PrivacyIdea Restore Error 1045

Hi there… I’m having difficulty restoring from a created backup. The situation is we have the .tgz file which was created on a server (which recently failed with a RAID issue). I have built a new 20.04 ubuntu server (previous server was 18.04) and intalled the latest PrivacyIdea package 3.6 (previously was 3.5.1). I have copied the tgz file to the server and ran the “pi-manage backup restore” command but get the following output.

Also restoring enreyption key ‘enckey’
Restoring to /etc/privacyidea/pi.cfg with data from /var/lib/privacyidea/backup/dbdump-2021-233-1127.sql
Restoring Database.
ERROR 1045 (28000): Access denied for user ‘pi’@’‘localhost’ (using password: YES)

The restore partially works (for example the rlm_perl.ini file restores successfully) but i am no longer able to access the web server etc.

I feel like i am probably missing something obvious but have tried giving “everyone” full permissions to the tgz file and that hasn’t worked.

Could it be a problem restoring a 3.5.1 to a 3.6?

The backup was created with no encryption key and the .tgz file looks good to me, there is a sizeable .sql dump in there and all the config files.

Thanks in advance

Sorry to add to this, I have built a new server on 18.04 so that the Ubuntu versions are the same just to rule that out. Unfortunetly this still hasn’t helped and I’m still getting access denied for user ‘pi’ @ localhost.

If anyone could shed some light on this i would be incredibly greatful as otherwise i’m going to have to manually configure the server and recreate a lot of user tokens.

Thanks

Have you ensured that the connection string (username/password) for the new server matches what was in the old server?

Hi wwalker, thanks for coming back to me. I have made sure that both the Ubuntu user matches the old server and the admin account set using pi-manage admin command are the same , is there any other password strings I might be missing ?

image

Thansk for this, i have identified the password in the backup. Do I have to set this password in the live system under pi.cfg?

Thanks

I managed to get this working in the end. I had an old vmdk file for the original server which failed. Once i upgraded this vm and instaleld PI 3.6 the ‘pi-manage backup restore’ command worked with no access denied errors. Does this effectivley mean that the resotore function only works when restoring to the same server that created the backup?

as @wwalker said, You need to have the same user/password for the database access. when installing privacyIDEA from scratch (with the privacyidea-apache2 package) a new database user will be created with a different password.