Directory Server#

In this section you can find directions and suggestions to deal with issues arising from the Directory Server.

Update Credentials#

In all cases when it is advisable to change the password of the Directory Server, follow the steps in the procedure described here.

Note

The procedure requires CLI access; all the commands must be executed as the zextras user.

Update Password on Master Directory Server#

We start by defining a robust password

zextras$ export newLdapPsw="aGoodPassword"

Then change all the Directory Server passwords.

zextras$ /opt/zextras/bin/zmldappasswd -r $newLdapPsw
zextras$ /opt/zextras/bin/zmldappasswd -p $newLdapPsw
zextras$ /opt/zextras/bin/zmldappasswd -b $newLdapPsw
zextras$ /opt/zextras/bin/zmldappasswd -l $newLdapPsw
zextras$ /opt/zextras/bin/zmldappasswd -n $newLdapPsw
zextras$ /opt/zextras/bin/zmldappasswd -a $newLdapPsw
zextras$ /opt/zextras/bin/zmldappasswd $newLdapPsw

Restart the services.

zextras$ zmcontrol restart

Finally, remove the saved password:

zextras$ unset newLdapPsw

Update Directory Replica Credentials#

In case the Carbonio infrastructure includes the Directory Replica Role, execute the following commands on each Node featuring the Role.

Define the password, which must be the same as the one on the Master Directory Server:

zextras$ export newLdapPsw="aGoodPassword"

Then change all the passwords.

zextras$ zmldappasswd -r $newLdapPsw
zextras$ zmldappasswd -l -c $newLdapPsw
zextras$ zmlocalconfig -f -e ldap_amavis_password=$newLdapPsw
zextras$ zmlocalconfig -f -e ldap_bes_searcher_password=$newLdapPsw
zextras$ zmlocalconfig -f -e ldap_nginx_password=$newLdapPsw
zextras$ zmlocalconfig -f -e ldap_postfix_password=$newLdapPsw
zextras$ zmlocalconfig -f -e ldap_replication_password=$newLdapPsw
zextras$ zmlocalconfig -f -e zimbra_ldap_password=$newLdapPsw

Restart the services.

zextras$ zmcontrol restart

Finally, remove the saved password:

zextras$ unset newLdapPsw

As a final check, ensure the LDAP replica is working:

zextras$ /opt/zextras/libexec/zmreplchk

Align all Other Nodes#

Define the password, which must be the same as the one on the Master Directory Server:

zextras$ export newLdapPsw="aGoodPassword"

Then change all the Directory Server passwords.

zextras$ zmlocalconfig -f -e ldap_amavis_password=$newLdapPsw
zextras$ zmlocalconfig -f -e ldap_bes_searcher_password=$newLdapPsw
zextras$ zmlocalconfig -f -e ldap_nginx_password=$newLdapPsw
zextras$ zmlocalconfig -f -e ldap_postfix_password=$newLdapPsw
zextras$ zmlocalconfig -f -e ldap_replication_password=$newLdapPsw
zextras$ zmlocalconfig -f -e zimbra_ldap_password=$newLdapPsw

Restart the services.

zextras$ zmcontrol restart

Finally, remove the saved password:

zextras$ unset newLdapPsw