The reasons can vary from an emergency restore of user accounts, to changing system architecture. In this Administrator’s PowerTip we will discuss how to export(dump) LDAP data to disk, and re import it.
Administrator’s PowerTip #2: May 24, 2007
Zimbra Forums – Zimbra wiki –
Introduction:
LDAP stands for Lightweight Directory Access Protocol.
Zimbra’s LDAP contains: global configuration, user authentication, Server, Domain, and Class of Service information.
Additionally, information relating to: External LDAP Authentication and External GAL
Most of this data can be viewed and configured via the Admin Console or with the zmprov command from the shell. LDAP does not contain mail messages.
There are various reasons an administrator may want to export, or dump, the Zimbra LDAP data to disk. For example, if you are switching architectures from x86 to x64, you must dump the LDAP data to disk.
For Network Edition users, a comparable procedure is performed when a global backup is performed.
It should be noted that this procedure should NOT be used for upgrades. For example, if you are running ZCS version 4.0, and want to dump the data, you must then use ZCS version 4.0 tools to re import it. Cross version imports and exports should not be used.
Dumping LDAP Data to Disk :
Exporting the data will place all of your LDAP Data into a single, movable .LDIF file.
| su – zimbra openldap/sbin/slapcat -f /opt/zimbra/conf/slapd.conf -l /tmp/ldap.ldif 6.0+: /opt/zimbra/libexec/zmslapcat /backup |
Removing Current LDAP Data :
WARNING: DO NOT perform this on a production system. This procedure will wipe all usernames and passwords!
In order to import the LDAP data that we have exported, you will need to remove the current ldap data on the system.
| su – zimbra zmcontrol stop ps auxx | grep slapd (If ldap is still running, kill it) rm -f openldap-data/* |
Importing LDAP Data :
| su – zimbra openldap/slapadd -f /opt/zimbra/conf/slapd.conf -l /tmp/ldap.ldif |
Verify It’s Working :
| openldap/slapcat -f /opt/zimbra/conf/slapd.conf
or zmprov gaa |
More Information :
Zimbra’s LDAP Wiki Page: http://wiki.zimbra.com/index.php?title=LDAP
Introduction To LDAP: http://www.ldapman.org/articles/intro_to_ldap.html
Special Thanks to Carlos from the Zimbra Forums!
Tree Picture Credit: Guerito from Flickr – http://flickr.com/photos/guerito/6782040/
UPDATE for 6.0:
To dump on the 32-bit:
/opt/zimbra/libexec/zmslapcat /backup
Which is essentially running ${zimbra_home}/openldap/sbin/slapcat -F ${zimbra_home}/data/ldap/config -b “” -l $DEST/ldap.bak.${D}
To import on the 64-bit:
a. rm -rf /opt/zimbra/data/ldap/hdb/*
b. If this is an ldap master with replicas: rm -rf /opt/zimbra/data/ldap/accesslog/*
c. mkdir -p /opt/zimbra/data/ldap/hdb/db /opt/zimbra/data/ldap/hdb/logs
d. If this is an ldap master with replicas: mkdir -p /opt/zimbra/data/ldap/accesslog/db /opt/zimbra/data/accesslog/logs
e. Copy the file /opt/zimbra/data/ldap/hdb/db/DB_CONFIG from the 32-bit server to /opt/zimbra/data/ldap/hdb/db on the 64-bit server. Note: If this file does not exist, or is empty, creating it may improve performance.
f. Type chown -R zimbra:zimbra /opt/zimbra/data/ldap
g. Copy from the 32-bit server to the 64-bit server the /backup/ldap.bak file.
h. Type /opt/zimbra/openldap/sbin/slapadd -q -b “” -F /opt/zimbra/data/ldap/config -cv -l /backup/ldap.bak.
I tried this procedure using 5.0.21 version to migrate from 32bits to 64bits but. After that, I am receiving the error message:
zimbramon[9625]: 9625:info: zmmtaconfig: gacf ERROR: service.FAILURE (system failure: unable to get config) (cause: javax.naming.AuthenticationException [LDAP: error code 49 – Invalid Credentials])
What is wrong? Thanks in advance
what about zimbra 7?