zimbra6同域名与同hostname与同系统异机恢复

系统：redhat5.4_64

安装DNS：
[root@test6 ~]# yum install bind -y
[root@test6 ~]# yum install bind-chroot -y
[root@test6 etc]# yum install caching-nameserver -y

[root@test6 named]# cat /var/named/chroot/etc/named.conf
options
{
listen-on port 53 { 192.168.10.234; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 192.168.10.0/24; };
recursion yes;
forwarders { 218.104.111.114; 218.104.111.122; };
};

zone "ccxe.com" IN {
type master;
file "benet.zx";
};
zone "10.168.192.in-addr.arpa" IN {
type master;
file "benet.fx";
};

[root@test6 named]# cat /var/named/chroot/var/named/benet.zx
$TTL 86400
@ IN SOA ccxe.com. root.ccxe.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS ns1.ccxe.com.
ns1 IN A 192.168.10.234
www IN A 192.168.10.234
@ IN MX 10 mail.ccxe.com.
mail IN A 192.168.10.234
test6 IN A 192.168.10.234

[root@test6 named]# cat /var/named/chroot/var/named/benet.fx
$TTL 86400
@ IN SOA ccxe.com. root.ccxe.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.ccxe.com.
234 IN PTR ns1.ccxe.com.
234 IN PTR www.ccxe.com.
234 IN PTR mail.ccxe.com.
234 IN PTR test6.ccxe.com.

[root@test6 named]# cat /etc/resolv.conf
search ccxe.com
#nameserver 218.104.111.114
#nameserver 218.104.111.122
nameserver 192.168.10.234

安装zimbra：
关闭sendmail服务、关闭httpd服务。禁止开机启动。
[root@test6 ~]# yum install sysstat -y
[root@test6 named]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.10.234 test6.ccxe.com

[root@test6 tmp]# tar -zxvf zcs-6.0.8_GA_2661.RHEL5_64.20100820052503.tgz
[root@test6 tmp]# mv zcs-6.0.8_GA_2661.RHEL5_64.20100820052503 zcs
[root@test6 tmp]# cd zcs
[root@test6 zcs]# ./install.sh
一路按Y
install zimbra-proxy 按N
一路安装，选择3--选择4--设置admin密码--选21--按r--按a
不通知
完成。
登录https://192.168.10.234:7071/zimbraAdmin/
[root@test6 named]# su - zimbra

[zimbra@test6 ~]$ zmlocalconfig -s |grep password
ldap_amavis_password = GdpHujkAkr
ldap_nginx_password = GdpHujkAkr
ldap_postfix_password = GdpHujkAkr
ldap_replication_password = GdpHujkAkr
ldap_root_password = GdpHujkAkr
mailboxd_keystore_base_password = zimbra
mailboxd_keystore_password = DwNvA9bpSo
mailboxd_truststore_password = changeit
mysql_root_password = 0FH4ILTDaJWBj.TJSeEtzTsRt67XHv
zimbra_ldap_password = GdpHujkAkr
zimbra_logger_mysql_password = zimbra
zimbra_mysql_password = RLv1g95JH44VRfBF3SmzaF5E_rP_odR

