Upgrade Script Check - Validating LDAP configuration: Difference between revisions

No edit summary
 
Line 56: Line 56:
     /opt/zimbra/openldap/sbin/slappasswd -s Y0uRP4S5w0Rd
     /opt/zimbra/openldap/sbin/slappasswd -s Y0uRP4S5w0Rd
     {SSHA}SXzTa82PbLST97854mZOp746PBLA2378
     {SSHA}SXzTa82PbLST97854mZOp746PBLA2378
'''Note: From the starting of ZCS v8.7.x, path of "slappasswd" has been changed from "/opt/zimbra/openldap/sbin/slappasswd" to "/opt/zimbra/common/sbin/slappasswd". <br/>
'''Please update the command accordingly if you are doing this step for a system >= ZCS v8.7.x


Keep in mind the line, we will need it soon.
Keep in mind the line, we will need it soon.

Latest revision as of 12:26, 17 March 2020

Upgrade Script Check - Validating LDAP configuration

   KB 21525        Last updated on 2020-03-17  




0.00
(0 votes)

Upgrade Script Check - Validating LDAP configuration

In Zimbra Collaboration 8.6 and above, Zimbra implemented a new Upgrade script to check some important functionalities in our system, one of them is check that the password in the LDAP and in the Zimbra system match, if not we will see an error.

The upgrade process will start:

root@mail:/home/user/zcs-NETWORK-8.6.0_GA_1153.UBUNTU14_64.20141215151218# ./install.sh

Operations logged to /tmp/install.log.32857
Checking for existing installation...
    zimbra-ldap...FOUND zimbra-ldap-8.5.0.GA.3042.UBUNTU14.64
    zimbra-logger...FOUND zimbra-logger-8.5.0.GA.3042.UBUNTU14.64
    zimbra-mta...FOUND zimbra-mta-8.5.0.GA.3042.UBUNTU14.64
    zimbra-dnscache...NOT FOUND
    zimbra-snmp...FOUND zimbra-snmp-8.5.0.GA.3042.UBUNTU14.64
    zimbra-store...FOUND zimbra-store-8.5.0.GA.3042.UBUNTU14.64
    zimbra-apache...FOUND zimbra-apache-8.5.0.GA.3042.UBUNTU14.64
    zimbra-spell...FOUND zimbra-spell-8.5.0.GA.3042.UBUNTU14.64
    zimbra-convertd...FOUND zimbra-convertd-8.5.0.GA.3042.UBUNTU14.64
    zimbra-memcached...FOUND zimbra-memcached-8.5.0.GA.3042.UBUNTU14.64
    zimbra-proxy...FOUND zimbra-proxy-8.5.0.GA.3042.UBUNTU14.64
    zimbra-archiving...FOUND zimbra-archiving-8.5.0.GA.3042.UBUNTU14.64
    zimbra-core...FOUND zimbra-core-8.5.0.GA.3042.UBUNTU14.64
ZCS upgrade from 8.5.0 to 8.6.0 will be performed.

And then the upgrade script with the checks will fail in the LDAP test:

Validating existing license is not expired and qualifies for upgrade
License is valid and supports this upgrade.  Continuing.
Validating ldap configuration
Error: Unable to bind to the LDAP server as the root LDAP user.
       This is required to upgrade.

* This error is not related to Zimbra, in some point of the time, the password was changed in a wrong way to do it.

Workaround

Note: Please before do this step, or the upgrade step, be sure that you have a strong backup, is always better have:

  • a) Zimbra Backup
  • b) A snapshot in case that you have Virtual Environment
  • c) A Backup in other Storage of your VM, not just the snapshot.

If we have one of the previous points, or all, please continue with this steps.

Like Zimbra user, please stop all your Zimbra services:

   zmcontrol stop

Like Zimbra user, please run the next command to check the actual password that is stored in Zimbra:

   zimbra@zimbra-sn-u14-10:~$ zmlocalconfig -s ldap_root_password
   ldap_root_password = Y0uRP4S5w0Rd

Now generate a new secret hash with the password that you have in Zimbra:

    /opt/zimbra/openldap/sbin/slappasswd -s Y0uRP4S5w0Rd
    {SSHA}SXzTa82PbLST97854mZOp746PBLA2378

Note: From the starting of ZCS v8.7.x, path of "slappasswd" has been changed from "/opt/zimbra/openldap/sbin/slappasswd" to "/opt/zimbra/common/sbin/slappasswd".
Please update the command accordingly if you are doing this step for a system >= ZCS v8.7.x

Keep in mind the line, we will need it soon.

Move to the next directory:

   cd /opt/zimbra/data/ldap/config/cn=config

Edit the next file (important, we need to have the LDAP service stopped)

   vi olcDatabase={0}config.ldif

You will see a line like this, please note that the line have double symbol "::"

   olcRootPW:: e1NTSEE112123gblVeVJ2UjU3UE1512312366jjkj128080as2bDQ5eVgxNXhWSlFPUWhTQmxhQ1d4L1RaNWdsdVRsWWJyRXJDcTA4V0Y0YVRYOE5ma23451wR3A1QytBZUZocEZ1

Then change it for the next line, please pay attention that now need to have only 1 ":" symbol

   olcRootPw: {SSHA}SXzTa82PbLST97854mZOp746PBLA2378

You did the trick, now just run Zimbra again:

   zmcontrol start

Try to run again the Upgrade process.

Identified Support/Known Issues

Verified Against: Zimbra Collaboration Suite 8.6 Date Created: 02/14/2015
Article ID: https://wiki.zimbra.com/index.php?title=Upgrade_Script_Check_-_Validating_LDAP_configuration Date Modified: 2020-03-17



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search