Difference between revisions of "Zimbra-LDAP Multival Configuration"

(Verify the database.)
Line 25: Line 25:
 
==== Configure MultiVal ====
 
==== Configure MultiVal ====
 
Note based upon MMR and standalone server, you will have to use the config db.  
 
Note based upon MMR and standalone server, you will have to use the config db.  
 
 
* For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config
 
* For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config
  
Line 54: Line 53:
  
 
==== Verify the configuration. ====
 
==== Verify the configuration. ====
 
+
As zimbra user:
 
   $ source /opt/zimbra/bin/zmshutil ; zmsetvars ;  
 
   $ source /opt/zimbra/bin/zmshutil ; zmsetvars ;  
 
   $ ldapsearch -LLL -x -H ldapi:/// -D cn=config -w $ldap_root_password -b cn=config | grep -e olcSortVals -e olcDbMultival
 
   $ ldapsearch -LLL -x -H ldapi:/// -D cn=config -w $ldap_root_password -b cn=config | grep -e olcSortVals -e olcDbMultival
Line 73: Line 72:
 
   $ /opt/zimbra/libexec/zmslapcat /path/to/output/dir
 
   $ /opt/zimbra/libexec/zmslapcat /path/to/output/dir
  
5) Export the accesslog database to LDIF (if this is a master server)
+
====  Export the accesslog database to LDIF (if this is a master server) ==== 
 
As zimbra user:
 
As zimbra user:
/opt/zimbra/libexec/zmslapcat -a /path/to/output/dir
+
  $ /opt/zimbra/libexec/zmslapcat -a /path/to/output/dir
  
6) Stop ldap on the server
+
====  Stop ldap on the server ==== 
 
As zimbra user:
 
As zimbra user:
ldap stop
+
  $ ldap stop
  
7) Reload the primary database
+
==== Reload the primary database ====
 
As the zimbra user:
 
As the zimbra user:
 +
  $ cd /opt/zimbra/data/ldap
 +
  $ mv mdb mdb.old
 +
  $ mkdir -p mdb/db
 +
  $ /opt/zimbra/libexec/zmslapadd /path/to/output/dir/ldap.bak
  
cd /opt/zimbra/data/ldap
+
==== Reload the accesslog database (if this is a master server) ====
mv mdb mdb.old
 
mkdir -p mdb/db
 
/opt/zimbra/libexec/zmslapadd /path/to/output/dir/ldap.bak
 
 
 
8)Reload the accesslog database (if this is a master server)
 
  
 
As the zimbra user:
 
As the zimbra user:
 
+
  $ cd /opt/zimbra/data/ldap
cd /opt/zimbra/data/ldap
+
  $ mv accesslog accesslog.old
mv accesslog accesslog.old
+
  $ mkdir -p accesslog/db
mkdir -p accesslog/db
+
  $ /opt/zimbra/libexec/zmslapadd -a /path/to/output/dir/ldap-accesslog.bak
/opt/zimbra/libexec/zmslapadd -a /path/to/output/dir/ldap-accesslog.bak
 
  
 
9)  start ldap
 
9)  start ldap
 
As the zimbra user:
 
As the zimbra user:
ldap start
+
  $ ldap start

Revision as of 13:59, 16 August 2018

Prerequisite: Install latest zimbra-openldap0-server version 2.4.46-1zimbra8.7b2 or above.


Restart ldap

Restart ldap as zimbra user:

 $ su - zimbra
 $ ldap restart

Configure SortVal

Use ldapmodify commands to add sortval configuration in config db. ldapmodify takes one or more LDIF update statements configured at the command-line, and ends the input with an end-of-file (EOF) marker. Type Control-D (^d) as EOF.

 $ ldapmodify -c -H "ldap://master_ldap_hostname:389" -D cn=config -w $ldap_root_password 
 dn: olcDatabase={-1}frontend,cn=config
 changetype: modify
 add: olcSortVals
 olcSortVals: zimbraACE
 olcSortVals: zimbraAuthTokens
 olcSortVals: zimbraCsrfTokenData
 olcSortVals: zimbraPasswordLockoutFailureTime
 
  

Configure MultiVal

Note based upon MMR and standalone server, you will have to use the config db.

  • For a master in an ldap + replica or MMR setup use olcDatabase={3}mdb,cn=config
 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
 dn: olcDatabase={3}mdb,cn=config
 changetype: modify
 add: olcDbMultivalHi
 olcDbMultivalHi: 100
 
 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
 dn: olcDatabase={3}mdb,cn=config
 changetype: modify
 add: olcDbMultivalLo
 olcDbMultivalLo: 3
  • For a standalone ldap server or a replica then use olcDatabase={2}mdb,cn=config
 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
 dn: olcDatabase={2}mdb,cn=config
 changetype: modify
 add: olcDbMultivalHi
 olcDbMultivalHi: 100
 
 $ ldapmodify -c -H "ldap:// master_ldap_hostname:389" -D cn=config -w $ldap_root_password
 dn: olcDatabase={2}mdb,cn=config
 changetype: modify
 add: olcDbMultivalLo
 olcDbMultivalLo: 3

Verify the configuration.

As zimbra user:

  $ source /opt/zimbra/bin/zmshutil ; zmsetvars ; 
  $ ldapsearch -LLL -x -H ldapi:/// -D cn=config -w $ldap_root_password -b cn=config | grep -e olcSortVals -e olcDbMultival
  olcAttributeTypes: ( OLcfgGlAt:83 NAME 'olcSortVals' DESC 'Attributes whose va
  olcAttributeTypes: ( OLcfgDbAt:12.6 NAME 'olcDbMultivalHi' DESC 'Threshold for
  olcAttributeTypes: ( OLcfgDbAt:12.7 NAME 'olcDbMultivalLo' DESC 'Threshold for
  axSize $ olcDbMode $ olcDbSearchStack $ olcDbRtxnSize $ olcDbMultivalHi $ olc
  olcSortVals: zimbraACE
  olcSortVals: zimbraAuthTokens
  olcSortVals: zimbraCsrfTokenData
  olcSortVals: zimbraPasswordLockoutFailureTime
  olcDbMultivalLo: 3
  olcDbMultivalHi: 100

Export the primary database to LDIF.

As zimbra user:

 $ su - zimbra
 $ /opt/zimbra/libexec/zmslapcat /path/to/output/dir

Export the accesslog database to LDIF (if this is a master server)

As zimbra user:

  $ /opt/zimbra/libexec/zmslapcat -a /path/to/output/dir

Stop ldap on the server

As zimbra user:

  $ ldap stop

Reload the primary database

As the zimbra user:

  $ cd /opt/zimbra/data/ldap
  $ mv mdb mdb.old
  $ mkdir -p mdb/db
  $ /opt/zimbra/libexec/zmslapadd /path/to/output/dir/ldap.bak

Reload the accesslog database (if this is a master server)

As the zimbra user:

 $ cd /opt/zimbra/data/ldap
 $ mv accesslog accesslog.old
 $ mkdir -p accesslog/db
 $ /opt/zimbra/libexec/zmslapadd -a /path/to/output/dir/ldap-accesslog.bak

9) start ldap As the zimbra user:

 $ ldap start
Jump to: navigation, search