How to Restore Zimbra LDAP database from Backup

In today’s guide, we will look at how to restore Zimbra LDAP database from Backup. This is one of the useful methods for disaster recovery. To use this method, you need to have a previous backup of LDAP configurations when it was in a good state.

I had an error below while trying to start Zimbra services.

$ zmcontrol start
Host mail.mydomain.com
Starting ldap…Done.
Unable to determine enabled services from ldap.
Unable to determine enabled services. Cache is out of date or doesn't exist.

After a lot of troubleshooting, I noted the problem was the LDAP database which couldn’t be repaired. The only solution to this was to rebuild the LDAP database.

Step 1: Stop Zimbra Services

In my server, I have a recent Zimbra LDAP backup located under /opt/zimbra/backup directory. But first you need to stop all Zimbra Services.

$ zmcontrol stop

Step 2: Backup Zimbra LDAP Data

Once the services are stopped, backup old data – You need to run this as a root user.

mv /opt/zimbra/data/ldap/config/  /opt/zimbra/data/ldap/OLDconfig/
mv /opt/zimbra/data/ldap/mdb/db  /opt/zimbra/data/ldap/mdb/OLD_db/

Then recreate LDAP data folders and give them correct permissions.

mkdir -p /opt/zimbra/data/ldap/mdb/db /opt/zimbra/data/ldap/mdb/logs
chown -R zimbra:zimbra /opt/zimbra/data/ldap
/opt/zimbra/libexec/zmfixperms -verbose

Step 3: Restore Zimbra LDAP database from backup.

Now that you have the data directories empty, navigate to the directory with your LDAP backup. If the backups are archived, you’ll need to uncompress them before restoration.

$ cd /opt/zimbra/backup/sessions/incr-20190218.230007.912/ldap
$ ls
ldap.bak.gz  ldap-config.bak.gz

Uncompress the Zimbra LDAP configurations files.

$ gunzip *.gz
$ ls
ldap.bak  ldap-config.bak

Restore ldap-config.bak using the slapadd command – Run as zimbra user.

$ slapadd -q -n 0 -F /opt/zimbra/data/ldap/config -cv -l ldap-config.bak
 added: "cn=config" (00000001)
 added: "cn=module{0},cn=config" (00000001)
 added: "cn=schema,cn=config" (00000001)
 added: "cn={0}core,cn=schema,cn=config" (00000001)
 added: "cn={1}cosine,cn=schema,cn=config" (00000001)
 added: "cn={2}inetorgperson,cn=schema,cn=config" (00000001)
 added: "cn={3}dyngroup,cn=schema,cn=config" (00000001)
 added: "cn={4}zimbra,cn=schema,cn=config" (00000001)
 added: "cn={5}amavisd,cn=schema,cn=config" (00000001)
 added: "cn={6}opendkim,cn=schema,cn=config" (00000001)
 added: "olcDatabase={-1}frontend,cn=config" (00000001)
 added: "olcDatabase={0}config,cn=config" (00000001)
 added: "olcDatabase={1}monitor,cn=config" (00000001)
 added: "olcDatabase={2}mdb,cn=config" (00000001)
 added: "olcOverlay={0}dynlist,olcDatabase={2}mdb,cn=config" (00000001)
 added: "olcOverlay={1}unique,olcDatabase={2}mdb,cn=config" (00000001)
 added: "olcOverlay={2}noopsrch,olcDatabase={2}mdb,cn=config" (00000001)
 ############## 100.00% eta   none elapsed            none fast!
 Closing DB…

Do the same for ldap.bak.

$ slapadd -q -b "" -F /opt/zimbra/data/ldap/config -cv -l ldap.bak

Step 4: Start Zimbra Services

After the restoration, try to start all Zimbra Services. You can start with LDAP service.

ldap start
ldap status

If it was successful, the bring up all other Zimbra Services.

# su - zimbra
$ zmcontrol start
Host mail.mydomain.com
     Starting ldap…Done.
     Starting zmconfigd…Done.
     Starting logger…Done.
     Starting convertd…Done.
     Starting mailbox…Done.
     Starting memcached…Done.
     Starting proxy…Done.
     Starting amavis…Done.
     Starting antispam…Done.
     Starting antivirus…Done.
     Starting opendkim…Done.
     Starting snmp…Done.
     Starting spell…Done.
     Starting mta…Done.
     Starting stats…Done.
     Starting service webapp…Done.
     Starting zimbra webapp…Done.
     Starting zimbraAdmin webapp…Done.
     Starting zimlet webapp…Done.
     Starting imapd…Done.

A check on status should show all services running.

$ zmcontrol status
 Host mail.mydomain.com
     amavis                  Running
     antispam                Running
     antivirus               Running
     convertd                Running
     imapd                   Running
     ldap                    Running
     logger                  Running
     mailbox                 Running
     memcached               Running
     mta                     Running
     opendkim                Running
     proxy                   Running
     service webapp          Running
     snmp                    Running
     spell                   Running
     stats                   Running
     zimbra webapp           Running
     zimbraAdmin webapp      Running
     zimlet webapp           Running
     zmconfigd               Running

You should now be able to access Zimbra Admin UI and perform your normal Email administration tasks. You can also check other Zimbra guides available in our blog.

How to solve Zimbra zmconfigd not running/starting

Install Zextras Suite on Zimbra CentOS 7

Zimbra Multi-Server Installation on CentOS 7

How to Set Secure Password Policy on Zimbra

Configure whitelist and blacklist Zimbra Amavis Spam filtering