Zimbra-LDAP Multival Configuration: Difference between revisions

Line 27: Line 27:
Note based upon MMR and standalone server, you will have to use the config db.  
Note based upon MMR and standalone server, you will have to use the config db.  


If its a standalone ldap server or a replica then use olcDatabase={2}mdb,cn=config
* For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config
If its a master in an ldap+replica or MMR setup use olcDatabase={3}mdb,cn=config


  $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
  dn: olcDatabase={3}mdb,cn=config
  changetype: modify
  add: olcDbMultivalHi
  olcDbMultivalHi: 100
 
  $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
  dn: olcDatabase={3}mdb,cn=config
  changetype: modify
  add: olcDbMultivalLo
  olcDbMultivalLo: 3
* For a standalone ldap server or a replica then use olcDatabase={2}mdb,cn=config
   $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
   $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
   dn: olcDatabase={2}mdb,cn=config
   dn: olcDatabase={2}mdb,cn=config
Line 41: Line 53:
   add: olcDbMultivalLo
   add: olcDbMultivalLo
   olcDbMultivalLo: 3
   olcDbMultivalLo: 3


==== Verify the database. ====
==== Verify the database. ====

Revision as of 12:20, 16 August 2018

Prerequisite: Install latest zimbra-openldap0-server version 2.4.46-1zimbra8.7b2 or above.


Restart ldap

Restart ldap as zimbra user:

 $ su - zimbra
 $ ldap stop
 $ ldap start

Configure SortVal

Use ldapmodify commands to add sortval configuration in config db. ldapmodify takes one or more LDIF update statements configured at the command-line, and ends the input with an end-of-file (EOF) marker. Type Control-D (^d) as EOF.

 $ ldapmodify -c -H "ldap://master_ldap_hostname:389" -D cn=config -w $ldap_root_password 
 dn: olcDatabase={-1}frontend,cn=config
 changetype: modify
 add: olcSortVals
 olcSortVals: zimbraACE
 olcSortVals: zimbraAuthTokens
 olcSortVals: zimbraCsrfTokenData
 olcSortVals: zimbraPasswordLockoutFailureTime
 
  

Configure MultiVal

Note based upon MMR and standalone server, you will have to use the config db.

  • For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config
 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
 dn: olcDatabase={3}mdb,cn=config
 changetype: modify
 add: olcDbMultivalHi
 olcDbMultivalHi: 100
 
 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
 dn: olcDatabase={3}mdb,cn=config
 changetype: modify
 add: olcDbMultivalLo
 olcDbMultivalLo: 3
  • For a standalone ldap server or a replica then use olcDatabase={2}mdb,cn=config
 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
 dn: olcDatabase={2}mdb,cn=config
 changetype: modify
 add: olcDbMultivalHi
 olcDbMultivalHi: 100
 
 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
 dn: olcDatabase={2}mdb,cn=config
 changetype: modify
 add: olcDbMultivalLo
 olcDbMultivalLo: 3

Verify the database.

  $ source /opt/zimbra/bin/zmshutil ; zmsetvars ; 
  $ ldapsearch -LLL -x -H ldapi:/// -D cn=config -w $ldap_root_password -b cn=config | grep -e sortval -e multival -i

Export the primary database to LDIF.

As zimbra user:

 $ su - zimbra
 $ /opt/zimbra/libexec/zmslapcat /path/to/output/dir

5) Export the accesslog database to LDIF (if this is a master server) As zimbra user: /opt/zimbra/libexec/zmslapcat -a /path/to/output/dir

6) Stop ldap on the server As zimbra user: ldap stop

7) Reload the primary database As the zimbra user:

cd /opt/zimbra/data/ldap mv mdb mdb.old mkdir -p mdb/db /opt/zimbra/libexec/zmslapadd /path/to/output/dir/ldap.bak

8)Reload the accesslog database (if this is a master server)

As the zimbra user:

cd /opt/zimbra/data/ldap mv accesslog accesslog.old mkdir -p accesslog/db /opt/zimbra/libexec/zmslapadd -a /path/to/output/dir/ldap-accesslog.bak

9) start ldap As the zimbra user: ldap start

Jump to: navigation, search