Menu -> Administration ->
Single Sign On -> Configuration ->
Identity Sources -> ADD IDENTITY SOURCE
At Server Side:
apt install bind9
Generate an account named username1
# dnssec-keygen -a HMAC-SHA512 -b 512 -n USER username1
You will have such as new files Kusername1.+165+42799.key in currently folder
Show the key in the file
# cat Kusername1.+165+42799.key
calvincarol. IN KEY 0 3 165 Um1GdfXXYTUIBSvsl+rFErq+XhqUMB0JffM4qdmNq3XHiF9Rq9Uirvnu ZvsrSU836Xn8rJTmbpIYMe6WrGuznA==
At the key & domain config to bind, also-notify is the second DNS Server IP
# vi /etc/bind/vi named.conf.default-zones
key “username1” {
algorithm hmac-sha512;
secret “Um1GdfXXYTUIBSvsl+rFErq+XhqUMB0JffM4qdmNq3XHiF9Rq9Uirvnu ZvsrSU836Xn8rJTmbpIYMe6WrGuznA==”;
};
zone “yourddnsdomain.com” IN {
type master;
file “/var/cache/bind/named.yourddnsdomain.com”;
also-notify { xxx.xxx.xxx.xxx; };
update-policy { grant username1 name subdomain.yourddnsdomain.com. A; };
};
At Client Side:
apt install bind9
Copy the key file to client side
vi /root/do-nsupdate
#!/bin/bash
updateServer=ns1.masterdns.com
updateDomain=subdomain.yourddnsdomain.com
encryptKeyPath=”/root/Kusername1.+165+42799.key”
checkIPWeb=”http://checkip.amazonaws.com/”
CURRENT_IP=$(nslookup $updateDomain $updateServer| grep Address | grep -v “#53”)
CURRENT_IP=$(echo ${CURRENT_IP:9})
EXT_IP=$(wget -qO- $checkIPWeb)
if [ $CURRENT_IP != $EXT_IP ]; then
KEY=$encryptKeyPath
cat <<EOF | nsupdate -k “$KEY”
server $updateServer
update delete $updateDomain. A
update add $updateDomain. 3600 A $EXT_IP
send
EOF
fi
chmod 755 /root/do-nsupdate
vi /etc/crontab
0 * * * * root /root/do-nsupdate
This lab will use local disk for Quorum not share disk, and just restore 1 cluster hosts let SQL online
Remark: if we want to auto start cluster, we need to restore AD to UAT environment or using a script to start without quorum.
Export disk to VMDK
Our lab don’t need Q: and F:
We can found restored to our ESXi UAT environment
Add A new VM using existing disk
Delete default “Hard disk 1”, and add existing disk just restored.
Our phyical server using EFI bios
Power On windows and we can see the cluster can’t startup
Type below command to startup without Quorum disk
net.exe stop clussvc
net.exe start clussvc /forcequorum
Delete Cluster disk.
If we don’t delete it, we can’t let the disk online in “Disk Management”
Make the SQL data disk online
Reconfig the IP
Click “Start Role” to let SQL Server online
We can see SQL is Running now
But it can’t auto start after reboot server, we need to config Quorum
Delete the old one, because Quorum can’t online in local disk
Create a SMB share
This step need AD to authenticate
$org = Get-VBOOrganization -Name “xxx.onmicrosoft.com”
$User1 = Get-VBOLicensedUser -Organization $org -Name “myname@domain.com”
$User1
$repository = Get-VBORepository -Name “xxx Backup Repository”
$user = Get-VBOEntityData -Type User -Repository $repository -Name “myname@domain.com”
Remove-VBOEntityData -Repository $repository -User $user -Mailbox -ArchiveMailbox -OneDrive -Sites
#Y will accept the deleting of data
$org = Get-VBOOrganization -Name “xxx.onmicrosoft.com”
$licensedUser = Get-VBOLicensedUser -Organization $org -Name “myname@domain.com”
Remove-VBOLicensedUser -User $licensedUser
zimbra@mail:~$ zmcontrol status
Host mail.xx.xxx.com
amavis Running
antispam Running
antivirus Running
dnscache Running
ldap Running
logger Stopped
zmlogswatchctl is not running
mailbox Running
memcached Running
mta Running
opendkim Running
proxy Running
service webapp Running
snmp Running
spell Running
stats Running
zimbra webapp Running
zimbraAdmin webapp Running
zimlet webapp Running
zmconfigd Running
Option1
好像是重新重裝一次就可以解決
Option2
/opt/zimbra/log/zmlogswatch.out
Error opening /var/log/zimbra-stats.log: No such file or directory at /opt/zimbra/data/tmp/.swatchdog_script.20942 line 92.
touch /var/log/zimbra-stats.log
chown zimbra:zimbra /var/log/zimbra-stats.log
/opt/zimbra/libexec/zmsyslogsetup