Zimbra-LDAP Multival Configuration: Difference between revisions
Line 13: | Line 13: | ||
* ldapmodify takes one or more LDIF update statements configured at the command-line, and ends the input with an end-of-file (EOF) marker. | * ldapmodify takes one or more LDIF update statements configured at the command-line, and ends the input with an end-of-file (EOF) marker. | ||
* Type Control-D (^d) as EOF. | * Type Control-D (^d) as EOF. | ||
* Replace ldap_master_hostname with the ldap server hostname | |||
* As Zimbra user | * As Zimbra user | ||
Revision as of 10:06, 17 August 2018
Zimbra-Openldap MultiVal and SortVal configurations.
Prerequisite:
Install latest zimbra-openldap-server version 2.4.46-1zimbra8.7b2 or above.
Restart ldap
Restart ldap as zimbra user:
$ su - zimbra $ ldap restart
Configure SortVal
As Zimbra user, use ldapmodify commands to add sortval configuration in config db.
- ldapmodify takes one or more LDIF update statements configured at the command-line, and ends the input with an end-of-file (EOF) marker.
- Type Control-D (^d) as EOF.
- Replace ldap_master_hostname with the ldap server hostname
- As Zimbra user
$ source /opt/zimbra/bin/zmshutil ; zmsetvars $ ldapmodify -c -H "ldap://ldap_master_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={-1}frontend,cn=config changetype: modify add: olcSortVals olcSortVals: zimbraACE olcSortVals: zimbraAuthTokens olcSortVals: zimbraCsrfTokenData olcSortVals: zimbraPasswordLockoutFailureTime
Configure MultiVal
Note based upon MMR and standalone server, you will have to use the config db.
- For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config
$ source /opt/zimbra/bin/zmshutil ; zmsetvars $ ldapmodify -c -H "ldap://ldap_master_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={3}mdb,cn=config changetype: modify add: olcDbMultivalHi olcDbMultivalHi: 100 $ ldapmodify -c -H "ldap://ldap_master_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={3}mdb,cn=config changetype: modify add: olcDbMultivalLo olcDbMultivalLo: 3
- For a standalone ldap server or a replica then use olcDatabase={2}mdb,cn=config
$ source /opt/zimbra/bin/zmshutil ; zmsetvars $ ldapmodify -c -H "ldap://ldap_master_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={2}mdb,cn=config changetype: modify add: olcDbMultivalHi olcDbMultivalHi: 100 $ ldapmodify -c -H "ldap:// ldap_master_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={2}mdb,cn=config changetype: modify add: olcDbMultivalLo olcDbMultivalLo: 3
Verify the configuration.
As zimbra user:
$ source /opt/zimbra/bin/zmshutil ; zmsetvars ; $ ldapsearch -LLL -x -H ldapi:/// -D cn=config -w $ldap_root_password -b cn=config | grep -e olcSortVals -e olcDbMultival olcAttributeTypes: ( OLcfgGlAt:83 NAME 'olcSortVals' DESC 'Attributes whose va olcAttributeTypes: ( OLcfgDbAt:12.6 NAME 'olcDbMultivalHi' DESC 'Threshold for olcAttributeTypes: ( OLcfgDbAt:12.7 NAME 'olcDbMultivalLo' DESC 'Threshold for axSize $ olcDbMode $ olcDbSearchStack $ olcDbRtxnSize $ olcDbMultivalHi $ olc olcSortVals: zimbraACE olcSortVals: zimbraAuthTokens olcSortVals: zimbraCsrfTokenData olcSortVals: zimbraPasswordLockoutFailureTime olcDbMultivalLo: 3 olcDbMultivalHi: 100
Export the primary database to LDIF.
As zimbra user:
$ su - zimbra $ /opt/zimbra/libexec/zmslapcat /path/to/output/dir
Export the accesslog database to LDIF (if this is a master server)
As zimbra user:
$ /opt/zimbra/libexec/zmslapcat -a /path/to/output/dir
Stop ldap on the server
As zimbra user:
$ ldap stop
Reload the primary database
As the zimbra user:
$ cd /opt/zimbra/data/ldap $ mv mdb mdb.old $ mkdir -p mdb/db $ /opt/zimbra/libexec/zmslapadd /path/to/output/dir/ldap.bak
Reload the accesslog database (if this is a master server)
As the zimbra user:
$ cd /opt/zimbra/data/ldap $ mv accesslog accesslog.old $ mkdir -p accesslog/db $ /opt/zimbra/libexec/zmslapadd -a /path/to/output/dir/ldap-accesslog.bak
9) start ldap As the zimbra user:
$ ldap start