同系统同域名同hostname异机恢复：
原主机192.168.10.234，新主机192.168.10.231

192.168.10.234上的操作
1.先备份原系统数据：
备份ldap信息
[zimbra@test6 ~]$ ldapsearch -h 192.168.10.234 -x -D "uid=zimbra,cn=admins,cn=zimbra" -w GdpHujkAkr > /opt/zimbra/backup/20170815.ldap.bak
备份邮件内容以及mysql索引文件
[zimbra@test6 ~]$ mkdir /opt/zimbra/backup/store
[zimbra@test6 ~]$ cp -r /opt/zimbra/store/* /opt/zimbra/backup/store/
[zimbra@test6 ~]$ mkdir /opt/zimbra/backup/index
[zimbra@test6 ~]$ cp -r /opt/zimbra/index/* /opt/zimbra/backup/index/
备份密码信息
[zimbra@test6 ~]$ zmlocalconfig -s |grep password > /opt/zimbra/backup/password.bak
备份mysql信息
[zimbra@test6 ~]$ netstat -anp|grep 7306
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 127.0.0.1:7306 0.0.0.0:* LISTEN 21106/mysqld
tcp 0 0 127.0.0.1:7306 127.0.0.1:35907 ESTABLISHED 21106/mysqld
tcp 0 0 ::ffff:127.0.0.1:35907 ::ffff:127.0.0.1:7306 ESTABLISHED -
[zimbra@test6 ~]$ ps -ef |grep 21106
zimbra 21106 20965 0 09:06 pts/1 00:00:00 /opt/zimbra/mysql/libexec/mysqld --defaults-file=/opt/zimbra/conf/my.cnf --basedir=/opt/zimbra/mysql --datadir=/opt/zimbra/db/data --pid-file=/opt/zimbra/db/mysql.pid --skip-external-locking --port=7306 --socket=/opt/zimbra/db/mysql.sock --external-locking
zimbra 25074 9790 0 09:45 pts/1 00:00:00 grep 21106
[zimbra@test6 ~]$ /opt/zimbra/mysql/bin/mysqldump -u root -p0FH4ILTDaJWBj.TJSeEtzTsRt67XHv --socket=/opt/zimbra/db/mysql.sock --opt -R --all-databases > /opt/zimbra/backup/zimbra.dump.20170815.sql
停止zimbra
更改DNS指向192.168.10.231
[root@test6 zcs]# vim /var/named/chroot/var/named/benet.zx
:1,$s/234/231/gi
[root@test6 zcs]# vim /var/named/chroot/var/named/benet.fx
:1,$s/234/231/gi
[root@test6 zcs]# service named restart

192.168.10.231上的操作
更改hosts文件，更改dns服务器，关闭sendmail服务、关闭httpd服务，安装zimbra。
测试是否能够正常使用
将192.168.10.234backup目录内容拷贝到192.168.10.231的/opt/zimbra/backup目录下，注意权限
[root@test6 ~]# cd /opt/zimbra/backup/
[root@test6 backup]# chown -R zimbra.zimbra *
更改mysql相关密码：
[zimbra@test6 backup]$ zmmypasswd --root 0FH4ILTDaJWBj.TJSeEtzTsRt67XHv
/opt/zimbra/bin/mysqladmin -u root --password=PeMOvjHp9Ac39L18b5DEdj93g password 0FH4ILTDaJWBj.TJSeEtzTsRt67XHv
* Changed mysql root user password
* Changed mysql root user password root@localhost

[zimbra@test6 backup]$ zmmypasswd RLv1g95JH44VRfBF3SmzaF5E_rP_odR
* Changed zimbra mysql user password

测试mysql登录
[zimbra@test6 backup]$ mysql -uroot -p0FH4ILTDaJWBj.TJSeEtzTsRt67XHv
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 513
Server version: 5.0.90-log Source distribution

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql>

[zimbra@test6 backup]$ mysql -uzimbra -pRLv1g95JH44VRfBF3SmzaF5E_rP_odR
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 518
Server version: 5.0.90-log Source distribution

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

mysql>
备份mysql信息
[zimbra@test6 backup]$ mkdir /opt/zimbra/backup/mysql.old
[zimbra@test6 backup]$ /opt/zimbra/mysql/bin/mysqldump -u root -p0FH4ILTDaJWBj.TJSeEtzTsRt67XHv --socket=/opt/zimbra/db/mysql.sock --opt -R --all-databases > /opt/zimbra/backup/mysql.old/20170815.sql

恢复store、index目录：

[zimbra@test6 backup]$ mkdir /opt/zimbra/backup/store.old
[zimbra@test6 backup]$ mkdir /opt/zimbra/backup/index.old
[zimbra@test6 backup]$ mv /opt/zimbra/store/* /opt/zimbra/backup/store.old/
[zimbra@test6 backup]$ mv /opt/zimbra/index/* /opt/zimbra/backup/index.old/
[zimbra@test6 backup]$ cp -r /opt/zimbra/backup/store/* /opt/zimbra/store
[zimbra@test6 backup]$ cp -r /opt/zimbra/backup/index/* /opt/zimbra/index/

