View Poll Results: Is this a stupid questions?

Voters
1. You may not vote on this poll
  • Yeah RTFHM (H=hidden) !@!#$#$%@

    0 0%
  • No man, pure genius!

    1 100.00%
  • Meh.

    0 0%
  • I dunno, I'm busy Mother's Day shopping (reminder!)

    0 0%
Results 1 to 8 of 8

Thread: LDAP Replication: Updated materials/docs/howtos/zen-mind-waves??

  1. #1
    andreturpin Guest

    Default LDAP Replication: Updated materials/docs/howtos/zen-mind-waves??

    Hi there,

    I've poked through the Multi-Site Installation guide and some notes I found in the Wiki as well as some release notes about setting LDAP replication up. I've tried a couple times to get it running and not been able. Each time I try, I have a working multisite setup, with a master LDAP host, and mail routing working and the address books displaying names/addresses properly, mail routes from mailboxes on one server to users on another, so all in all, everything is function _until_ I try LDAP replication.

    I think something important to note, just from reading other posts, is I do _not_ have my MX and A records setup officially. I _am_ running named on each server to do caching and I have setup the zones for my domain and that stuff all works fine, I just haven't transferred authority for my domain over to my nameservers, as our mail is currently outsourced and I'm migrating it in-house. All name resolution in-house on systems involved is pointing to my inhouse-DNS servers, so it should seem to Zimbra and any services involved that my nameservers are _THEBOSSOF_ my domain...ie-they aren't talking to any DNS servers out on the interweeb.

    (as an aside, is it objectionable to be running named on your zimbra servers for caching and resolution? the DNS load is currently distributed across three zimbra/dns servers)

    I noticed in rsharpe's post from a few days ago (LDAP Replication Stops)
    that KevinH mentioned there may be a a fix in a 3.1.1 patch release coming soon...and today I notice 3.1.1_GA_394...it this the magic I've been hoping for??

    Anyway, I did a pretty poor job of keeping my errors logged, and now that I've stoped LDAP replication and resetup the hurt...but what did happen was Zimbra-store would error like mad, postfix spitting out a ton of messages about things not working, like pages and pages of it, so I'd edit the ldap_url and put different concoctions in there of my main and backup servers, trying just the main one, or just the localhost one, or localhost first and main second, little success. I did notice initially in my [b]zmlocalconfig[b] output, that the second server defined in ldap_url has the port number stapled on the end, but it was the only one...like
    ldap_url="ldap://backup.example.com ldap://main.example.com:389"
    which seemed wierd.

    So with some tinkering of ldap_url I did get all the services to finally startup again without err...but when I went into admin console and clicked on the second server, got


    Message: Csfe service error
    Error code: service.PROXY_ERROR
    Method: ZmCsfeCommand.invoke
    Details:error while proxying request to target server (url=https://hr2.kinglandford.com:7071/service/admin/soap/): Connection refused


    Any ideas on this? I realize I haven't got the necessary details here for someone to really diagnose this, but I hope to open up some dialogue on this replication subject. I've been showing lots of people the interface and the admin interface, and they're totally floored, often comments about how much they hate Exchange and want to dump it for Zimbra (after seeing it). So I've recommended it a few places, and I know that one of the questions is how it handles multiple sites and message routing, etc, etc.

    Thanks for any input or direction on this, and thanks to the Zimbra guys for a great product (my days of being whipped into submission by qmail are over).

  2. #2
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    18

    Default

    LDAP replication should be working better in 3.1.1. Your best bet is to upgrade to that and then restest it. Start first with replication off and then turn it on. It's still not 100% as we've hit some errors but it should be working better.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  3. #3
    andreturpin Guest

    Default

    Thanks for the reply Kevin, appreciated. It is 3.1.1 latest RHEL package that I'm working with, and it was acting up with. I'm sitting on it a bit, as I have some other servers to bring online, and then I'll test again before we have to go into production.

    Just want to make check, I'm uncertain which is authoritative document on setting up replication, the post you made awhile back in the forums (I think the date on it was November, 2005), or the Wiki (http://wiki.zimbra.com/index.php?title=LDAP) or a release note I saw in a CVS awhile back (link seems to be dead at the moment...but it's http://cvs.zimbra.com:8080/viewrep/~...tion_howto.txt)

    Reason I ask is there is a little variance in the post-install steps where you update the ssh keys and tell the second machine to become an LDAP replica, etc.

    Thanks for you help, much appreciated!

    -Andre

  4. #4
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    18

    Default

    I think the how-to in the docs dir is the *most* recent. In general this feature is pretty new. I talked some a couple folks and it seems the *fix* for 3.1.1 was to just comment out replication. So we never got it working. Lots of nasty problems with BDB, SASL, and SSL.

    BTW: How big is the system your building? For most smaller systems you don't *need* a replica. Unless your getting hammered by spam and want to offload the mta/replica some dedicated boxes it won't be a huge hit.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  5. #5
    andreturpin Guest

    Default

    It's not so much that I have a big site, we're only talking a few hundred mailboxes here, involving three servers and possible one or two more as other "arms" of the business get involved, but it's all about geography and cost savings.

    Where I'm located in the Northwest Territories (northern Canada, up by Santa's workshop) bandwidth is at a premium cost and it's not as plentiful as I'd like. We also find the responsivness of our WAN connections and stability are limited, so my mandate is keeping as much traffic off the WAN and on the local networks as possible. Updates to my LDAP databases will be so infrequent that any LDAP replication would pale in comparison to the bandwidth used in lookup of every message that passes the MTA. I know LDAP is light in that regard (hence the Lightweigh in LDAP) but I also have to consider the times that our site-to-site WAN links degrade or go down completely. It would be nice if mail operations in the local office could continue gracefully while just queueing any remote mail for when the link is back up.

    Does this make sense, or am I outotlunch?

    Thanks,
    Andre

  6. #6
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    18

    Default

    Yep makes perfect sense. Slow WANs and bandwidth concerns are very valid reasons to replicate. Hopefully we'll get this working soon. Current plan is the next release.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  7. #7
    rsharpe is offline Elite Member & Volunteer
    Join Date
    Nov 2005
    Location
    London, ON
    Posts
    255
    Rep Power
    9

    Default

    Quote Originally Posted by KevinH
    I think the how-to in the docs dir is the *most* recent. In general this feature is pretty new. I talked some a couple folks and it seems the *fix* for 3.1.1 was to just comment out replication. So we never got it working. Lots of nasty problems with BDB, SASL, and SSL.

    BTW: How big is the system your building? For most smaller systems you don't *need* a replica. Unless your getting hammered by spam and want to offload the mta/replica some dedicated boxes it won't be a huge hit.

    Is there a bug that we can track or vote upon for this Kevin????? Thanks!

  8. #8
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    18

    Default

    I don't see one.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. LDAP Replication Experiences
    By technikolor in forum Administrators
    Replies: 4
    Last Post: 11-12-2008, 12:52 AM
  2. Something's wrong with the LDAP replication Wiki
    By fajarpri in forum Installation
    Replies: 12
    Last Post: 07-29-2007, 04:59 PM
  3. Zimbra Install Problem - getDirectContext
    By bsimzer in forum Installation
    Replies: 27
    Last Post: 07-19-2007, 10:12 AM
  4. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM
  5. LDAP Replication
    By rsharpe in forum Installation
    Replies: 3
    Last Post: 02-28-2006, 07:17 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •