This article covers the steps involved in migrating Zimbra server from one server to another. The ZCS release you install on the New Server must be the same ZCS Version as installed on the Old Server. The server can have a different operating system, but the ZCS Version must be identical.

Migration of ZCS mailstoreto a new ZCS mailstorecan be required for multiple reasons:
1. Migrating from a 32-bit server to a 64-bit server
2. Abandoning an old system because it is damaged, corrupted, broken, etc.
3. Running continuous rsync copies of a ZCS mailstore for DR purposes
4. Moving from an Operating System that is EOL to one that is current, for example:
Moving from RHEL 4 to RHEL 5
Moving from RHEL 5 to RHEL 6
Moving from Ubuntu 8 to Ubuntu 10
Moving from Ubuntu 10 to Ubuntu 12

For the convenience of documentation we can call two platforms the “Old Server” and the “New Server”.

Migration Steps:

New Server: Prepare Operating System with patching, updating, and tuning. Then install ZCS Version with the exact same ZCS Version as on the Old Server.

Old Server:
– Rsync the amount of data as rsync can sync data incrementally.
– Backup LDAP and MYSQL data for importing intonew server.

You do the following on the New Server:
– Prepare the new server
– Restore the LDAP data
– Edit localconfig.xml file to update the MySQL and LDAP password values to the same as those configured on the old server
– Copy backup files from the Old Server to the New Server
– Delete the MySQL data that is set up in the initial installation of ZCS
– Copy various files from the Old Server to the New Server
– Prepare and run a new backup for the New Server

Notes on rsync:
-ssh method – rsync -e ssh –delete -axvzKHS [source-location] [newserver-IP-address]:[destination-location]

– Test ifrsyncworks properly withfollowing steps:

(onOld Server)
cd /tmp
touch testfile
rsync -e ssh -axvzKHS testfile [newserver-IP-address]:/tmp
(enter root password if necessary)
Then check if the file /tmp/testfile exists on the New Server.Untilrsync is working properly, do not proceed further.

Preparing the Old Server:

1. Block client access to the server’s IP address with firewall rules.

2. Createbackup directoryon the Old Server and New Server, for copying data. As root, type the following:

On Old Server:
mkdir /backup

On New Server:
mkdir /backup
mkdir /backup/old

3. On both servers, as user root, type:
chownzimbra:zimbra /backup

4. Stop the Old Server, type
su – zimbra
zmcontrol stop

5. On ZCS 6.0 and later, backupthe LDAP config database, as user zimbra, type
/opt/zimbra/libexec/zmslapcat -c /backup

6/ Backup the LDAP data, as zimbrauser, type
/opt/zimbra/libexec/zmslapcat /backup

7. Change the hostname and IP address on the old server. Do not turn off the server.

Preparing the New Server:
The ZCS setup on the new server must be configured exactly as the ZCS configuration on the old server.

a. Copy your ZCSLicense.xml file to a directory on the new server.
b. Follow the instructions in the ZCS single server installation guide to install ZCS. Configure the same domain, hostname, passwords as on the old server. The following settings must be changed to match the original server settings:

– Zimbra LDAP Server
– Zimbra Mailbox Server
– Make sure that the account name for Admin user to create is the same name as on the original server.
– Set the admin password.
– Change the Spam training user and the Non-spam (HAM) training user account names to be the same as the spam account names on the original server.
– Global Document Account – Change the Global Document Account name to the same account name as the original server.
– Change any other settings on the new server to match the configuration on the old server.

ZCS 8.0.x-8.5.x LDAP Import:

1. On the New Server, backup the default LDAP data:
(as root)
cd /opt/zimbra/data/ldap
mv -f mdb /backup/old

2. Then create the new directories in new server
mkdir -p mdb/db
WARNING: ONLY REMOVE AND RELOAD THE CONFIG DB IF ABSOLUTELY NECESSARY. Reloading the config db should rarely be necessary (unless you customized the config). To do so though and only if necessary, you would need to clear the config/ directory and import the config data:
cd /opt/zimbra/data/ldap
mv -f config /backup/old
mkdir config

ZCS 8: Reloading the accesslog DB would only apply to a master or multi-master scenario. If necessary:
cd /opt/zimbra/data/ldap
mv acccesslog /backup/old
mkdir -p accesslog/db

3. Set the permissions correctly:
chown -R zimbra:zimbra /opt/zimbra/data/ldap

4. Export the data from the Old Server:
(as user zimbra)

Example of main database export:
/opt/zimbra/libexec/zmslapcat /backup

Example of configuration database export:
/opt/zimbra/libexec/zmslapcat -c /backup

Example of an accesslogdatabase export (8.0.2 and later):
/opt/zimbra/libexec/zmslapcat -a /backup

5. Copy files from /backup/ of Old Server to the New Server, put them in /backup on the New Server

6. Import the data to the New Server:
import the LDAP config data:
As the user zimbra: su – zimbra
/opt/zimbra/libexec/zmslapadd -c /backup/ldap-config.bak

Import the production LDAP database. The last argument is the full path to the data export file:
/opt/zimbra/libexec/zmslapadd /backup/ldap.bak

If the New Server is an LDAP Master or Multi-Master (MMR), import the accesslogLDAP database via the zmslapaddcommand. The last argument is the full path to the export:
/opt/zimbra/libexec/zmslapadd -a /backup/ldap-accesslog.bak

zmlocalconfigattributes from Old Server:
===========================================
There are some configuration options from thezmlocalconfig configuration file that you may want to transfer from the Old Server to the New Server.

