Ajcody-Migration-Notes
Migration Issues
Actual Migration Notes Homepage
Please see Ajcody-Migration-Notes
Server Migrations
Staged means that the migration will take place in steps over time where users mailboxes will be moved to a different server. This process might involve a Split-Domain configuration or the use of LDAP replica's that would intergrate a new ZCS mailstore.
RFE/Bug's For Migration Tools
I'll try to keep track of items here when I find them.
- Migration Tool zimbra to zimbra
- http://bugzilla.zimbra.com/show_bug.cgi?id=19630
- I've made comments to this one, please see c#10. Has some suggestions about expanding zmbackup and zmrestore for migrations.
- http://bugzilla.zimbra.com/show_bug.cgi?id=19630
Staged Migration of Non-Zimbra or ZCS Server to New ZCS Server
Review the following articles:
- Split Domains
- Most likely will need the Split DNS information as well
- http://wiki.zimbra.com/index.php?title=Split_dns
- You might want to review the following if you have an Exchange server and MS DNS servers
- http://wiki.zimbra.com/index.php?title=Split_dns
- Things you might need to deviate from the Split Domain instructions
- http://wiki.zimbra.com/index.php?title=ManagingDomains
- Specifically "Domain Masquerading"
- http://wiki.zimbra.com/index.php?title=ManagingDomains
- MS Exchange instructions about mail-relaying
Staged Migration Of Complete Zimbra Server To New Zimbra Server
If your moving users to a new mailstore, please see King0770-Notes#Preferred_Method_Moving_Users_To_New_Machine for a possible solution. This process implements a new LDAP replica's with the new ZCS mailstore. Over time you migrate the account to new ZCS with zmmailboxmove. Once the accounts have all been moved, you prompt the LDAP Replica configuration on the new ZCS server to be the LDAP master. Adjust for the MTA configuration and then retire the old box.
The rsync method, described in Ajcody-Notes#Server_Move_To_Same_Platform_64bit_And_OS_Type_Version would require downtime.
Staged Migration of Zimbra Server Domains To Zimbra Server With Existing Domains
First Thoughts
The process would involve migrating the LDAP data for the domain from the old zimbra server into the other existing Zimbra system (using slapcat or ldapsearch). You'll need to get the server entries, any customer COS entries, the domain entry, and all users under that domain. You would then load the information (ldif) into the existing Zimbra server with slapadd. You could then reconfigured the old server to become an ldap slave to the existing Zimbra box and to server simply as a mailstore for that domain data (users). One could also proceed with zmmailboxmove if you needed to migrate the user data onto the other box as well now.
Adjustments would also need to be done in regards to auth keys and server certs.
Working Possibility But Untested/QA'd NOT FINISHED - DON'T USE
Situation
Let's say you own a hosting company and a new customer says they are running Zimbra Network edition (same version as yours) and wants you to host them. They only have one domain and want to minimize downtime. Their server is in another country or state. They have 50 users.
Realistically, during the migration time frame, those accounts that will be using the temporary sub-domain until the switch is complete should only use the zimbra web client. Phones, thick clients, and so forth will introduce issues about synchronization and so forth that would be better to simply avoid.
Split-Domain Setup
Setup a split domain that you can use through the migration time frame.
They are company.com
You'll be migrate.company.com
See Ajcody-Notes#Staged_Migration_of_Non-Zimbra_or_ZCS_Server_to_New_ZCS_Server about Split-Domains and Domain Masquerading. Other adjustments might need to be applied.
The situation will be this:
- All emails maintain their company.com domain and email comes and goes through customers ZCS server.
- Customers ZCS will be using forward/alias for account to goto @migrate.company.com
- User Forward/Alias
- Need to figure out the right way to do this for this situation still.
- Relaying/Domain Forwarding
- zmprov
- md example.com zimbraMailCatchAllAddress @migrate.company.com
- md example.com zimbraMailCatchAllForwardingAddress @migrate.company.com
- md example.com zimbraMailTransport smtp:mta.HOSTING-COMPANY.com
- User Forward/Alias
- Accounts migrated to Hosting company server will have rewrite rules. So migrated accounts will not be exposed to "outside" world.
- zmprov md migrate.company.com zimbraMailCatchAllAddress @migrate.company.com zimbraMailCatchAllCanonicalAddress @company.com
- Need instructions to configure for this particular domain mta rules do basically do the below WITHOUT effecting the other domains with the hosting companies ZCS infrastructure.