恢复mysql信息;
[zimbra@test6 backup]$ mysql -u root -p0FH4ILTDaJWBj.TJSeEtzTsRt67XHv < /opt/zimbra/backup/zimbra.dump.20170815.sql

恢复ldap信息：
[zimbra@test6 backup]$ ldapadd -h 192.168.10.231 -x -c -D "uid=zimbra,cn=admins,cn=zimbra" -w dOQnGXv1nf < /opt/zimbra/backup/20170815.ldap.bak
重启zimbra;
[zimbra@test6 backup]$ zmcontrol restart

登录测试：https://192.168.10.231:7071/zimbraAdmin/

用OutLook连接提示错误：
-ERR only valid after entering TLS mode
原因：Zimbra默认不允许在使用非加密传输时进行身份认证，需要关闭相关安全设置。
在Zimbra上切换至zimbra用户，执行如下命令：

zmprov ms `zmhostname` zimbraImapCleartextLoginEnabled TRUE
zmprov ms `zmhostname` zimbraPop3CleartextLoginEnabled TRUE
zmprov ms `zmhostname` zimbraMtaTlsAuthOnly FALSE

zmhostname 名字是写死的，不能错。修改时以上命令不用改动。
重新启动Zimbra服务后试试OutLook是否可以接收邮件了（测试过程没有重启zimbra也一样能收到）

如果没有合法域名，请修改本地hosts文件，以便测试foxmail或outlook添加邮箱

http://blog.sina.com.cn/s/blog_69cc2f0b0100vsof.html 其他方式导入邮件客户端重收问题
http://blog.chinaunix.net/uid-23504396-id-267471.html 协议详解

导出邮件：[zimbra@test6 backup]$ zmmailbox -z -m guojintao@ccxe.com gru '/?fmt=tgz&meta=1&query=after:"08/15/17"' >/opt/zimbra/backup/guojintao@ccxe.com.tgz

导入邮件：[zimbra@test6 backup]$ zmmailbox -z -m guojintao@ccxe.com postRestURL "//?fmt=tgz&resolve=reset" /opt/zimbra/backup/guojintao@ccxe.com.tgz

https://wiki.zimbra.com/wiki/Zimbra_to_Zimbra_Migration

https://wiki.zimbra.com/wiki/ZCS_to_ZCS_rsync_Migration

https://wiki.zimbra.com/wiki/Performance_Tuning_Guidelines_for_Large_Deployments

https://wiki.zimbra.com/index.php?title=Category:Community_Sandbox&pagefrom=Tonster-VServer-Notes#mw-pages

https://wiki.zimbra.com/wiki/Modified_Rsync_Migration 

 https://wiki.zimbra.com/wiki/Performance_Tuning_Guidelines_for_Large_Deployments

https://wiki.zimbra.com/wiki/Log_Files　　log日志文件说明

====================================================================================================================================
恢复方法二（推荐）：直接拷贝store、index、数据库data目录、导出ldap-config、ldap、修改localconfig.xml密码。

在新服务器上安装zimbra，服务器主机名，域名管理员密码、dns服务器地址等都设置为一样的。

在旧服务器上用root用户创建/backup目录：
mkdir -p /backup/ldap
chown -R zimbra.zimbra /backup
su - zimbra
zmcontrol stop
/opt/zimbra/libexec/zmslapcat -c /backup/ldap 备份LDAP配置数据库
/opt/zimbra/libexec/zmslapcat /backup/ldap 备份LDAP数据
cp -a /opt/zimbra/data/ldap/hdb/db/DB_CONFIG /backup/ldap/

zmlocalconfig -x -s |grep password > /backup/password.bak 密码备份

zmlocalconfig -n （查看其它设定值）
zmlocalconfig -e [attribute-name]='[attribute-value]' （如果有其他设定值，在新服务器上执行此命令设定）

cd /opt/zimbra/db/data/ 备份数据库文件
tar -pzcvf /backup/mysql_data.tar.gz ./

cd /opt/zimbra/store/
tar -pzcvf /backup/store.tar.gz ./ 备份邮件

cd /opt/zimbra/index/ 备份索引
tar -pzcvf /backup/index.tar.gz ./

切换到root身份
cd /backup/
tar -pzcvf /tmp/backup.tar.gz ./
scp /tmp/backup.tar.gz 192.168.10.231:/backup/

在新的服务器上安装完zimbra：
mkdir -p /backup/old/{ldap,index,store,mysql_data}
chown -R zimbra.zimbra /backup
su - zimbra
zmcontrol stop
mv -f /opt/zimbra/data/ldap/config/* /backup/old/ldap/ 备份新服务器的LADP配置信息与数据
mv -f /opt/zimbra/data/ldap/hdb/* /backup/old/ldap/

mkdir -p /opt/zimbra/data/ldap/hdb/db /opt/zimbra/data/ldap/hdb/logs 创建新的LDAP相关目录

cd /backup/
tar -zxvf backup.tar.gz
cp -a /backup/ldap/DB_CONFIG /opt/zimbra/data/ldap/hdb/db/
chown -R zimbra:zimbra /opt/zimbra/data/ldap （root执行）

/opt/zimbra/openldap/sbin/slapadd -q -n 0 -F /opt/zimbra/data/ldap/config -cv -l /backup/ldap/ldap-config.bak 导入LDAP配置信息
/opt/zimbra/openldap/sbin/slapadd -q -b "" -F /opt/zimbra/data/ldap/config -cv -l /backup/ldap/ldap.bak 导入LDAP数据库信息

修改localconfig.xml文件中以下密码：
a. zimbra_mysql_password
b. mysql_root_password
c. zimbra_logger_mysql_password (Note: Transfer/copy this value to the New Server only if available from the old Old Server.)
d. zimbra_ldap_password
e. ldap_root_password
f. ldap_postfix_password
g. ldap_amavis_password
h. ldap_nginx_password
i. ldap_replication_password

zmlocalconfig -x -s |grep password 查看密码
vim /opt/zimbra/conf/localconfig.xml
1,$s/新服务器密码/旧服务器密码/gc 按Y确认更换

mv -f /opt/zimbra/db/data/* /backup/old/mysql_data/
mv -f /opt/zimbra/store/* /backup/old/store/
mv -f /opt/zimbra/index/* /backup/old/index/

cd /opt/zimbra/db/data/
tar -zxvf /backup/mysql_data.tar.gz
tar -zxvf /backup/store.tar.gz -C /opt/zimbra/store/
tar -zxvf /backup/index.tar.gz -C /opt/zimbra/index/

zmcontrol start

==================================完=======================================

查看所有参数信息
zmprov getAllConfig

ps auxww | grep zimbra

zmlocalconfig -e zimbra_require_interprocess_security = 0

/opt/zimbra/conf/my.cnf
table_open_cache = 1200
innodb_open_files = 2710
innodb_buffer_pool_size = 3435973840 （8G内存示例）
innodb_max_dirty_pages_pct = 10
innodb_flush_method = O_DIRECT

prov> mcf zimbraPop3NumThreads 300
prov> gcf zimbraPop3NumThreads
zimbraPop3NumThreads: 300

忘记admin密码：zmprov sp admin zimbraadmin

zmprov ma data@ccxe.com.cn zimbraAccountStatus lockout #锁账号
zmprov ma data@ccxe.com.cn zimbraAccountStatus active #解锁账号
/opt/zimbra/bin/zmaccts |grep 'data@ccxe.com.cn' #查看账号状态

域名重命名
zmprov -l rd [olddomain.com] [newdomain.com]

卸载
https://wiki.zimbra.com/wiki/UnInstalling_Zimbra_on_Linux

数据库相关信息：
zimbra数据库
mailbox查看数据库用户对应的id
根据id查找对应mboxgroup*数据库（比如id为5，则查找mboxgroup5数据库）
查找mail_item表：unread为未读信息。