1. Set the Passwords the same on the New Server as the Old Server
For all versions:
Edit /opt/zimbra/conf/localconfig.xml to update the following with the values from the localconfig.xml file on the Old Server:
a. zimbra_mysql_password
b. mysql_root_password
c. zimbra_logger_mysql_password
d. zimbra_ldap_password
e. ldap_root_password
f. ldap_postfix_password
g. ldap_amavis_password
h. ldap_nginx_password
i. ldap_replication_password

You can retrieve these passwords from the Old Server with the following command:
su – zimbra
zmlocalconfig -x -s |grep password

2. Check for any other customized configuration values in zmlocalconfigon the Old Server with this command on the Old Server, as user zimbra:
su – zimbra
zmlocalconfig -n

On the New Server, you can edit those same values as needed:
zmlocalconfig -e [attribute-name]='[attribute-value]’
See here for more details onzmlocalconfig:zmlocalconfig

Import the MySQL Data:
Delete the MySQL data on the New Server and copy the MySQL data from the Old Server.

1. On the New Server, move the default database aside:
mv -f /opt/zimbra/db/data/* /backup/old

2. Copy the MySQL data to the New Server:
(on Old Server)
rsync –delete -axvzKHS /opt/zimbra/db/data/* [newserver-IP-address]:/opt/zimbra/db/data/

Copy the Message Blob Data:
Copy the following files from the Old Serverto the New Server

1. On New Server, move aside default files:
mv -f /opt/zimbra/store/* /backup/old
mv -f /opt/zimbra/index/* /backup/old

2. Rsyncall files to the new server, as user root:
(on Old Server)
rsync -e ssh –delete -axvzKHS /opt/zimbra/store/* [newserver-IP-address]:/opt/zimbra/store/
rsync -e ssh –delete -axvzKHS /opt/zimbra/index/* [newserver-IP-address]:/opt/zimbra/index/

3. Perform rsyncover any other message volumes needed, such as if using HSM or secondary volumes:
(on Old Server)
rsync -e ssh –delete -axvzKHS /opt/zimbra/hsm/* [newserver-IP-address]:/opt/zimbra/hsm/

Copy Commercial SSL Certificates (if used):

Do the following to copy over thekeystorefrom the Old Server to the New Server:

a. If the original server was running with commercial certificates, copy those over as well.

b. The jetty keystore(http, pop, and imap) is at the following location:
/opt/zimbra/mailboxd/etc/keystore
Copy this to the New Server and put in place. First, move the default keystore:
mv -f /opt/zimbra/mailboxd/etc/keystore /backup/old
Then copy the desired keystore into place and make sure the permissions are correct:
mv /backup/keystore /opt/zimbra/mailboxd/etc/keystore
chownzimbra:zimbra /opt/zimbra/mailboxd/etc/keystore

c. Make sure to transfer thekeystorepassword to the new system while transferring thekeystorefile otherwisethe mailbox server will not start.

Run on Old Server:
zmlocalconfig -s mailboxd_keystore_password

Set the password the same on New Server:
zmlocalconfig -e mailboxd_keystore_password=’thepassword’

d. If any root certificates were added to the cacerts keystore, that is this file:
/opt/zimbra/java/jre/lib/security/cacerts

e. The postfix certificates (smtp) are at these locations:
/opt/zimbra/conf/smtpd.crt
/opt/zimbra/conf/smtpd.key
If you are using the certificates for nginx, perdition, or ldap (slapd) they are in these locations:
/opt/zimbra/conf/

Clear Unneeded Backups from the New Server:
1. Remove any unneeded backup sessions because these sessions are no longer needed.
mv -f /opt/zimbra/backup/* /backup/old
mv -f /opt/zimbra/redolog/* /backup/old

2. On New Server, create new backup and redologdirectories:
(as root)
mkdir /opt/zimbra/backup/sessions
mkdir /opt/zimbra/backup/tmp
mkdir /opt/zimbra/redolog/archive
chown zimbra:zimbra /opt/zimbra/backup/sessions /opt/zimbra/backup/tmp
chownzimbra:zimbra /opt/zimbra/redolog/archive

Fix the Permissions:
(as root)
/opt/zimbra/libexec/zmfixperms

(asroot)
/opt/zimbra/libexec/zmfixperms -extended

Start the Services on the New Server
1. Start ZCS
(as user zimbra)
zmcontrol start
2. Now run a full backup
zmbackup -f -aall