So following King0770-Notes-MovingUsers - Zimbra :: Wiki to migrate from a RHEL5 32bit zcs 7.2.5 NE install to Ubuntu 10 64bit zcs 7.2.5NE we've successfully migrated all accounts, using proxy we had next to no down time. Went to promote replica by following:Promoting Replica to LDAP Master - Zimbra :: Wiki we get invalid credentials ldap error 49. when running ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password"

we confirmed zmlocalconfig -s ldap_root_password matches old server and new.
we confirmed ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password" runs fine onthe old server
we confirmed ldapmodify -x -H ldapi:/// -D "cn=config" -w "ldap root password" runs fine on our test environment replica machine

clearly replication is working as all accounts are on both servers and everything is working fine on the replica.
Certificates match (was a wild card) on both servers.

no obvious errors that i can find in /var/log/zimbra.log

tried to see if /opt/zimbra/libexec/zmldapreplicatool -t off based on this wiki Turning off starttls for replication - Zimbra :: Wiki (can't find the post that referenced it) but the command wouldn't run on either server
Tried Resetting LDAP and MySQL Passwords - Zimbra :: Wiki (It says only to zcs 5.. but the command and its values still seems the same) the zmldappasswd -r newrootpass (same as zmlocalconfig -s ldap_root_password) seems to run ok, but still no joy on the ldapmodify command.

We've opened a ticket with support but no response as of yet.. I am posting to see if anyone has any further suggestions... I have a feeling its something like the replica ldap password hash doesn't match "zmlocalconfig -s ldap_root_password" when trying the direct ldapmodify command or something like that.... but i defer to the experts!