Difference between revisions of "Removing samba/posix zimlets for 6.0 upgrade"
(How to remove Samba and Posix Zimlets in preparation for an upgrade to ZCS 6.0.x from 5.0.x)
Revision as of 20:44, 13 January 2011
The Samba/Posix zimlets add a number of elements to the directory that will not be recognized during a 6.0 upgrade. Customers that are not planning to use Samba/Posix going forward may choose to remove the zimlets and their directory extensions to simplify a 6.0 upgrade.
To remove the zimlets:
zmzimletctl undeploy zimbra_posixaccount zmzimletctl undeploy zimbra_samba
To remove the schema extensions:
1. Edit /opt/zimbra/conf/slapd.conf.in. 2. Comment out the include lines referring to solaris-nis.schema and samba.schema.
To remove the objectclass extensions from ZCS:
zmprov mcf -- -zimbraAccountExtraObjectClass sambaSamAccount zmprov mcf -- -zimbraAccountExtraObjectClass posixAccount
At this point, any new users created will not include Samba/Posix attributes or objectclasses, and the Samba/Posix extensions will no longer be present in the admin console. The LDAP directory will also not accept any new entries that include Samba/Posix attributes or objectclasses. The 6.0 upgrade procedure dumps a copy of the LDAP directory to disk and reloads it into the system. The Samba/Posix data already in the system will cause trouble here, as it is included in the dumped out data but the schema of the 6.0 directory will not permit it to be loaded into the system. To avoid this problem, we will need to remove the Samba/Posix data from the LDAP directory prior to the upgrade.
To do this:
1. Stop the directory server. You may also stop all Zimbra services at this time. 2. Run: /opt/zimbra/openldap/sbin/slapcat -b "" -f /opt/zimbra/conf/slapd.conf > /tmp/slapcat.out 3. Edit slapcat.out by removing any of the following: Attributes: MEMBERUID HOMEDIRECTORY LOGINSHELL uidNumber gidNumber Any starting with 'samba' Any starting with 'posix' Any starting with 'nis' Any starting wtih 'SHADOW' Objectclasses: Any starting with 'samba' Any starting with 'posix' Any starting with 'nis' 4. When editing is complete, move aside the existing contents of the /opt/zimbra/openldap-data directory. All *.bdb, __*.log and alock files should be moved to another directory, as should the existing db and logs directories. When this is complete, new empty db and logs directories should be created. The only contents of the openldap-data directory should be these directories and the DB_CONFIG file. 5. Run: /opt/zimbra/openldap/sbin/slapadd -f /opt/zimbra/conf/slapd.conf -l /tmp/slapcat.out -b "" -c 6. This will add the contents of the slapcat.out file to the now empty LDAP directory, recreating only entries that comply with the new schema. Any remaining entries that include Samba/Posix content will be skipped. You may see errors indicating that some entries are not being created because of missing objectclasses. Those are okay. Check the output of the slapadd command for other entries that may have been skipped. It is possible there are Samba/Posix-related attributes and objectclasses that could be rejected. If rejections are happening to user accounts or domain entries, you will need to find and correct them in /tmp/slapcat.out, and repeat from step 4.
When this is completed, the server should be ready for a 6.0 upgrade.