Promoting Replica to LDAP Master 6.0: Difference between revisions

(Redirected page to Promoting Replica to LDAP Master)
 
(15 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{WIP}}
#REDIRECT [[Promoting Replica to LDAP Master]]
 
Only one master LDAP server can exist and this LDAP server is authoritative for user information, server configuration, etc. The instructions that follow explain how to promote a replica LDAP server to master and disable the previous LDAP master.
 
==Promoting a Replica Server – Demoting the Master Server==
 
Before you can promote a replica LDAP server to become the master LDAP server, your LDAP replication servers must be up and working correctly; that is the replica LDAP server(s) must be receiving LDAP updates from the master. See the Multi-Server Installation Guide, LDAP Replication Installation chapter.
 
'''To promote a replica server to be master'''
 
# Shut down all services on all ZCS servers by running '''zmcontrol stop'''.
# On the replica LDAP server that '''will be the new''' master LDAP server, do the following as the zimbra user:
#:a. Start ldap: '''ldap start'''
#:b. Note the ldap root password, as it will be used extensively: '''zmlocalconfig -s ldap_root_password'''
#:c. Update the main ldap database to be a master:
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; mso-yfti-lastrow: yes"
| style="width: 4.65in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="798" |
ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"<br />
dn: olcDatabase={2}hdb,cn=config<br />
changetype:modify<br />
delete: olcSyncrepl<br />
 
ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"<br />
dn: olcDatabase={2}hdb,cn=config<br />
changetype:modify<br />
delete: olcUpdateRef<br />
 
ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"<br />
dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config<br />
changetype:modify<br />
add: olcSpCheckpoint<br />
olcSpCheckpoint: 20 10<br />
 
ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"<br />
dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config<br />
changetype:modify<br />
add: olcSpSessionLog<br />
olcSpSessionlog: 500<br />
|}
 
:c. Edit the server’s local config file
 
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-yfti-tbllook: 480; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; mso-yfti-lastrow: yes; page-break-inside: avoid"
| style="width: 4.9in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="588" |
zmlocalconfig –e ldap_master_url= <newmaster_directory_address> <br>zmlocalconfig –e ldap_url= <new_master_directory_address><br>zmlocalconfig –e ldap_is_master= true
|}
 
:d. Change the LDAP host
 
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-yfti-tbllook: 480; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; mso-yfti-lastrow: yes; page-break-inside: avoid"
| style="width: 4.9in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="588" |
zmlocalconfig –e ldap_host= <newmaster_directory_host>
|}
 
3. Now you run '''zmmtainit''' to edit the '''ldap*.cf''' files in '''/opt/zimbra/conf''' to set the new master LDAP server as the authority for the MTA.These files tell Postfix how to connect to the LDAP server for various commands. If you are moving the directories, you might have Postfix pointing to a server that no longer runs LDAP, which will cause mail delivery to stop.
 
Note: '''zmmtainit''' should be run on the hosts that are running an MTA, but is not required on the other hosts.
This is bug 16002, which is fixed for 4.5.7
 
As zimbra, type the following. The "XX" is a dummy value.  The zmmtainit command will use the ldap_url value from localconfig in spite of this.  (This is bug 17463, which is also fixed for 4.5.7).
 
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-yfti-tbllook: 480; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; mso-yfti-lastrow: yes"
| style="width: 5.1in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="612" |
/opt/zimbra/libexec/zmmtainit XX
|}
 
4. Start the new LDAP master, type '''zmcontrol start'''. Then start up the services on all the other servers. At this point, services should be up and running on all hosts, and they should all be working off the new Master LDAP server.
 
==Converting the master to be a replica==
 
The old LDAP master can be disabled or it can be converted into a replica. To convert the old master to be a replica
 
* <div class="bullet1">Remove the contents of its openLDAP databases</div>
 
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-yfti-tbllook: 480; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; page-break-inside: avoid"
| style="width: 4.9in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="588" |
cd /opt/zimbra/openldap-data<br>
/opt/zimbra/sleepycat/bin/db_recover<br>
rm alock *.bdb logs/*<br>
cd /opt/zimbra/openldap-data/accesslog/db<br>
/opt/zimbra/sleepycat/bin/db_recover<br>
rm -rf /opt/zimbra/openldap-data/accesslog
|}
* <div class="bullet1">Change that server’s local config file to designate it as a replica. Type </div>
 
<div class="Section2">
 
{| class="screen" style="margin-left: .5in; border-collapse: collapse; mso-yfti-tbllook: 480; mso-padding-alt: 0in 5.4pt 0in 5.4pt"
|- style="mso-yfti-irow: 0; mso-yfti-firstrow: yes; page-break-inside: avoid"
| style="width: 4.9in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="588" |
zmlocalconfig –e ldap_master_url= <master_directory_address> <br> zmlocalconfig –e ldap_url= <master_directory_address>
|- style="mso-yfti-irow: 1; mso-yfti-lastrow: yes"
| style="width: 4.9in; background: #E6E6E6; padding: 0in 5.4pt 0in 5.4pt" width="588" |
zmlocalconfig –e ldap_is_master= false
|}
 
 
* Run '''zmldapenablereplica''' to set up the replication account in the directory and make a copy of the master content to the replica LDAP server.  </div>
 
 
= Related Articles =
[[LDAP|LDAP]]
 
--------------------------------------------------------------------------------
 
{{Article Footer|Zimbra Collaboration Suite 4.5.6|4/5/2007}}
 
[[Category:Certified]]
[[Category: Installation]]
[[Category: LDAP]]

Latest revision as of 03:01, 8 April 2011

Jump to: navigation, search