I am working on a Solaris 11 server for the first time and am trying to set up the DR server. Usually I use trusted rsync between Production and DR to copy changed files to the latter, but this doesn't seem possible now that root is a role.
I want to copy things like the password, group files plus home directories and some other files. They are reasonably substantial, so I only want to transfer changed files rather than all of them.
Does anyone have a solution for this without changing root back to a normal user and thereby reducing security? Needless to say my client wouldn't be keen on reduced security.
How about sending a zfs stream to DR site, on some other pool beside rpool and then copying what you require from that ?
You should be able to create a user on both sides and delegate permission to create snapshots and send/receive it, even incremental.
Then copy the required files you want to keep.
Other options is to use zfs send to a file then scp / rsync the file with regular user to other machine and recv it on DR side from file into dummy zpool or zfs filesystem.
Depending on your Solaris release, from 11.2 there are also UAR archives from which you can backup entire system and restore it on the other side, but i have found standard zfs commands to be more straightforward.
As for root user, you can enable it and exchange ssh keys for it. As an extra layer of security a you can put PermitRootLogin without-password
Auth will only be possible with keys not passwords for root user.