Zimbra-LDAP Multival Configuration: Difference between revisions
No edit summary |
|||
Line 25: | Line 25: | ||
==== Configure MultiVal ==== | ==== Configure MultiVal ==== | ||
Note based upon MMR and standalone server, you will have to use the config db. | Note based upon MMR and standalone server, you will have to use the config db. | ||
* For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config | * For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config | ||
Line 54: | Line 53: | ||
==== Verify the configuration. ==== | ==== Verify the configuration. ==== | ||
As zimbra user: | |||
$ source /opt/zimbra/bin/zmshutil ; zmsetvars ; | $ source /opt/zimbra/bin/zmshutil ; zmsetvars ; | ||
$ ldapsearch -LLL -x -H ldapi:/// -D cn=config -w $ldap_root_password -b cn=config | grep -e olcSortVals -e olcDbMultival | $ ldapsearch -LLL -x -H ldapi:/// -D cn=config -w $ldap_root_password -b cn=config | grep -e olcSortVals -e olcDbMultival | ||
Line 73: | Line 72: | ||
$ /opt/zimbra/libexec/zmslapcat /path/to/output/dir | $ /opt/zimbra/libexec/zmslapcat /path/to/output/dir | ||
==== Export the accesslog database to LDIF (if this is a master server) ==== | |||
As zimbra user: | As zimbra user: | ||
/opt/zimbra/libexec/zmslapcat -a /path/to/output/dir | $ /opt/zimbra/libexec/zmslapcat -a /path/to/output/dir | ||
==== Stop ldap on the server ==== | |||
As zimbra user: | As zimbra user: | ||
ldap stop | $ ldap stop | ||
==== Reload the primary database ==== | |||
As the zimbra user: | As the zimbra user: | ||
$ cd /opt/zimbra/data/ldap | |||
$ mv mdb mdb.old | |||
$ mkdir -p mdb/db | |||
$ /opt/zimbra/libexec/zmslapadd /path/to/output/dir/ldap.bak | |||
==== Reload the accesslog database (if this is a master server) ==== | |||
As the zimbra user: | As the zimbra user: | ||
$ cd /opt/zimbra/data/ldap | |||
cd /opt/zimbra/data/ldap | $ mv accesslog accesslog.old | ||
mv accesslog accesslog.old | $ mkdir -p accesslog/db | ||
mkdir -p accesslog/db | $ /opt/zimbra/libexec/zmslapadd -a /path/to/output/dir/ldap-accesslog.bak | ||
/opt/zimbra/libexec/zmslapadd -a /path/to/output/dir/ldap-accesslog.bak | |||
9) start ldap | 9) start ldap | ||
As the zimbra user: | As the zimbra user: | ||
ldap start | $ ldap start |
Revision as of 13:59, 16 August 2018
Prerequisite: Install latest zimbra-openldap0-server version 2.4.46-1zimbra8.7b2 or above.
Restart ldap
Restart ldap as zimbra user:
$ su - zimbra $ ldap restart
Configure SortVal
Use ldapmodify commands to add sortval configuration in config db. ldapmodify takes one or more LDIF update statements configured at the command-line, and ends the input with an end-of-file (EOF) marker. Type Control-D (^d) as EOF.
$ ldapmodify -c -H "ldap://master_ldap_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={-1}frontend,cn=config changetype: modify add: olcSortVals olcSortVals: zimbraACE olcSortVals: zimbraAuthTokens olcSortVals: zimbraCsrfTokenData olcSortVals: zimbraPasswordLockoutFailureTime
Configure MultiVal
Note based upon MMR and standalone server, you will have to use the config db.
- For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config
$ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={3}mdb,cn=config changetype: modify add: olcDbMultivalHi olcDbMultivalHi: 100 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={3}mdb,cn=config changetype: modify add: olcDbMultivalLo olcDbMultivalLo: 3
- For a standalone ldap server or a replica then use olcDatabase={2}mdb,cn=config
$ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={2}mdb,cn=config changetype: modify add: olcDbMultivalHi olcDbMultivalHi: 100 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={2}mdb,cn=config changetype: modify add: olcDbMultivalLo olcDbMultivalLo: 3
Verify the configuration.
As zimbra user:
$ source /opt/zimbra/bin/zmshutil ; zmsetvars ; $ ldapsearch -LLL -x -H ldapi:/// -D cn=config -w $ldap_root_password -b cn=config | grep -e olcSortVals -e olcDbMultival olcAttributeTypes: ( OLcfgGlAt:83 NAME 'olcSortVals' DESC 'Attributes whose va olcAttributeTypes: ( OLcfgDbAt:12.6 NAME 'olcDbMultivalHi' DESC 'Threshold for olcAttributeTypes: ( OLcfgDbAt:12.7 NAME 'olcDbMultivalLo' DESC 'Threshold for axSize $ olcDbMode $ olcDbSearchStack $ olcDbRtxnSize $ olcDbMultivalHi $ olc olcSortVals: zimbraACE olcSortVals: zimbraAuthTokens olcSortVals: zimbraCsrfTokenData olcSortVals: zimbraPasswordLockoutFailureTime olcDbMultivalLo: 3 olcDbMultivalHi: 100
Export the primary database to LDIF.
As zimbra user:
$ su - zimbra $ /opt/zimbra/libexec/zmslapcat /path/to/output/dir
Export the accesslog database to LDIF (if this is a master server)
As zimbra user:
$ /opt/zimbra/libexec/zmslapcat -a /path/to/output/dir
Stop ldap on the server
As zimbra user:
$ ldap stop
Reload the primary database
As the zimbra user:
$ cd /opt/zimbra/data/ldap $ mv mdb mdb.old $ mkdir -p mdb/db $ /opt/zimbra/libexec/zmslapadd /path/to/output/dir/ldap.bak
Reload the accesslog database (if this is a master server)
As the zimbra user:
$ cd /opt/zimbra/data/ldap $ mv accesslog accesslog.old $ mkdir -p accesslog/db $ /opt/zimbra/libexec/zmslapadd -a /path/to/output/dir/ldap-accesslog.bak
9) start ldap As the zimbra user:
$ ldap start