Results 1 to 7 of 7

Thread: Slave LDAP re-installation. Previous accounts aren't shown, but new ones shown

  1. #1
    Join Date
    Jul 2007
    Posts
    98
    Rep Power
    8

    Question Slave LDAP re-installation. Previous accounts aren't shown, but new ones shown

    Hello all,
    Last nigh my slave ldap got hosed that I need to reinstall it.
    The machine only act as ldap replication.

    I re-installed it (as slave ldap of course) and all seems ok. Running zmcontrol status shows that ldap is running.

    However, when I run getent passwd, there aren't any previous account I created in zimbra. But, if I CREATE one in zimbra (master server), it shows in getent passwd in the slave.

    Why is that? Why the previously created accounts (before the slave reinstallation) are not shown in getent passwd? How do I resolve this?

    Thank you.

  2. #2
    Join Date
    Jul 2007
    Posts
    98
    Rep Power
    8

    Default

    I found a workaround for this.
    By tricking zimbra to think that I make a change in the user accounts (as simple as changing the status of the account from 'active' to 'maintenance' and then change back to 'active') and 'save' it. The account will be visible in slave using getent passwd again.

    It seems that the above procedure successfully 'force' the slave ldap server to 'refresh' it's copy of ldap database.

    The amount of work is not really horrible though since the number of users only about 100. But, I wonder if in the future when it reaches hundreds/thousands... it will take forever.

    Does anyone know what is happening? What is the proper way to 'force' slave ldap to refresh it's database? I compare the content of openldap-data directory on both master and slave, and they're both the same (size, etc).

  3. #3
    Join Date
    Jul 2007
    Posts
    98
    Rep Power
    8

    Default Good news?

    Well, I try another hacking.

    After examining the zmldapenablereplica I found out that the replicateLdap function is commented out. So, enable it. And also I disable the createLdapConfig function, because it conflicts with zimbra as PDC function.

    Anyway, it seems ok now. I can getent passwd/group with the same users/groups

    I'm not sure if this hack is the correct way. So, please if anyone knows the proper procedure please let me know.
    Thank you.

  4. #4
    Join Date
    Apr 2007
    Posts
    29
    Rep Power
    8

    Default

    I had a similar problem a while back after adding a new server - the LDAP replica just wouldn't replicate. I found that if I did a kill -HUP to the slapd process, then it seems to force it to sync. Give that a shot also.. BTW, the "dev1@domain.com" is an example account that wasn't syncing from the master server.

    Code:
    zimbra@devzimbra:~$ ps ax | grep slap 
     6329 ?        Ssl    0:00 /opt/zimbra/openldap/libexec/slapd -l LOCAL0 -4 -u zimbra -h ldap://devzimbra.domain.com:389 -f /opt/zimbra/conf/slapd.conf
    zimbra@devzimbra:~$ kill -HUP 6329
    zimbra@devzimbra:~$ zmprov gaa | grep dev
    dev1@domain.com

  5. #5
    Join Date
    Jul 2007
    Posts
    98
    Rep Power
    8

    Default

    Strange.
    I have zmcontrol stop/start, ldap stop/start. All the same. The database is not sync-ed. Doing all the above is the same as kill -HUP right?

  6. #6
    Join Date
    Apr 2007
    Posts
    29
    Rep Power
    8

    Default

    The only difference I can think of is that the kill -HUP will keep everything up and running. I'd much rather do the HUP then to restart everything on a production box.

  7. #7
    Join Date
    Jul 2007
    Posts
    98
    Rep Power
    8

    Default

    Can someone from zimbra comment on this case?
    Much appreciated

Similar Threads

  1. Upgrade: 4.5.5 -> 4.5.6 failed, LDAP/slapd issues
    By Daimyo in forum Installation
    Replies: 7
    Last Post: 08-04-2007, 10:23 PM
  2. Zimbra Install Problem - getDirectContext
    By bsimzer in forum Installation
    Replies: 27
    Last Post: 07-19-2007, 11:12 AM
  3. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 07:45 AM
  4. Installation Problem - Possibly LDAP
    By geroshea in forum Installation
    Replies: 5
    Last Post: 03-16-2007, 05:47 AM
  5. Replies: 4
    Last Post: 11-15-2006, 12:16 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •