Difference between revisions of "Promoting Replica to LDAP Master 6.0"

(Promoting a Replica Server – Demoting the Master Server)
(Promoting a Replica Server – Demoting the Master Server)
Line 11: Line 11:
 
# Shut down all services on all ZCS servers by running '''zmcontrol stop'''.
 
# Shut down all services on all ZCS servers by running '''zmcontrol stop'''.
 
# On the replica LDAP server that '''will be the new''' master LDAP server, do the following as the zimbra user:
 
# On the replica LDAP server that '''will be the new''' master LDAP server, do the following as the zimbra user:
#:a. Start ldap: '''ldap start'''
+
:a. Start ldap: '''ldap start'''
#:b. Note the ldap root password, as it will be used extensively: '''zmlocalconfig -s ldap_root_password'''
+
:b. Note the ldap root password, as it will be used extensively: '''zmlocalconfig -s ldap_root_password'''
#:c. Update the main ldap database to be a master:
+
:c. Update the main ldap database to be a master:
 
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
 
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
 
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; mso-yfti-lastrow: yes"
 
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; mso-yfti-lastrow: yes"
Line 20: Line 20:
 
dn: olcDatabase={2}hdb,cn=config<br />
 
dn: olcDatabase={2}hdb,cn=config<br />
 
changetype:modify<br />
 
changetype:modify<br />
delete: olcSyncrepl<br />
+
delete: olcSyncrepl<br /><br />
 
 
 
ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"<br />
 
ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"<br />
 
dn: olcDatabase={2}hdb,cn=config<br />
 
dn: olcDatabase={2}hdb,cn=config<br />
 
changetype:modify<br />
 
changetype:modify<br />
delete: olcUpdateRef<br />
+
delete: olcUpdateRef<br /><br />
 
 
 
ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"<br />
 
ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"<br />
 
dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config<br />
 
dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config<br />
 
changetype:modify<br />
 
changetype:modify<br />
 
add: olcSpCheckpoint<br />
 
add: olcSpCheckpoint<br />
olcSpCheckpoint: 20 10<br />
+
olcSpCheckpoint: 20 10<br /><br />
 
 
 
ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"<br />
 
ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"<br />
 
dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config<br />
 
dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config<br />
Line 39: Line 36:
 
olcSpSessionlog: 500<br />
 
olcSpSessionlog: 500<br />
 
|}
 
|}
 
+
:d. Prepare the accesslog database for the new master:
 +
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
 +
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; mso-yfti-lastrow: yes"
 +
| style="width: 4.65in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="798" |
 +
ldap stop<br /><br />
 +
cd /opt/zimbra/data/ldap<br />
 +
mkdir -p accesslog/db<br />
 +
mkdir -p accesslog/logs<br />
 +
|}
 +
:e. Copy in the relevant DB_CONFIG file. For a custom DB_CONFIG:
 +
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
 +
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; mso-yfti-lastrow: yes"
 +
| style="width: 4.65in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="798" |
 +
cp /opt/zimbra/conf/custom/ldap/DB_CONFIG.accesslog /opt/zimbra/accesslog/db/DB_CONFIG
 +
|}
 +
:For the default DB_CONFIG:
 +
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
 +
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; mso-yfti-lastrow: yes"
 +
| style="width: 4.65in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="798" |
 +
cp /opt/zimbra/openldap/var/openldap-data/DB_CONFIG.accesslog /opt/zimbra/accesslog/db/DB_CONFIG
 +
|}
 +
:Start ldap again:
 +
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
 +
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; mso-yfti-lastrow: yes"
 +
| style="width: 4.65in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="798" |
 +
ldap start
 +
|}
 
:c. Edit the server’s local config file
 
:c. Edit the server’s local config file
  

Revision as of 19:05, 1 October 2009


Only one master LDAP server can exist and this LDAP server is authoritative for user information, server configuration, etc. The instructions that follow explain how to promote a replica LDAP server to master and disable the previous LDAP master.

