Results 1 to 2 of 2

Thread: LDAP data not correct on replica host

  1. #1
    Join Date
    Jun 2012
    Posts
    21
    Rep Power
    3

    Default LDAP data not correct on replica host

    Hi All,

    Recently my company upgraded ZCS from 7.1.3 to 7.2. My setup is that we have 2 MTA and 3 mailstore where mail01 (one of the MTA) is the LDAP master and mail02 is the LDAP replica host.

    I use the Zimbra Admin console to create a test account "btest@abc.com". I did a search on mail01 and found that the test account in not found in mail01. I then did a search on mail02 and found that the test account is found there.

    We noticed a problem with the SSL certs in the LDAP master and replica host which we have resolved but as a result, there is some leftover damage to the LDAP.

    On the LDAP master, I did a zmprov -l gaa abc.com | grep test and I got:
    atest@abc.com

    On the replica host, I did a zmprov -l gaa abc.com | grep test and I got:
    atest@abc.com
    btest@abc.com

    Checking zmreplchk show the LDAP replication is in sync. From Zimbra Admin console, I can see the "btest@abc.com" account but am unable to delete it from Zimbra.

    Based on the above, I want to ask:
    1. How can I remove the extra data (btest@abc.com) in mail02?
    2. Is there a command to force the replica host to remove items not found in the master host?
    3. Is there a command to reinitialize the replica host so that it drops all database and re-sync from the LDAP master?

    Thanks & Regards.

  2. #2
    Join Date
    Jun 2012
    Posts
    21
    Rep Power
    3

    Default LDAP Sync check

    Hi All,

    I would like to refresh this topic. Now my Zimbra servers is upgraded to Release 8.0.6.GA.5922.UBUNTU12.64 UBUNTU12_64 FOSS edition. This problem of the LDAP database out-of-sync is still there so now I found out that you can actually do a ldap import from the master ldap which I have done.

    Now I want to check the ldap replication status and I tried to use /opt/zimbra/libexec/zmreplchk, I got the following error
    [CODE]zimbra@mail02:/$ /opt/zimbra/libexec/zmreplchk
    SSL_ca_path /opt/zimbra
    /conf/ca does not exist at /opt/zimbra/zimbramon/lib/IO/Socket/SSL.pm line 377.
    [CODE]

    I tried to run it in /opt/zimbra and / also does not work. I checked that I have the /opt/zimbra/conf/ca directory. What is wrong? Is there other ways to check the LDAP sync?

    Thanks & Regards.

    Quote Originally Posted by Paladinemishakal View Post
    Hi All,

    Recently my company upgraded ZCS from 7.1.3 to 7.2. My setup is that we have 2 MTA and 3 mailstore where mail01 (one of the MTA) is the LDAP master and mail02 is the LDAP replica host.

    I use the Zimbra Admin console to create a test account "btest@abc.com". I did a search on mail01 and found that the test account in not found in mail01. I then did a search on mail02 and found that the test account is found there.

    We noticed a problem with the SSL certs in the LDAP master and replica host which we have resolved but as a result, there is some leftover damage to the LDAP.

    On the LDAP master, I did a zmprov -l gaa abc.com | grep test and I got:
    atest@abc.com

    On the replica host, I did a zmprov -l gaa abc.com | grep test and I got:
    atest@abc.com
    btest@abc.com

    Checking zmreplchk show the LDAP replication is in sync. From Zimbra Admin console, I can see the "btest@abc.com" account but am unable to delete it from Zimbra.

    Based on the above, I want to ask:
    1. How can I remove the extra data (btest@abc.com) in mail02?
    2. Is there a command to force the replica host to remove items not found in the master host?
    3. Is there a command to reinitialize the replica host so that it drops all database and re-sync from the LDAP master?

    Thanks & Regards.

Similar Threads

  1. Failed to bind to LDAP server
    By tezarin in forum Administrators
    Replies: 4
    Last Post: 01-23-2012, 09:26 AM
  2. zmclamdctl is not running after upgrade
    By Darren in forum Installation
    Replies: 24
    Last Post: 10-10-2008, 10:10 AM
  3. Replies: 20
    Last Post: 03-18-2008, 06:37 AM
  4. Replies: 2
    Last Post: 02-12-2008, 11:55 AM
  5. Replies: 2
    Last Post: 05-24-2006, 11:01 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •