ZCS Multi-Server Installation Guide, Network Edition 5.0 (Rev 5.0.19 September 2009)

Multiple-Server Installation

Starting the Installation Process

Starting the Installation Process on the Mac Server

Installing Zimbra LDAP Master Server

Installing Zimbra Mailbox Server

Installing Zimbra MTA on a Server

Installing zimbra-proxy

Installing the zimbra-SNMP package

Final Set-Up

Verifying Server Configuration

Logging on to the Administration Console

Post Installation Tasks

Uninstalling Zimbra Collaboration Suite

The multiple-server installation is straight-forward and easy to run. You run the same install script on each server, select the component(s) to install, and use the menu to configure the system.

After the installation is complete, two additional steps should be run as described in “Final Set-Up” :

•	Fetch the ssh encryption keys

•	Enable some logger functionality.

When the server installation is complete, the servers are started, and the status is displayed.

Important: Install the servers in the following order

1.	LDAP server

2.	Zimbra mailbox servers

3.	Zimbra MTA servers

Note: Zimbra-proxy is normally installed on the MTA server or you can install it on its own server.

Important: Do not manually create the user ‘zimbra’ before running the ZCS installation. The installation automatically creates this user and sets up its environment.

Important: Before you start, verify that the system clocks are synced on all servers.

Starting the Installation Process

For the latest Zimbra software download, go to www.zimbra.com. Save the Zimbra Collaboration Suite tar file to the computer from which you are installing the software.

For servers other than Mac servers, step 1 through step 4 are performed for each server to be installed.

For Mac servers, see “Starting the Installation Process on the Mac Server” .

1.	Log in as root to the Zimbra server and cd to the directory where the Zimbra Collaboration Suite archive file is saved (cd /var/<tmp>/var). Type the following commands.

•	tar xzvf [zcs.tgz] to unpack the file

•	cd [zcs filename] to change to the correct directory. The file name includes the release and build date.

•	./install.sh to begin the installation.

Note: When installing ZCS, you also install the Zimbra license file. Copy the file to the mail server before you begin, and to begin the installation, type ./install.sh -l (/path/ZCSLicense.xml)

Note: As the installation proceeds, press Enter to accept the defaults that are shown in brackets [ ] or enter the appropriate answer for your configuration.

The screen shots are examples of the Zimbra installation script.

 

[root@mailhost tmp]# tar xzvf zcs.tgz zcs/ . . . zcs/packages/ zcs/packages/zimbra-spell-5.0.15_GA_1_1469.RHEL4-4116.i386.rpm zcs/packages/zimbra-apache-5.0.15_GA_1469.RHEL4-4116.i386.rpm zcs/packages/zimbra-core-5.0.15_GA_1469.RHEL4-4116.i386.rpm zcs/packages/zimbra-logger-5.0.15_GA_1469.RHEL4-4116.i386.rpm zcs/packages/zcs-cluster-5.0.15_GA_1469.RHEL4.tgz zcs/packages/zimbra-cms-5.0.15_GA_1469.RHEL4-4116.i386.rpm zcs/packages/zimbra-ldap-5.0.15_GA_1469.RHEL4-4116.i386.rpm zcs/packages/zimbra-proxy-5.0.15_GA_1469.RHEL4-4116.i386.rpm zcs/packages/zimbra-cluster-5.0.15_GA_1469.RHEL4-4116.i386.rpm zcs/packages/zimbra-store-5.0.15_GA_1469.RHEL4-4116.i386.rpm zcs/packages/zimbra-mta-5.0.15_GA_1469.RHEL4-4116.i386.rpm zcs/packages/zimbra-snmp-5.0.15_GA_1469.RHEL4-4116.i386.rpm zcs/README.txt zcs/readme_binary.txt zcs/docs/ . . . [root@mailhost tmp]# cd zcs-NETWORK-5.0.15_GA_1469.RHEL4.4116 [root@mailhost zcs-NETWORK-5.0.15_GA_1469.RHEL4.4116]# ./install.sh   Operations logged to /tmp/install.log.27584 Checking for existing installation... zimbra-ldap...NOT FOUND zimbra-logger...NOT FOUND zimbra-mta...NOT FOUND zimbra-snmp...NOT FOUND zimbra-store...NOT FOUND zimbra-apache...NOT FOUND zimbra-spell...NOT FOUND     zimbra-proxy...NOT FOUND     zimbra-archiving...NOT FOUND     zimbra-convertd...NOT FOUND     zimbra-cluster...NOT FOUND     zimbra-core...NOT FOUND

2.

The installation process checks to see if Sendmail, Postfix, and MySQL software are running. If any application is running, you are asked to disable it. The default is Yes to disable the applications. Disabling MySQL is optional, but highly recommended. Sendmail and Postfix must be disabled for the Zimbra Collaboration Suite to start correctly.

3.	The Zimbra software agreement is displayed and includes a link to the license terms for the Zimbra Collaboration Suite. Read the agreement and press Enter to continue.

 

PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE. ZIMBRA, INC. ("ZIMBRA") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT.   License Terms for the Zimbra Collaboration Suite: http://www.zimbra.com/license/index.html   Press Return to continue

4.	Next, the installer checks to see that the prerequisite software is installed. If NPTL, sudo, libidn, cURL, fetchmail, GMP or compat-libstdc++- are not installed, the install process quits. You must fix the problem and start the installation again.

Note: Before the Main menu is displayed, the installer checks to see if the hostname is resolvable via DNS and if there is an error asks you if would like to change the hostname. The domain name should have an MX record configured in DNS.

Starting the Installation Process on the Mac Server

The following steps are performed on each Mac server to be installed.

1.	Click on the dmg file to open the file and click ZCS.mpkg to open the Zimbra install package. The Apple installer opens and verifies that the server is ready to install the Zimbra Collaboration Suite. Click Continue.

2.	The welcome screen appears, click Continue.

3.	The Zimbra Software License Agreement is displayed. Read the agreement and click Continue. A popup screen appears asking you to accept the terms of the license agreement to continue. Click Agree.

4.	Select the destination volume to install the software. Click Continue.

5.	The Easy Install ... dialog displays. Select the services to be installed on this server.

To select which services to install, click Customize. Deselect those packages you do not want installed. See “Planning for the Installation” for information about the packages. Click Install to proceed.

A progress bar shows the Zimbra packages being installed. When The software was successfully installed dialog displays, click Close.

6.	Open the Apple Terminal and log in as root. Type sudo /bin/bash. Enter your root password, if asked.

7.	On the LDAP server only, add the Zimbra license xml file to /opt/zimbra/conf.

8.	Type cd /opt/zimbra/libexec.

9.	Type ls to see the packages in the directory.

10.

Type ./zmsetup.pl. This starts the ZCS configuration. A temporary log file is created and the server port configurations are checked for conflicts. The installation process checks to see if Sendmail, Postfix, and MySQL software are running. If any of these applications are running, you are asked to disable them. Disabling MySQL is optional but highly recommended. Sendmail and Postfix must be disabled for the Zimbra Collaboration Suite to start correctly.

11.

If no conflicts are found, the Main menu displays the default entries for the Zimbra component you are installing. To expand the menu to see the configuration values, type X and press Enter. The main menu expands to display configuration details for the package being installed. Values that require further configuration are marked with asterisks (*).

12.	To continue, follow the installation instructions for each server type, starting with Step 3 under “Starting the Installation Process” .

Installing Zimbra LDAP Master Server

You must configure the Zimbra Master LDAP server before you can install other Zimbra servers. You can set up LDAP replication, configuring a master LDAP server and replica LDAP servers, either configuring all LDAP servers now or after you set up the initial ZCS servers. See Configuring LDAP Replication.

1.	Follow steps 1 through 4 in “Starting the Installation Process” to open an SSH session to the LDAP server, log on to the server as root, and unpack the Zimbra software.

2.	Type Y and press Enter to install the zimbra-ldap package. The MTA, Store and Logger packages should be marked N. In the following screen shot example, the package to be installed is emphasized.

Note: If SNMP is being used, the SNMP package is installed on every Zimbra server. Mark Y.

 

Select the packages to install   Install zimbra-ldap [Y] Y Install zimbra-logger [Y] N Install zimbra-mta [Y] N Install zimbra-snmp [Y] N Install zimbra-store [Y] N Install zimbra-apache [Y] N Install zimbra-spell [Y] N Install zimbra-proxy [N] N Install zimbra-archiving [N] N Install zimbra-convertd [N] N   Installing: zimbra-core zimbra-ldap   This system will be modified. Continue [N} Y

3.	Type Y, and press Enter to modify the system. The selected packages are installed on the server.

The Main menu displays the default entries for the Zimbra component you are installing. To expand the menu to see the configuration values type x and press Enter. The main menu expands to display configuration details for the package being installed. Values that require further configuration are marked with asterisks (*).

To navigate the Main menu, select the menu item to change. You can modify any of the values. See Table 2, “Main Menu Options,” on page 14 for a description of the Main menu.

 

Main menu   1) Common Configuration: 2) zimbra-ldap: Enabled    3) Enable default backup schedule: yes    r) Start servers after configuration yes s) Save config to file x) Expand menu q) Quit   *** CONFIGURATION COMPLETE - press 'a' to apply Select from menu, or press 'a' to apply config (? - help)

4.	Type 1 to display the Common Configuration submenus.

 

Common Configuration:     1)Hostname:                          ldap-1.example.com     2)Ldap master host:                  ldap-1.example.com     3)Ldap port: 389     4)Ldap Admin password: set     5)Require secure interprocess communications      Yes     6)TimeZone:              (GMT-08.00) Pacific Time (US & Canada)

5.	Type 4 to display the automatically generated LDAP admin password. You can change this password. Write down the LDAP password, the LDAP host name and the LDAP port. You must configure this information when you install the mailbox servers and MTA servers.

LDAP Admin Password ____________

LDAP Host name ___________

LDAP Port ___________

6.	Type 6 to set the correct time zone, if your time zone is not Pacific Time.

7.	Type r to return to the Main menu.

8.	From the Main menu, type 2 -zimbra-ldap to view the Ldap configuration settings.

 

Ldap configuration   1) Status: Enabled 2) Create Domain: yes 3) Domain to create                         ldap-1.example.com 4) Ldap Root password:                      set    5) Ldap Replication password:               set    6) Ldap Postfix password:                   set    7) Ldap Amavis password:                    set    8) Ldap Nginx password:                     set   Select, or ‘r’ for previous menu [r] 3   Create Domain: [ldap-1.example.com] example.com

•	Type 3, Domain to create, to change the default domain name to the domain name, (example.com).

•

The passwords listed in the LDAP configuration menu are automatically generated. You need these passwords when configuring the MTA and the LDAP replica servers. Write them down. If you want to change the passwords for LDAP root, LDAP replication, LDAP Postfix, LDAP Amavis, and LDAP Nginx, enter the corresponding number 4 through 8 and change the passwords.

 

LDAP Replication password ___________

LDAP Postfix password ___________

LDAP Amavis password ___________

LDAP Nginx password ___________

9.	When changes to the LDAP configuration menu are complete, enter r to return to the main menu. Type a to apply the configuration changes.

10.	When Save Configuration data to file appears, type Yes and press Enter.

11.	The next request asks where to save the files. To accept the default, press Enter. To save the files to another directory, enter the directory and press Enter.

12.	When The system will be modified - continue? appears, type y and press Enter.

The server is modified. Installing all the components and configuring the server can take a few minutes. This includes but is not limited to setting local config values, creating and installing SSL certificates, setting passwords, timezone preferences, and starting the servers, among other processes.

13.	When Configuration complete - press return to exit displays, press Enter.

 

Select, or press 'a' to apply config (? - help) a Save configuration data to a file? [Yes] Save config in file: [/opt/zimbra/config.5490] Saving config in /opt/zimbra/config.5490...done   The system will be modified - continue? [No] y   Operations logged to /tmp/zmsetup.10282008-092627.log Setting local config values...done . . . Operations logged to /tmp/zmsetup.log.2843   Configuration complete - press return to exit

The installation of the LDAP server is complete.

Installing Zimbra Mailbox Server

The zimbra-store package can be installed with the LDAP server, the MTA server, or as a separate mailbox server. You can have more than one mailbox server and new mailbox servers can be added at any time.

The Zimbra license file is installed on one of the mailbox servers during the installation. You cannot complete the install without the license.

Note: The zimbra-logger package is installed only on the first Zimbra mailbox server.

Note: If you are installing zimbra-convertd package, this is installed only on each mailstore servers. For 5.0. x, typing Y to install zimbra-convertd will not make a noticeable difference since installing it does not activate it. For more information about zimbra-convertd, contact Zimbra support.

1.	Follow steps 1 through 4 in “Starting the Installation Process” to log on to the server as root and unpack the Zimbra software.

2.

Type Y and press Enter to install the zimbra-logger (optional and only on one mailbox server), zimbra-store, and zimbra-spell (optional) packages. When zimbra-spell is installed, the zimbra-apache package also gets installed. In the following screen shot example, the packages to be installed are emphasized.

Note: If SNMP is being used, the SNMP package is installed on every Zimbra server. Mark Y.

 

Install zimbra-ldap [Y] N Install zimbra-logger [Y] Y Install zimbra-mta [Y] N Install zimbra-snmp [Y] N Install zimbra-store [Y] Y Install zimbra-apache [Y] Y Install zimbra-spell [Y] Y Install zimbra-proxy [N] N Install zimbra-archiving [N] N Install zimbra-convertd [N] N     Installing: zimbra-core     zimbra-logger     zimbra-store     zimbra-apache     zimbra-spell   The system will be modified. Continue [N] Y

3.	Type Y, and press Enter to modify the system. The selected packages are installed on the server.

The Main menu displays the default entries for the Zimbra component you are installing. To expand the menu to see the configuration values type x and press Enter.

To navigate the Main menu, select the menu item to change. You can modify any of the values. For information about the menu values, see "Planning for the Installation" Menu-Driven Configuration section.

 

Main menu   1) Common Configuration: +Hostname: mailstore-1.example.com ******* +Ldap master host: UNSET +Ldap port: 389 ******* +Ldap Admin password: UNSET +Require secure interprocess communications: yes +TimeZone: (GMT-08.00) Pacific Time (US & Canada)   2) zimbra-store: Enabled +Create Admin User: yes +Admin user to create:             admin@mailstore-1.example.com ******* +Admin Password UNSET +Enable automated spam training: yes +Spam training user:        spam.cc_v05j4@mailstore-1.example.com +Non-spam(Ham) training user:  ham.msoyzx@mailstore-1.example.com +Global Documents Account: wiki@mailstore-1.example.com +SMTP host                             mailstore-1.example.com +Web server HTTP port: 80 +Web server HTTPS port: 443 +Web server mode: http +IMAP server port: 143 +IMAP server SSL port: 993 +POP server port: 110 +POP server SSL port: 995 +Use spell check server: yes +Spell server URL: http://mailstore-1.example.com:7780/aspell.php ******* +License filename: UNSET         +Configure store for use with reverse mail proxy: FALSE         +Configure store for use with reverse web proxy: FALSE 3) zimbra-snmp: Enabled 4) zimbra-logger: Enabled 5) zimbra-spell: Enabled 6) Default Class of Service Configuration:         +Enable Instant Messaging Feature:     Disabled +Enable Briefcases Feature:            Disabled +Enable Tasks Feature:                 Disabled +Enable Notebook Feature:              Enabled 7) Enable default backup schedule: yes    c) Collapse menu r) Start servers after configuration yes s) Save config to file    q) Quit

4.	Type 1 and press Enter to go to the Common Configuration menu.

 

Common Configuration:     1)Hostname:                          mailstore-1.example.com     2)Ldap master host:                  mailstore-1.example.com     3)Ldap port: 389     4)Ldap Admin password: set     5)Require secure interprocess communications      Yes     6)TimeZone:              (GMT-08.00) Pacific Time (US & Canada)

The mailbox server hostname is displayed. You must change the LDAP master host name and password to be the values configured on the LDAP server.

•	Type 2, press Enter, and type the LDAP host name. (ldap-1.example.com in this example.)

•	Type 4, press Enter, and type the LDAP password.

After you set these values, the server immediately contacts the LDAP server. If it cannot contact the server, you cannot proceed.

•	Type 6 to set the correct time zone, if your time zone is not Pacific Time.

5.	Type r to return to the Main menu.

6.	From the Main menu, type 2 to go to the Store configuration menu and configure the Zimbra mail store server settings.

 

Store configuration 1) Status:                                Enabled 2) Create Admin User: yes 3) Admin user to create: admin@mailstore-1.example.com ** 4) Admin Password UNSET 5) Enable automated spam training: yes 6) Spam training user: spam@mailstore-1.example.com 7) Non-spam(Ham) training user: ham@mailstore-1.example.com 8) Global Documents Account: wiki@mailstore-1.example.com 9) SMTP host: mailstore-1.example.com 10) Web server HTTP port: 80 11) Web server HTTPS port: 443 12) Web server mode: http 13) Enable POP/IMAP proxy: no 14) IMAP server port: 143 15) IMAP server SSL port: 993 16) POP server port: 110 17) POP server SSL port: 995 18) Use spell check server: yes 19) Spell server URL:       http://mailstore-1.example.com:7780/aspell.php **20) License filename: UNSET   21) Configure store for use with reverse mail proxy: FALSE   22) Configure store for use with reverse web proxy: FALSE     Select, or 'r' for previous menu [r] 4

•	Type 4 and set the password for the administrator account. The password is case sensitive and must be a minimum of six characters. During the install process, the admin account is provisioned on the mailbox store server. You log on to the administration console with this password.

Note: By default, the email addresses for the admin account, spam, non-spam, wiki are set to be the zimbra mailstore server address. You may want to change these to be the ZCS primary domain address instead. (example.com in this example)

•	Type the corresponding number to set the SMTP host. In the screen above, this is 9. Change the setting from the mailstore name to the mta-server host name.

•	Type the corresponding number if you want to change the default web server mode. The communication protocol options are HTTP, HTTPS, mixed, both or redirect.

Mixed mode uses HTTPS for logging in and HTTP for normal session traffic

Both mode means that an HTTP session stays HTTP, including during the login phase, and an HTTPS session remains HTTPS throughout, including the login phase.

Redirect mode redirects any users connecting via HTTP to a HTTPS connection.

All modes use SSL encryption for back-end administrative traffic.

•	If you are setting up IMAP/POP proxy servers, type the corresponding number to enable the servers. When you enable these, IMAP and POP server port numbers and proxy port numbers are automatically changed. See the Planning for the Installation chapter, Configuring IMAP and POP Proxy Server.

•	If you install the zimbra spell package, it is installed on every mailstore. The http address for each is the mailstore server it is installed on host name.

•	If the zimbra-proxy package is not installed on the mailbox server, two menu options are displayed so you can preconfigure the mailbox server for use with the zimbra proxy server:

•	Configure store for use with reverse mail proxy FALSE

•	Configure store for use with reverse web proxy FALSE

Set either or both of these to TRUE if you are going to set up zimbra-proxy. The zimbra-proxy ports display in the menu when these are set to TRUE.

•	Type the corresponding menu number to install the Zimbra license file. Enter the location of the Zimbra license file. For example, if you saved the license file to the tmp directory, you would type /tmp/ZCSLicense.xml. You cannot proceed without a license.

7.	Type r to return to the Main menu.

8.

Review the Default Class of Service Configuration settings. If you want to change the COS default configuration of these features, type the number (6) for the Default Class of Service Configuration. Then type the corresponding number for the feature to be enabled or disabled. The default COS settings are adjusted to match.

9.	When the mailbox server is configured, return to the Main menu and type a to apply the configuration changes. Press Enter to save the configuration data.

10.	When Save Configuration data to a file appears, press Enter.

11.	The next request asks where to save the files. To accept the default, press Enter. To save the files to another directory, enter the directory and then press Enter.

12.	When The system will be modified - continue? appears, type y and press Enter.

The server is modified. Installing all the components and configuring the mailbox server can take a few minutes. This includes installing SSL certificates, setting passwords, setting ports, installing skins and zimlets, setting time zone preferences, and starting the servers, among other processes.

13.	When Configuration complete - press return to exit displays, press Enter.

The installation of the mailbox server is complete.

 

Select, or press 'a' to apply config (? - help) a Save configuration data? [Yes] Save config in file: [/opt/zimbra/config.32288] Saving config in /opt/zimbra/config.32288...Done   The system will be modified - continue? [No] y   Operations logged to /tmp/zmsetup.10282008-110412.log Setting local config zimbra_server_hostname to [mailhost.example.com] . . . Operations logged to /tmp/zmsetup.log.32288   Configuration complete - press return to exit

 

Installing Zimbra MTA on a Server

When zimbra-mta is installed, the LDAP host name and the Zimbra LDAP password must be known to the MTA server. If not, the MTA cannot contact the LDAP server and is not able to complete the installation.

