Difference between revisions of "Howto - Change the default Scalix ldap port from 389"
(→How is it done?) |
(→How is it done?) |
||
(6 intermediate revisions by 3 users not shown) | |||
Line 17: | Line 17: | ||
If you don't change the ldapmapper, then you'll get a lot of mail building up in the "Internet Mail Gateway" queue stuck on the outbound side. Your Scalix installation will receive mail just fine, and deliver locally, but Sendmail won't know how to contact the ldap server, and you'll get this error in /var/log/maillog | If you don't change the ldapmapper, then you'll get a lot of mail building up in the "Internet Mail Gateway" queue stuck on the outbound side. Your Scalix installation will receive mail just fine, and deliver locally, but Sendmail won't know how to contact the ldap server, and you'll get this error in /var/log/maillog | ||
− | < | + | <pre> |
Jan 19 23:45:26 mail ldapmapper[4210]: cannot send search request to instance mail: No such object | Jan 19 23:45:26 mail ldapmapper[4210]: cannot send search request to instance mail: No such object | ||
Jan 19 23:45:26 mail sendmail[10458]: l0JCjQaa010458: SYSERR(root): Error getting LDAP results in map ldapsx: Unknown error 325 | Jan 19 23:45:26 mail sendmail[10458]: l0JCjQaa010458: SYSERR(root): Error getting LDAP results in map ldapsx: Unknown error 325 | ||
− | </ | + | </pre> |
+ | |||
+ | '''Note: If you're getting this message, and haven't been playing around with the ldap port, go read the [[Scalix 12 FAQs]] page :)''' | ||
The example below assumes you're changing it to port 3890 - good for lazy typists, and to make it easier to remember what runs on the port at a later date. | The example below assumes you're changing it to port 3890 - good for lazy typists, and to make it easier to remember what runs on the port at a later date. | ||
Line 30: | Line 32: | ||
Note: The ''code snippets are not the complete files'' - they are just to highlight the relevant lines. | Note: The ''code snippets are not the complete files'' - they are just to highlight the relevant lines. | ||
− | ''/var/opt/scalix/ml/s/sys/slapd.conf'' | + | <code>'''/var/opt/scalix/ml/s/sys/slapd.conf'''</code> |
− | < | + | <pre> |
# --OMSLAPDHEADER-- | # --OMSLAPDHEADER-- | ||
# | # | ||
Line 41: | Line 43: | ||
portNum 3890 | portNum 3890 | ||
# | # | ||
− | </ | + | </pre> |
− | ''/var/opt/scalix/ml/caa/scalix.res/config/ubermanager.properties'' | + | <code>'''/var/opt/scalix/ml/caa/scalix.res/config/ubermanager.properties'''</code> |
− | < | + | <pre> |
# Port number for the Scalix LDAP servers. The default is 389. | # Port number for the Scalix LDAP servers. The default is 389. | ||
# If you change this number make sure all the sladp.conf file on | # If you change this number make sure all the sladp.conf file on | ||
Line 51: | Line 53: | ||
ubermanager.query.server.port=3890 | ubermanager.query.server.port=3890 | ||
# | # | ||
− | </ | + | </pre> |
− | ''/var/opt/scalix/ml/webmail/swa.properties'' | + | <code>'''/var/opt/scalix/ml/webmail/swa.properties'''</code> |
NOTE: This file has two lines that specify port number. | NOTE: This file has two lines that specify port number. | ||
− | < | + | <pre> |
swa.ldap.1.port=3890 | swa.ldap.1.port=3890 | ||
swa.ldap.1.baseDN=o=scalix | swa.ldap.1.baseDN=o=scalix | ||
Line 64: | Line 66: | ||
swa.ldap.2.port=3890 | swa.ldap.2.port=3890 | ||
swa.ldap.2.baseDN=o=MyContacts | swa.ldap.2.baseDN=o=MyContacts | ||
− | </ | + | </pre> |
− | ''/var/opt/scalix/ml/platform/platform.properties'' | + | <code>'''/var/opt/scalix/ml/platform/platform.properties'''</code> |
− | < | + | <pre> |
# ldap port (since 10.0.1 this can be different from 389) | # ldap port (since 10.0.1 this can be different from 389) | ||
# | # | ||
ldap.port=3890 | ldap.port=3890 | ||
− | </ | + | </pre> |
− | ''/etc/sysconfig/ldapmapper'' | + | <code>'''/etc/sysconfig/ldapmapper'''</code> |
Finally, don't forget to change the ldapmapper. This is the complete file, as it only has one config line. Notice the ldapmapper(8) part - there's a man page, so go check it out too if you're interested! | Finally, don't forget to change the ldapmapper. This is the complete file, as it only has one config line. Notice the ldapmapper(8) part - there's a man page, so go check it out too if you're interested! | ||
− | < | + | <pre> |
# | # | ||
# Scalix ldapmapper(8) options | # Scalix ldapmapper(8) options | ||
# | # | ||
LDAPMAPPER_OPTIONS="-L ldap://%s:3890" | LDAPMAPPER_OPTIONS="-L ldap://%s:3890" | ||
− | </ | + | </pre> |
Line 89: | Line 91: | ||
Restart the all the Scalix processes. | Restart the all the Scalix processes. | ||
− | + | <pre> | |
− | /etc/rc.d/init.d/scalix restart | + | # /etc/rc.d/init.d/scalix restart |
− | /etc/rc.d/init.d/scalix-tomcat restart | + | # /etc/rc.d/init.d/scalix-tomcat restart |
+ | </pre> | ||