解决导入文件后重复接受问题：
su - zimbra
zmprov -l gaa | while read ACCOUNT
do
zmprov ma ${ACCOUNT} zimbraPrefPop3DownloadSince $(date "+%Y%m%d%H%M%S"Z)
done

[zimbra@test6 ~]$ zmlocalconfig -s |grep -i thread
[zimbra@test6 ~]$ zmlocalconfig -s |grep -i zmjava
[zimbra@test6 ~]$ zmlocalconfig -s |grep -i java_heap
[zimbra@test6 ~]$ zmlocalconfig -s |grep -i security
[zimbra@test6 ~]$ zmlocalconfig mailboxd_java_options

zmlocalconfig -e zimbra_zmjava_options='-Xmx2048m'

zmmailbox -z -m henry@dckg.com.cn s -l 999 -t message "subject:test*" --查找邮件标题包含test的邮件
$zmmailbox -z -m henry@dckg.com.cn s -t message "From: huawei*" --按发件人查
$zmmailbox -z -m henry@dckg.com.cn s -t message "To:huawei*" --按收件人查
$zmmailbox -z -m henry@dckg.com.cn s -t message "After:05/17/16" --按邮件日期查
$zmmailbox -z -m henry@dckg.com.cn s -t message "Before:05/17/16" --按邮件日期查
$zmmailbox -z -m yunwei@ccxe.com.cn dm 468,467 --一次删除多封邮件

导出某段时间的邮件
[zimbra@test6 ~]$ $(which curl) -k -u $ADMINUSER:$ADMINPASS https://192.168.10.231:7071/home/guojintao@ccxe.com/?fmt=tgz&query=after:"08/13/17"&query=before:"09/13/17" > /opt/zimbra/backup/guojintao@ccxe.com.tgz

[zimbra@test6 ~]$ zmmailbox -z -m guojintao@ccxe.com gru '?fmt=tgz&meta=1&query=after:"08/13/17"&query=before:"09/13/17"' > /opt/zimbra/backup/222guojintao@ccxe.com.tgz

zmlocalconfig -s |grep password

[zimbra@mail ~]$ ldapsearch -h 192.168.110.10 -x -D "uid=zimbra,cn=admins,cn=zimbra" -w 77ApAaMdIU > /opt/zimbra/backup/20181031.ldap.bak

ldapsearch -h 192.168.110.10 -x -D "uid=zimbra,cn=admins,cn=zimbra" -w 77ApAaMdIU -b "uid=guojintao,ou=people,dc=ccxe,dc=com,dc=cn" > /opt/zimbra/backup/20181031.guojintao.ldap.bak

新：
ldapadd -h 192.168.222.230 -x -D "uid=zimbra,cn=admins,cn=zimbra" -w XV_XILULH < /opt/zimbra/backup/guojintao.ldap.bak

1.查看某个域名下所有群组(getAlldistributionLists)

zmprov gadl

2.查看群组成员(get DistributionListmember)

zmprov gdlm all-md@zijian.com

3.查看某个群组详细信息(getDistributionList)

zmprov gdl all-md@zijian.com

4.创建群组(createDistributionList)

zmprov cdl group1@zijian.com

5.添加用户(add DistributionListmember)

zmporv adlm group1@zijian.com user1@zijian.com

6.从群组中移除一个用户(removeDistributionListMember)

zmprov rdlm group1@zijian.com user3@zijian.com

7.授权user1用户向group1@zijian.com发邮件

zmprov grr dl group1@zijian.com usr user1@zijian.com sendToDistList

8.取消user1向群组group1@zijan.com发邮件权限

zmprov rvr dl group1@zijian.com usr user1@zijian.com sendToDistList

#为了使用授权命令，需要启用Milter Server

启用方法：管理控制台----> 全局设定 -----> MTA ------> Milter Server启用

postfix设置用户认证发邮件

https://blog.csdn.net/zzban1111/article/details/17279581