Difference between revisions of "Setting zimbra admin password in LDAP"

 
(9 intermediate revisions by 4 users not shown)
Line 1: Line 1:
When you upgrade to 5.0, if your zimbra admin password in the config file does not match the zimbra admin password in LDAP, the upgrade will fail. There is no way to test that the zimbra admin password is correct in LDAP prior to upgrading. You can reset the zimbra admin password before you upgrade to make sure that the passwords match.
+
{{BC|Community Sandbox}}
 +
__FORCETOC__
 +
<div class="col-md-12 ibox-content">
 +
=Setting Zimbra Admin password in LDAP=
 +
{{KB|{{Unsupported}}|{{ZCS 5.0}}||}}
 +
{{Archive}}{{WIP}}{{Article Infobox|{{admin}}||{{ZCS 5.0}}|}}== Introduction ==
 +
The upgrade to 5.0 can fail if the zimbra admin password stored in the local configuration does not match the password stored in the LDAP database. Since there is no way to test the zimbra admin password in the database, steps must be taken to ensure the two passwords match prior to running the 5.0 upgrade.
  
 +
== Retrieve the local configuration password ==
 
1. As zimbra, type:  
 
1. As zimbra, type:  
 
   zmlocalconfig -s zimbra_ldap_password ldap_master_url
 
   zmlocalconfig -s zimbra_ldap_password ldap_master_url
This returns the values for what is believed to be the password for the zimbra admin user and the URL to talk to the master for making the change.
+
This returns the value for what is believed to be the password for the zimbra admin user and the URL to talk to the master for making the change to the LDAP database.
  
 +
== Set the password in the LDAP database ==
 
2. Run the following as the zimbra user:
 
2. Run the following as the zimbra user:
   /opt/zimbra/openldap/bin/ldapmodify -x -H <ldap master URL value> -D
+
   /opt/zimbra/openldap/bin/ldapmodify -x -h <ldap master URL value> -D "uid=zimbra,cn=admins,cn=zimbra" -W
  "uid=zimbra,cn=admins,cn=zimbra" -W
 
  
3. When prompted with '''Enter LDAP password''', add the value for zimbra_ldap_password returned in Step 1. Press '''Enter'''.
+
3. When prompted with '''Enter LDAP password''', use the value for zimbra_ldap_password returned in Step 1. Press '''Enter'''.
  
 
4. Then type:  
 
4. Then type:  
Line 15: Line 22:
 
   changetype: modify
 
   changetype: modify
 
   replace: userPassword
 
   replace: userPassword
   userPassword: <value of zimbra_admin_password>  
+
   userPassword: <value of zimbra_ldap_password>  
  
 
5. Press '''Enter''' twice for the changes to take place.
 
5. Press '''Enter''' twice for the changes to take place.
  
 +
== Run zmldappasswd for greater security ==
 +
After updating the LDAP database with ''ldapmodify'', run ''zmldappasswd'' on the zimbra admin account to store a more secure hash of the password value in the LDAP database.
 +
  zmldappasswd <zimbra_ldap_password>
  
  
  
  <nowiki>Article Footer|Zimbra Collaboration Suite 5.0|1/2/2008</nowiki>
+
{{Article Footer|Zimbra Collaboratio 5.0|1/2/2008}}
 +
 
 +
[[Category:Administration]]
 +
[[Category:LDAP]]
 +
[[Category:Migration]]
 +
[[Category:Troubleshooting Migration]]
 +
[[Category:Troubleshooting Upgrade]]
 +
[[Category:ZCS 5.0]]

Latest revision as of 22:07, 12 July 2015

Setting Zimbra Admin password in LDAP

   KB 2317        Last updated on 2015-07-12  




0.00
(0 votes)
Admin Article

Article Information

This article applies to the following ZCS versions.

ZCS 5.0 Article ZCS 5.0

Introduction

The upgrade to 5.0 can fail if the zimbra admin password stored in the local configuration does not match the password stored in the LDAP database. Since there is no way to test the zimbra admin password in the database, steps must be taken to ensure the two passwords match prior to running the 5.0 upgrade.

Retrieve the local configuration password

1. As zimbra, type:

  zmlocalconfig -s zimbra_ldap_password ldap_master_url

This returns the value for what is believed to be the password for the zimbra admin user and the URL to talk to the master for making the change to the LDAP database.

Set the password in the LDAP database

2. Run the following as the zimbra user:

  /opt/zimbra/openldap/bin/ldapmodify -x -h <ldap master URL value> -D "uid=zimbra,cn=admins,cn=zimbra" -W

3. When prompted with Enter LDAP password, use the value for zimbra_ldap_password returned in Step 1. Press Enter.

4. Then type:

  dn: uid=zimbra,cn=admins,cn=zimbra
  changetype: modify
  replace: userPassword
  userPassword: <value of zimbra_ldap_password> 

5. Press Enter twice for the changes to take place.

Run zmldappasswd for greater security

After updating the LDAP database with ldapmodify, run zmldappasswd on the zimbra admin account to store a more secure hash of the password value in the LDAP database.

  zmldappasswd <zimbra_ldap_password> 


Verified Against: Zimbra Collaboratio 5.0 Date Created: 1/2/2008
Article ID: https://wiki.zimbra.com/index.php?title=Setting_zimbra_admin_password_in_LDAP Date Modified: 2015-07-12



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search