Promoting a Replica Server – Demoting the Master Server

Before you can promote a replica LDAP server to become the master LDAP server, your LDAP replication servers must be up and working correctly; that is the replica LDAP server(s) must be receiving LDAP updates from the master. See the Multi-Server Installation Guide, LDAP Replication Installation chapter.

To promote a replica server to be master

  1. Shut down all services on all ZCS servers by running zmcontrol stop.
  2. On the replica LDAP server that will be the new master LDAP server, do the following as the zimbra user:
a. Start ldap: ldap start
b. Note the ldap root password, as it will be used extensively: zmlocalconfig -s ldap_root_password
c. Update the main ldap database to be a master:

ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"
dn: olcDatabase={2}hdb,cn=config
changetype:modify
delete: olcSyncrepl

ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"
dn: olcDatabase={2}hdb,cn=config
changetype:modify
delete: olcUpdateRef

ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"
dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config
changetype:modify
add: olcSpCheckpoint
olcSpCheckpoint: 20 10

ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"
dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config
changetype:modify
add: olcSpSessionLog
olcSpSessionlog: 500

d. Prepare the accesslog database for the new master:

ldap stop

cd /opt/zimbra/data/ldap
mkdir -p accesslog/db
mkdir -p accesslog/logs

e. Copy in the relevant DB_CONFIG file. For a custom DB_CONFIG:

cp /opt/zimbra/conf/custom/ldap/DB_CONFIG.accesslog /opt/zimbra/accesslog/db/DB_CONFIG

For the default DB_CONFIG:

cp /opt/zimbra/openldap/var/openldap-data/DB_CONFIG.accesslog /opt/zimbra/accesslog/db/DB_CONFIG

Start ldap again:

ldap start

c. Edit the server’s local config file

zmlocalconfig –e ldap_master_url= <newmaster_directory_address>
zmlocalconfig –e ldap_url= <new_master_directory_address>
zmlocalconfig –e ldap_is_master= true

d. Change the LDAP host

zmlocalconfig –e ldap_host= <newmaster_directory_host>

3. Now you run zmmtainit to edit the ldap*.cf files in /opt/zimbra/conf to set the new master LDAP server as the authority for the MTA.These files tell Postfix how to connect to the LDAP server for various commands. If you are moving the directories, you might have Postfix pointing to a server that no longer runs LDAP, which will cause mail delivery to stop.

Note: zmmtainit should be run on the hosts that are running an MTA, but is not required on the other hosts. This is bug 16002, which is fixed for 4.5.7

As zimbra, type the following. The "XX" is a dummy value. The zmmtainit command will use the ldap_url value from localconfig in spite of this. (This is bug 17463, which is also fixed for 4.5.7).

/opt/zimbra/libexec/zmmtainit XX

4. Start the new LDAP master, type zmcontrol start. Then start up the services on all the other servers. At this point, services should be up and running on all hosts, and they should all be working off the new Master LDAP server.

Converting the master to be a replica

The old LDAP master can be disabled or it can be converted into a replica. To convert the old master to be a replica

  • Remove the contents of its openLDAP databases

cd /opt/zimbra/openldap-data
/opt/zimbra/sleepycat/bin/db_recover
rm alock *.bdb logs/*
cd /opt/zimbra/openldap-data/accesslog/db
/opt/zimbra/sleepycat/bin/db_recover
rm -rf /opt/zimbra/openldap-data/accesslog

  • Change that server’s local config file to designate it as a replica. Type

zmlocalconfig –e ldap_master_url= <master_directory_address>
zmlocalconfig –e ldap_url= <master_directory_address>

zmlocalconfig –e ldap_is_master= false


  • Run zmldapenablereplica to set up the replication account in the directory and make a copy of the master content to the replica LDAP server.


Related Articles

LDAP


Verified Against: Zimbra Collaboration Suite 4.5.6 Date Created: 4/5/2007
Article ID: https://wiki.zimbra.com/index.php?title=Promoting_Replica_to_LDAP_Master_6.0 Date Modified: 2009-10-01



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search