The VMware KB article (KB2091961) describes the Backup and Restore of the vPostgres Database for Windows and vCSA.

Here are the steps to backup a vPostgres database and export the roles and permissions from a vCSA.

Prerequirements:

  • Download and extract the linux_backup_restore.zip (Alternate VMwareKB2091961)

  • Download Export and Import scripts (ExportAndImportRoles.zip) Scripts based from Alan Renouf and Luc Dekens

  • If you don’t have, install the VMware Power CLI and PowerGUI to execute Powershell scripts

  • Disable HA – When I reconnect the ESXi hosts after the restore, with active HA, I got severall timeout errors.

Backup vPostgres Database:

  • Transfer the file backup_lin.py to /tmp on the vCSA via WinSCP or e.g. (How to enable/disable BASH on vCSA to transfer files via SCP or e.g.)
    Backup vCSA vPostgres database, roles and permissions_第1张图片

  • Login to vCSA as root

  • Make the py script executable chmod 700 /tmp/backup_lin.py

  • Execute the script python /tmp/backup_lin.py -f /tmp/VCDB.bak
    backupvPostgresRolesPermissions000002

  • Transfer the VCDB.bak via WinSCP or e.g. to your workstation.
    Backup vCSA vPostgres database, roles and permissions_第2张图片

Export roles and permissions:

  • Execute the vsphere_RightsRoles_Export.ps1 script with PowerGUI or e.g. and fill in your data

  • The script puts a vcenter-permissions.xml file to c:\

If you want to restore the database and import these roles and permissions to a new vCSA, I would suggest to “cleanup” the vcenter-permissions.xml file.
I dropped all sections with “standard VMware Roles”
Backup vCSA vPostgres database, roles and permissions_第3张图片
and all rows from the VSPHERE.LOCAL domain.
backupvPostgresRolesPermissions000005

These entries are already there in a new installation. I just want to add my AD users and groups.

 

Next possible steps are:

Install a new vCSA (with the same name and IP)

Restore and Import vPostgres database, roles and permissions