You can verify which port the LDAP server is running on. First, check its not on 389: | You can verify which port the LDAP server is running on. First, check its not on 389: | ||
− | < | + | <pre> |
#lsof -i :389 | #lsof -i :389 | ||
− | </ | + | </pre> |
That should return nothing, unless you've already jumped ahead and started openldap or some other LDAP server! | That should return nothing, unless you've already jumped ahead and started openldap or some other LDAP server! | ||
Line 103: | Line 106: | ||
Then check the new port: | Then check the new port: | ||
− | < | + | <pre> |
#lsof -i :3890 | #lsof -i :3890 | ||
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME | COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME | ||
omslapd 20092 root 8u IPv4 725279 TCP *:ndsconnect (LISTEN) | omslapd 20092 root 8u IPv4 725279 TCP *:ndsconnect (LISTEN) | ||
− | </ | + | </pre> |
And you're all done - you can then set up whatever else you want to, or retire happily for a quiet beer. | And you're all done - you can then set up whatever else you want to, or retire happily for a quiet beer. |
Latest revision as of 10:41, 26 November 2013
Scalix 11
In Scalix 11, the switch to using the ldapmapper daemon rather than smtpd added a new requirement to running the LDAP daemon omslapd on a port other than 389.
Why do it?
So why does anyone want change the default LDAP port from port 389? There are a number of reasons for this, but the most common are:
- Co-hosting with another LDAP server (e.g. for running a Samba-LDAP (smbldap) server on the same host)
- Network or firewall restrictions
How is it done?
The LDAP port is specified in a number of files for Scalix, each used by different parts of the total solution. e.g. the mail server needs to know, so does the Admin Console, and so does the Web Appliciation. And, with the introduction of ldapmapper in Scalix 11, the ldapmapper needs to know what port its mapping to (it'll assume the default port, 389).
To actually do it, you need to edit the properties files for each major component in Scalix, as well as editing a config file that is used by the ldapmapper. The edits below can be made while Scalix is already running - but the changes won't propagate until a restart, as the properties files are only read on startup typically.
If you don't change the ldapmapper, then you'll get a lot of mail building up in the "Internet Mail Gateway" queue stuck on the outbound side. Your Scalix installation will receive mail just fine, and deliver locally, but Sendmail won't know how to contact the ldap server, and you'll get this error in /var/log/maillog
Jan 19 23:45:26 mail ldapmapper[4210]: cannot send search request to instance mail: No such object Jan 19 23:45:26 mail sendmail[10458]: l0JCjQaa010458: SYSERR(root): Error getting LDAP results in map ldapsx: Unknown error 325
Note: If you're getting this message, and haven't been playing around with the ldap port, go read the Scalix 12 FAQs page :)
The example below assumes you're changing it to port 3890 - good for lazy typists, and to make it easier to remember what runs on the port at a later date.
Files to edit
The files you need to edit to make it all work with the new port are:
Note: The code snippets are not the complete files - they are just to highlight the relevant lines.
/var/opt/scalix/ml/s/sys/slapd.conf
# --OMSLAPDHEADER-- # # # server specific data subschemaSubentry "cn=subSchema,o=Scalix" altServer "" portNum 3890 #
/var/opt/scalix/ml/caa/scalix.res/config/ubermanager.properties
# Port number for the Scalix LDAP servers. The default is 389. # If you change this number make sure all the sladp.conf file on # all Scalix LDAP servers are changed to the same port here. ubermanager.query.server.port=3890 #
/var/opt/scalix/ml/webmail/swa.properties
NOTE: This file has two lines that specify port number.
swa.ldap.1.port=3890 swa.ldap.1.baseDN=o=scalix . . swa.ldap.2.port=3890 swa.ldap.2.baseDN=o=MyContacts
/var/opt/scalix/ml/platform/platform.properties
# ldap port (since 10.0.1 this can be different from 389) # ldap.port=3890
/etc/sysconfig/ldapmapper
Finally, don't forget to change the ldapmapper. This is the complete file, as it only has one config line. Notice the ldapmapper(8) part - there's a man page, so go check it out too if you're interested!
# # Scalix ldapmapper(8) options # LDAPMAPPER_OPTIONS="-L ldap://%s:3890"
After the edits
Restart the all the Scalix processes.
# /etc/rc.d/init.d/scalix restart # /etc/rc.d/init.d/scalix-tomcat restart
You can verify which port the LDAP server is running on. First, check its not on 389:
#lsof -i :389
That should return nothing, unless you've already jumped ahead and started openldap or some other LDAP server!
Then check the new port:
#lsof -i :3890 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME omslapd 20092 root 8u IPv4 725279 TCP *:ndsconnect (LISTEN)
And you're all done - you can then set up whatever else you want to, or retire happily for a quiet beer.