- $ zmprov mcf zimbraMtaRelayHost mta.COMPANY.com
- $ zmprov mcf zimbraMtaDnsLookupsEnabled FALSE
Break Up User Migration
Determine group of users that make sense to migrate based upon their functions and mailbox sizes. Some items might not work 100% as expect while in transition - i.e. Calendars, Resources, Wiki, etc..
Set Accounts To Maintenance
Set the targeted accounts to Maintenance status. They should stay this way after the backup is completed and will stay like that until the migration to the new server is complete and the split-domain is setup.
Backup
On the customers ZCS server, do a backup of the selected users. Be careful of where you direct the backup to and that you'll have space.
mkdir /tmp/backup-accounts zmbackup -f -a userA@company.com userB@company.com userC@company.com -t /tmp/backup-accounts
Problem With Backup
Ideally, we would then do something like this:
zmbackup -i -a userA@company.com userB@company.com userC@company.com -t /tmp/backup-accounts
But this will fail, with:
Error occurred: system failure: Customer backup target is not allowed for incremental backup
And if you don't use the customer target it seems like the incremental picks up all the accounts. The point of wanting this would be to send a full via mail if needed and to allow the incrementals to be small enough to transfer over the network between the customer site and the hosting company.
Set Company Domain Onto Hosting Server
You'll need to setup the companies domain on your server before the zmrestore will work. You might as well configure the COS to make what the customer is using.
If your using a non-default COS.
- zmprov cc companyCOS
- adjust in web admin console if needed
- zmprov gc companyCOS | grep zimbraId
- zimbraId: 420447db-ea43-4d92-b62d-0164767f516d
- zmprov cd company.com
- adjust in web admin console if needed
- zmprov md company.com zimbraDomainDefaultCOSId 420447db-ea43-4d92-b62d-0164767f516d
Set this domain to Maintenance mode.
Restore Account Onto Hosting Server
zmrestore -a userA@company.com userB@company.com userC@company.com -t /tmp/backup-accounts
Move Restored Accounts Into Split-Domain
If split domain is already setup:
zmprov ra userA@company.com userA@migrate.company.com
If not, your could do a domainrename:
zmprov -l rd company.com migrate.company.com
Forward Accounts That Were Moved
On the customers server, you'll now setup those accounts to forward to the split-domain.
Email for userA@company.com forwards to userA@migrate.company.com
Here's another problem though. We need to find a way to switch to a forward/alias on the companies ZCS so that emails don't get bounced with "no such account". You can't setup an alias as long as the account exists on the box.
Some Zimbra Users From DomainA to DomainB On Same Zimbra Server
All Accounts From DomainA to DomainB
You would use [renameDomain]:
zmprov -l rd domainA.com domainB.com
Please review domainrename though, there's some outstanding issues with this depending on your ZCS version.
Account From DomainA to DomainB
You want to use [renameAccount]:
zmprov ra userA@domainA.com userA@domainB.com
This is same command to rename account within the same domain:
zmprov ra userA@domainA.com userB@domainA.com
Non-Zimbra IMAP Accounts To Zimbra
IMAPSYNC with admin login
Reference - http://wiki.zimbra.com/index.php?title=User_Migration
imapsync --buffersize 8192000 --nosyncacls --subscribe --syncinternaldates \ --host1 server1.test.org --user1 yourAccount --password1 yourPassword \ --host2 zimbra.test.org --user2 yourZimbraAccount --authuser2 admin \ --password2 adminZimbraPassword --authmech2 LOGIN
You can also try --authmech2 PLAIN
I found this description in one of the imapsync files:
"You may authenticate as one user (typically an admin user), but be authorized as someone else, which means you don't need to know every user's personal password. Specify --authuser1 "adminuser" to enable this on host1. In this case, --authmech1 PLAIN will be used, but otherwise, --authmech1 CRAM-MD5 is the default. Same behavior with the --authuser2 option."
Performance Issues With IMAPSYNC
- Running imapsync in parallel:
- Disable ALL attachment indexing:
- Disable ALL indexing (lucense)? I can't find anything yet about if this is or isn't an option. -Ajcody
- No option found as of yet.
- Disable redolog on non-production machine [be very careful with this and make sure your paying attention of what is where]: