King0770-Notes-Merge Two Independent Machines
Summary of steps
- Prepare ZCS machines
- Export ldap data from ServerA
- Import ldap data into ServerB
- Configure servers
Scenario: You have two ZCS machines, but they are independent of each other. Now a decision has been made to join the machines together.
Why merge two different Zimbra machines?
- Take advantage of the sharing capabilities, share calendar, mailbox, briefcase etc etc
- Consolidate two servers into one
- Need to transfer accounts ( See http://wiki.zimbra.com/index.php?title=CLI_zmmailboxmove_Network_Edition_only )
- 1 Section I - Prepare ZCS Machines
- 2 Section II - Export ldap data from ServerA
- 3 Section III - Import ldap data into ServerB
- 4 Section IV - Configure servers
- 5 Section V - Test
- 6 Section VI - Undocumented / Potential Issues
Section I - Prepare ZCS Machines
Be sure both machines have the same ZCS version.
LDAP passwords need to be same on both machines.
Run the following command on both machines.
zmlocalconfig -s | grep pass | grep ldap
If the passwords do not match between the two machines, you will need to change the passwords so the passwords match between both machines. After changing the passwords, you will need to restart ZCS services.
zmldappasswd -h Usage: /opt/zimbra/bin/zmldappasswd [-h] [-r] [-p] [-l] newpassword -h: display this help message -a: change ldap_amavis_password -l: change ldap_replication_password -n: change ldap_nginx_password -p: change ldap_postfix_password -r: change ldap_root_passwd Only one of a, l, n, p, or r may be specified Without options zimbra_ldap_password is changed
Section II - Export ldap data from ServerA
This is actually pretty straight forward. Basically we're going to export the ldap info into a file. Normally we can use the zmslapcat tool to export ldap info, however, we will need to parse out some superfluous info that zmslapcat would include.
Here's a small script to help facilitate this step. Basically, this will export all info the ldap-master will need to import.
#!/bin/bash if [ `whoami` != "zimbra" ]; then echo "You must be the zimbra user to run this script." exit 0 fi source /opt/zimbra/bin/zmshutil zmsetvars echo "Creating file in /tmp." ldapsearch -x -h `zmhostname` -D $zimbra_ldap_userdn -w $zimbra_ldap_password -LLL \ "(|(objectClass=zimbraDomain)(objectClass=zimbraAccount)(objectClass=zimbraServer)(objectClass=zimbraCOS))" >> /tmp/`zmhostname`_`date +%F`.ldif
Note: The ldapsearch command is on one line.
Section III - Import ldap data into ServerB
After generating the ldif file on ServerA, transfer it to ServerB. And run ldapadd to import the data into ServerB.
Example: ldapadd -x -h `zmhostname` -D uid=zimbra,cn=admins,cn=zimbra -c -w `zmlocalconfig -s -m nokey zimbra_ldap_password` -f /tmp/temp.ldif"
Once the data is imported, restart ZCS services.
zmcontrol stop zmcontrol start
Section IV - Configure servers
Deciding which machine will be a ldap-master/replica
Up to this point, we were using "ServerA" and "ServerB" in generic terms. We haven't used "ldap-master" and "ldap-replica" terms yet. But now, it is important to be cognizant of which machine will be an ldap-master and which machine will be an ldap-replica. In this article, ServerA exported it's ldap data, and ServerB imported ServerA's ldap data, for our purposes here, ServerA will be an ldap-replica, and ServerB will be an ldap-master once this operation is complete.
At this point, we will need to configure ServerA to be an actual ldap-replica.
For this step do the following:
ldap stop cd /opt/zimbra/openldap-data /opt/zimbra/sleepycat/bin/db_recover rm alock *.bdb logs/* cd /opt/zimbra/openldap-data/accesslog/db /opt/zimbra/sleepycat/bin/db_recover rm -rf /opt/zimbra/openldap-data/accesslog ldap start
Change the server’s local config file to designate it as a replica. Here's an example to go by.
zmlocalconfig –e ldap_master_url="ldap://ServerB:389" zmlocalconfig –e ldap_url="ldap://ServerA:389 ldap://ServerB:389" zmlocalconfig –e ldap_is_master=false zmlocalconfig -e ldap_host=ServerB /opt/zimbra/libexec/zmldapenablereplica
Or you can script it.
#!/bin/bash echo "What is the hostname of the ldap master?" read MAST zmlocalconfig -e ldap_is_master=false zmlocalconfig -e ldap_master_url="ldap://$MAST:389" zmlocalconfig -e ldap_url="ldap://`zmhostname`:389 ldap://$MAST:389" zmlocalconfig -e ldap_host=$MAST sleep 1 echo "Running zmldapenablereplica" /opt/zimbra/libexec/zmldapenablereplica
After making the changes for ldap replication, be sure to restart ZCS services.
zmcontrol stop zmcontrol start
If you haven't restarted ZCS services in Section III, go ahead and restart ZCS services.
Section V - Test
After both machines have been rebooted, each machine should be able to see each other.
Run the following command from the ldap-replica, both machines should be displayed. If you can see both machines, the merge was successful.
And run the following to see all the users from the ldap-replica
Section VI - Undocumented / Potential Issues
Will document any known issues as I am made aware. More to follow I am sure.