From Zimbra :: Wiki

Jump to: navigation, search

Preferred Method Moving Users To New Machine

I believe the best method to transfer users from one ZCS machine to another ZCS machine would be to use the "move mailbox" method. The concept behind the move mailbox method is that the user's account is transferred from one host to another keeping their data intact, i.e. mail, contacts, and calendar. It will move accounts one at a time, and the account being moved will only be inaccessible for the duration of the move. Basically, you would make the new server to be an ldap replica to the old server; configure the old server to be the ldap master on the new server. Once you have moved all of the accounts to the new server/replica, promote the replica to be the master, documentation on promoting the replica to master is here: The move mailbox function can be accomplished by using the Admin Console, or by CLI. In the Admin Console, there is a button labeled "move mailbox" when you edit an account. From the CLI, here is an article detailing the zmmailboxmove, Zmmailboxmove is only available for NE.

Basically follow this methodology:

Basic Scenario would be that you have an old server called mail1, and you have a new server called mail2. You wish to transfer users from mail1 to mail2. And you are installing ZCS on mail2, configured as an ldap-replica.
Note: These steps are basically the same as the following link. Except, you will want to install all the important packages, zimbra-ldap, zimbra-mta, zimbra-store, zimbra-logger, zimbra-snmp, & zimbra-spell; basically, install the same packages on the new server, as the old server.

0) Run /opt/zimbra/libexec/zmldapenablereplica on mail1
1) Install ZCS on mail2. Use the same zcs version as mail1.
Before you begin, make note of the passwords used on the master, as you will need the same password(s) on the replica.

zmlocalconfig -s | grep pass

The password used for "Ldap Admin Password is: zmlocalconfig -s | grep zimbra_ldap_password

2) You should see something like this for the Common Configuration:

Common configuration

   1) Hostname:                                  
   2) Ldap master host:                          
   3) Ldap port:                                   389                           
   4) Ldap Admin password:                         set           <<= Make sure this is the same password used on mail1                
   5) Require secure interprocess communications:  yes                           
   6) TimeZone:                                (GMT-08.00) Pacific Time (US & Canada)

3) Next is the LDAP Configuration

Ldap configuration

   1) Status:                                 Enabled                       
   2) Create Domain:                   no   <<=Make sure this is set to no                           
   3) Ldap Root password:              set  <<=Make sure this is the same password as mail1                         
   4) Ldap Replication password:       set  <<=Make sure this is the same password as mail1                        
   5) Ldap Postfix password:           set  <<=Make sure this is the same password as mail1                         
   6) Ldap Amavis password:            set  <<=Make sure this is the same password as mail1

4) Store Configuration
Since this is an ldap replica, you shouldn't need to enable the Admin, Spam, & Ham accounts. You should be able to transfer these accounts to mail2 if you wish.

Store configuration

   1) Status:                                  Enabled                       
   2) Create Admin User:                       no                            
   3) Enable automated spam training:          no                            
   4) Global Documents Account:              
   5) SMTP host:                      

5) Move users over to the new machine, mail2. Use the Admin console, or with CLI. The account being moved will only be inaccessible for the duration of the move.
After the account is moved over, check everything was moved over:

  • E-mail messages
  • Calendar Events
  • Contacts
  • Documents

6) Promoting a Replica Server – Demoting the Master Server.
Straight forward instructions found here:
Optional - Converting the master to be a replica. Not needed if you are decommissioning the old machine. If you are decommissioning the old machine, you can remove the old server from the new machine.
Don't do this command until after the users are moved over to the new machine.

zmprov ds

NOTE: Moving from one server to the other with zmmailboxmove is a staged process. If you wish, you can leave the old server up as an ldap master or the MTA after the accounts are migrated, just to minimize the number of changes happening at one time.

7) DNS - Be sure to edit your DNS records to include the new server.
Before the migration: mail is handled by 10

After the migration: mail is handled by 10

7a) If you wish to maintain the same exact zmhostname as the old server, you'll have to change the hostname. Instructions are found here:

8) Things to consider.
- Zimlets - Be sure to install the same zimlets on the new machine as on the old machine.
- Custom Skins will need to be installed on the new machine.
- Branding will need to be configured on the new machine if you were using custom branding on the old machine.
- Don't forget to run "zmupdateauthkeys" on both machines to update their SSH keys.
- You should be able to use your existing license from the master for this multi node setup.

9) Commercial Certificate.
If the hostname stays the same, you'll need to follow the steps outlined here to reimport them:
If the hostname has changed, you'll need to generate a CSR, submit CSR to Commercial Certificate vendor, i.e. GoDaddy, and import them using the Admin Console Wizard.

Notable bug concerning resource account:

Personal tools