fv]

    restoresystemdb

    Restores the central system database that contains data such as filters, model templates, and scripts from a system database backup file (ADB) <archive>. You can also update the system database using the updatesystemdb command

    After performing an update setup, update the system configuration of each operational tenant (filters, templates, and scripts) based on the supplied system database (<ARIS installation package>..\Content\SystemDB\*.adb). Any content you have created is retained.

    Syntax

    updatesystemdb <archive>

    You can execute the command for several tenants at the same time.

    Syntax

    restoresystemdb <archive>

    restoreunversioned

    Generates a non-versioned database <dbname> from an ADB file <archive> of a versioned database. Also restores databases based on multiple ADB/BDB files of a directory.

    Syntax

    restoreunversioned <archive>|<archivedir> [<dbname>] [-p <password for decryption>]

    restoreversioned

    Generates a versioned database <dbname> from an ADB file <archive> of a non-versioned database. Also restores databases based on multiple ADB/BDB files of a directory. In case the option -no_baseline is specified, no initial version in archive is created. Use the -fv option (forward versioning) to store database versions only for ARIS versions prior to 10.0.14.

    Syntax

    restoreversioned <archive>|<archivedir> [<dbname>] [-p <password for decryption>] [-no_baseline] [-fv]

    schemacontext

    Changes the schema context of the current tenant. Possible value is aris.

    Syntax

    schemacontext <new schema context>

    server

    Changes the current ARIS server.

    Syntax

    server <server[:<port>]> <tenant> <user> [<password>] [-ssl]

    sessions

    Displays all database connections of the current tenant.

    Syntax

    sessions [byuser|bydatabase]

    set

    Displays or changes tenant settings. If no parameters are specified, all settings are displayed. If only <key> is entered, all settings are deleted. If <key> is entered together with <value>, the settings are changed accordingly.

    Syntax

    set [<key>] [<value>]

    setindexbucket

    Specifies the bucket ID for a database.

    Syntax

    setindexbucket <dbname> <bucket ID>

    setindexrank

    Sets the initial index rank for a database <dbname>. The higher the rank <rank>, the earlier the index is started during cloud search startup. The rank is a number, for example, 5.

    Syntax

    setindexrank <dbname> <rank>

    statistic

    Returns the number of all database objects.

    Syntax

    statistic <dbname>|all

    threaddump

    Triggers a thread dump on instance <instanceID>. An instance ID can refer to a runnable, such as abs <s, m, or l> or report <s, m, or l>, or to a runnable type, such as abs or report.

    The thread dump is written to the threaddump.log file.

    Syntax

    threaddump <instanceID>

    unlockdb

    Unlocks the database with the name <dbname>, or all databases.

    Syntax

    unlockdb <dbname>|all

    updatesystemdb

    After performing an update setup, update the system configuration of each operational tenant (filters, templates, and scripts) based on the supplied system database (<ARIS installation package>..\Content\SystemDB\*.adb). Any content you have created is retained.

    Syntax

    updatesystemdb <archive>

    You can execute the command for several tenants at the same time.

    userwipeout

    Clears the user identification of one or multiple deleted users from one or all databases. The attributes Last modifier, Creator, and the user name in change list descriptions is set to unknown.

    Syntax

    userwipeout <dbname>|all [<user>][,<user>]

    version

    Displays the versions of the programs and libraries in use.

    In the following example, a database is reorganized, whereby all of the objects and connections in the database that do not have an occurrence are deleted.

    Warning

    If you are using an object library, you should reorganize databases only when each object definition occurs in at least one overview model. If elements have already been created for later use but do not yet occur in models, these elements are deleted during the consolidation.

    Reorganization in interactive mode

    1. Click Start > Programs > ARIS > Administration > ARIS Server Administrator 10.0. The MS DOS input window opens and ARIS Server Administrator is launched in interactive mode.

    2. Use the server command to connect to the relevant ARIS server:

      Syntax

      server <server name>[:<port number>] <tenant> <user name>

      The parts of the command that are surrounded by brackets are optional, that is, you can use them if necessary.

      Example

      server arissrv.eur.ag:80 default system

      The password is requested.

    3. Enter the user's password. In this example, manager. The connection is established.

    4. Enter the command for the reorganization of the United Motor Group database:

      reorg "United Motor Group"

    The database is reorganized. The deleted items are listed.

    Reorganization in command-line mode

    1. Open the command prompt from the directory <ARIS installation directory>\tools\ArisAdm.

    2. Enter the command line parameters:

      Syntax

      arisadm<version> -s <server name> -t <tenant> -u <user name> <password> reorg <database name>

      Example

      arisadm.bat -s arissrv.eur.ag -t default -u system manager reorg "United Motor Group"

    The database is reorganized. The deleted items are listed.

  2. Enter the following command:

    Syntax: backup <database name> <path to archive directory> -p <password> [<database name>]

    Example: backup database1 "c:\ARIS 9.0" -p DBADMIN database2

The database is backed up in the specified directory under the name you specified.

You can restore backup copies of databases on any tenant and thus restore the database to its state before these changes were made.

When restoring encrypted databases, you must enter the password you specified when creating the backup.