ZCS Multi-Server Installation Guide, Network Edition 4.5
Table of Contents Previous Next Index


LDAP Replication Installation

LDAP Replication Installation
Setting up LDAP replication lets you distribute Zimbra server queries to specific replica LDAP servers. Only one master LDAP server can be set up. This server is authoritative for user information, server configuration, etc. Replica LDAP servers can be defined to improve performance and to reduce the load on the master server. All updates are made to the master server and these updates are copied to the replica servers.
The Zimbra install program is used to configure a master LDAP server and additional read-only replica LDAP servers. The master LDAP server is installed and configured first, following the normal ZCS installation options. The LDAP replica server installation is modified to point the replica server to the LDAP master host and to set the replica LDAP status to Disabled.
After the master LDAP server and the replica LDAP servers are correctly installed and configured, the following additional configuration is required.
Installing Zimbra Master LDAP Server
You must install the master LDAP server before you can install replica LDAP servers.
1.
Follow steps 1 through 4 in the Multiple-Server installation chapter, Starting the Installation Process section to open a SSH session to the LDAP server, log on to the server as root, and unpack the Zimbra software.
2.
The Zimbra packages to installed should be marked Y. Those packages that should not be installed mark N.
Note: These directions and screen shots are for installing the zimbra-LDAP package.
 
3.
Type y, and press Enter to modify the system. The selected packages are installed on the server.
The Main menu shows the default entries for the LDAP server. To expand the menu to see the configuration values type x and press Enter. The main menu expands to display configuration details for the LDAP server.
 
2) Ldap Master host:                   ldap.example.com
   r) Start servers after configuration yes
4.
Type 4 to display the automatically generated LDAP password. You can change this password.
Note: Remember the LDAP password, the LDAP master host name, and the LDAP port. You must configure this information when you install the LDAP replica servers.
5.
Type 5 to change the zimbra-ldap settings.
Type 3 to change the default domain name to the email domain name.
 
6.
When the LDAP server is configured, type a to apply the configuration changes. Press Enter to save the configuration data.
 
7.
When Save Configuration data to a file appears, press Enter.
8.
When The system will be modified - continue? appears, type y and press Enter.
The server is modified. Installing all the components and configuring the server can take a few minutes.
9.
When Installation complete - press return to exit displays, press Enter.
The installation of the master LDAP server is complete.
Installing a Replica LDAP Server
The master LDAP server must be running when you install the replica server. You run the ZCS install program on the replica server to install the LDAP package, but you make the following configuration changes.
Important: If you do not disable the ldap replica servers, a new directory server is created and you will have separate mail systems.
On the Main menu, you change the LDAP master host name, port and LDAP password to be the same as on the Master LDAP server.
Follow steps 1 through 4 in Starting the Installation Process section to open a SSH session to the LDAP server, log on to the server as root, and unpack the Zimbra software.
1.
The zimbra-ldap package should be marked y.
 
2.
Type y, and press Enter to modify the system. The selected packages are installed.
The Main menu shows the default entries for the LDAP replica server. To expand the menu type x and press Enter.
 
2) Ldap Master host:                   ldapRep.example.com
   r) Start servers after configuration yes
 
3.
Type 5 to disable the zimbra-ldap settings.
Type 1 to change the Status to Disabled.
Important, if you do not disable the replica LDAP servers, a new directory server is created and you will have separate mail systems.
 
4.
Type 2 and change the Ldap Master host name to the Master LDAP host name.
5.
Type 3, and change the port to the same port as configured for the Master LDAP server.
6.
Type 4 and change the password to the Master LDAP server password.
7.
When the LDAP server is configured, type a to apply the configuration changes. Press Enter to save the configuration data.
 
8.
When Save Configuration data to a file appears, press Enter.
9.
When The system will be modified - continue? appears, type y and press Enter.
The server is modified. Installing all the components and configuring the server can take a few minutes.
10.
When Installation complete - press return to exit displays, press Enter.
The installation on the replica LDAP server is complete.
Setting Up Zimbra LDAP Servers for Replication
After the master and replica LDAP servers are installed, before LDAP replication will work you must complete the following steps.
CLI commands are run as Zimbra user.
To set up the LDAP servers
1.
zmupdateauthkeys and press Enter. The key is updated on /opt/zimbra/.ssh/authorized_keys.
zmldapenablereplica and press Enter. This enables replication on the Master.
2.
zmupdateauthkeys and press Enter
zmldapenablereplica and press Enter. This sets up the replication account in the directory and makes a copy of the master content to the replica LDAP server.
Note: If zmupdateauthkeys does not fetch the keys correctly, run zmsshkeygen on both servers and rerun zmupdateauthkeys.
To test the replica
1.
Create several user accounts, either from the admin console or on the master LDAP server. The CLI command is zmprov ca <name@domain.com> <password>
2.
To see if the accounts were correctly copied to the replica LDAP server, on the replica LDAP server, type zmprov gaa. The accounts created on the master LDAP server should display on the replica LDAP server.
Configuring Zimbra Servers to use LDAP Replica
To use the replica LDAP server instead of the master LDAP server, you must update the ldap_url value on the Zimbra servers that will query the replica instead of the master. For each server that you want to change:
1.
2.
zmlocalconfig -e ldap_url=ldap://<replicahost> ldap://<masterhost>
Enter more than one replica hostnames in the list typed as ldap://<replicahost1> ldap://<replicahost2> ldap://<masterhost>. The hosts are tried in the order listed. The master URL must always be included and is listed last.
3.

LDAP Replication Installation

Table of Contents Previous Next Index
ZCS Multi-Server Installation Guide, Network Edition 4.5
Copyright © 2007 Zimbra Inc.