Zimbra-LDAP Multival Configuration: Difference between revisions
Line 27: | Line 27: | ||
Note based upon MMR and standalone server, you will have to use the config db. | Note based upon MMR and standalone server, you will have to use the config db. | ||
* For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config | |||
$ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password | |||
dn: olcDatabase={3}mdb,cn=config | |||
changetype: modify | |||
add: olcDbMultivalHi | |||
olcDbMultivalHi: 100 | |||
$ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password | |||
dn: olcDatabase={3}mdb,cn=config | |||
changetype: modify | |||
add: olcDbMultivalLo | |||
olcDbMultivalLo: 3 | |||
* For a standalone ldap server or a replica then use olcDatabase={2}mdb,cn=config | |||
$ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password | $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password | ||
dn: olcDatabase={2}mdb,cn=config | dn: olcDatabase={2}mdb,cn=config | ||
Line 41: | Line 53: | ||
add: olcDbMultivalLo | add: olcDbMultivalLo | ||
olcDbMultivalLo: 3 | olcDbMultivalLo: 3 | ||
==== Verify the database. ==== | ==== Verify the database. ==== |
Revision as of 12:20, 16 August 2018
Prerequisite: Install latest zimbra-openldap0-server version 2.4.46-1zimbra8.7b2 or above.
Restart ldap
Restart ldap as zimbra user:
$ su - zimbra $ ldap stop $ ldap start
Configure SortVal
Use ldapmodify commands to add sortval configuration in config db. ldapmodify takes one or more LDIF update statements configured at the command-line, and ends the input with an end-of-file (EOF) marker. Type Control-D (^d) as EOF.
$ ldapmodify -c -H "ldap://master_ldap_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={-1}frontend,cn=config changetype: modify add: olcSortVals olcSortVals: zimbraACE olcSortVals: zimbraAuthTokens olcSortVals: zimbraCsrfTokenData olcSortVals: zimbraPasswordLockoutFailureTime
Configure MultiVal
Note based upon MMR and standalone server, you will have to use the config db.
- For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config
$ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={3}mdb,cn=config changetype: modify add: olcDbMultivalHi olcDbMultivalHi: 100 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={3}mdb,cn=config changetype: modify add: olcDbMultivalLo olcDbMultivalLo: 3
- For a standalone ldap server or a replica then use olcDatabase={2}mdb,cn=config
$ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={2}mdb,cn=config changetype: modify add: olcDbMultivalHi olcDbMultivalHi: 100 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password dn: olcDatabase={2}mdb,cn=config changetype: modify add: olcDbMultivalLo olcDbMultivalLo: 3
Verify the database.
$ source /opt/zimbra/bin/zmshutil ; zmsetvars ; $ ldapsearch -LLL -x -H ldapi:/// -D cn=config -w $ldap_root_password -b cn=config | grep -e sortval -e multival -i
Export the primary database to LDIF.
As zimbra user:
$ su - zimbra $ /opt/zimbra/libexec/zmslapcat /path/to/output/dir
5) Export the accesslog database to LDIF (if this is a master server) As zimbra user: /opt/zimbra/libexec/zmslapcat -a /path/to/output/dir
6) Stop ldap on the server As zimbra user: ldap stop
7) Reload the primary database As the zimbra user:
cd /opt/zimbra/data/ldap mv mdb mdb.old mkdir -p mdb/db /opt/zimbra/libexec/zmslapadd /path/to/output/dir/ldap.bak
8)Reload the accesslog database (if this is a master server)
As the zimbra user:
cd /opt/zimbra/data/ldap mv accesslog accesslog.old mkdir -p accesslog/db /opt/zimbra/libexec/zmslapadd -a /path/to/output/dir/ldap-accesslog.bak
9) start ldap As the zimbra user: ldap start