1.	Follow steps 1 through 4 in “Starting the Installation Process” to open a SSH session to the MTA server, log on to the server as root, and unpack the Zimbra software.

2.	Type Y and press Enter to install the zimbra-mta package. The other packages should be marked N. In the following screen shot example, the package to be installed is emphasized.

Note: If you are installing zimbra-proxy, it is normally installed on the MTA server. Mark the zimbra-proxy package Y.

Note: If SNMP is used, it is installed on every server.

 

Select the packages to install   Install zimbra-ldap [Y] N Install zimbra-logger [Y] N Install zimbra-mta [Y] Y Install zimbra-snmp [Y] N Install zimbra-store [Y] N Install zimbra-apache [Y] N Install zimbra-spell [Y] N Install zimbra-archiving [N] N Install zimbra-convertd [N] N Install zimbra-proxy [N] N   Installing: zimbra-mta   This system will be modified. Continue [N} Y Configuration section

3.	Type Y, and press Enter to install the selected package(s).

The Main menu displays the default entries for the Zimbra component you are installing. To expand the menu to see all the configuration values type x and press Enter.

To navigate the Main menu, select the menu item to change. You can modify any of the values.

 

Main menu   1) Common Configuration: +Hostname: mta-1.example.com ******* +Ldap master host: UNSET +Ldap port: 389 ******* +Ldap Admin password: UNSET         +Require secure interprocess communications: yes +TimeZone: (GMT-08.00) Pacific Time (US & Canada)   2) zimbra-mta: Enabled ********+MTA Auth host: mta-1.example.com +Enable Spamassassin: yes +Enable Clam AV: yes +Notification address for AV alerts:  admin@mta-1.example.com ******* +Bind password for postfix ldap user: UNSET ******* +Bind password for amavis ldap user: UNSET   3) zimbra-snmp: Enabled    4) zimbra-spell: Enabled    5) Enable default backup schedule: yes r) Start servers after configuration yes s) Save config to file x) Expand menu q) Quit

4.	The Main menu displays. Type 1 and press Enter to go to the Common Configuration menu.

 

Common Configuration:     1)Hostname:                          mta-1.example.com     2)Ldap master host:                  mta-1.example.com     3)Ldap port: 389     4)Ldap Admin password: set     5)Require secure interprocess communications      Yes     6)TimeZone:              (GMT-08.00) Pacific Time (US & Canada)

The mailbox server hostname is displayed. You must change the LDAP master host name and password to be the values configured on the LDAP server.

•	Type 2, press Enter, and type the LDAP host name. (ldap-1.example.com in this example.)

•	Type 4, press Enter, and type the LDAP password.

After you set these values, the server immediately contacts the LDAP server. If it cannot contact the server, you cannot proceed.

•	Type 6 to set the correct time zone, if your time zone is not Pacific Time.

5.	Type r to return to the Main menu.

6.	Type 2 to go to the Mta menu.

 

Select, or press 'a' to apply config (? - help) 2   Mta configuration     1) Status: Enabled **2) MTA Auth host:                           UNSET   3) Enable Spamassassin: yes   4) Enable Clam AV: yes   5) Notification address for AV alerts: admin@mta-1.example.com **6) Bind password for postfix ldap user: UNSET **7) Bind password for amavis ldap user: UNSET

•	Type 2 to set the MTA Auth host. This is the MTA authentication server host name and is set to one of the Zimbra mailbox server’s hostname.

•	You can change 5, AV alerts notification address. This should be an address on the domain, such as the admin address. (admin@example.com)

Note: If you enter an address other than the admin address, you must provision an account with that address after the installation is complete.

You must set the same postfix ldap user password and the same amavis ldap user password that is configured on the LDAP master server.

•	Type 6 and enter the postfix password.

•	Type 7 and enter the amavis password.

7.	Type r to return to the Main menu.

Note: If you are installing the zimbra-proxy package, see “Installing zimbra-proxy” before continuing.

8.	When the MTA server is configured, return to the Main menu and type a to apply the configuration changes. Press Enter to save the configuration data.

9.	When Save Configuration data to a file appears, press Enter.

10.	The next request asks where to save the files. To accept the default, press Enter. To save the files to another directory, enter the directory and then press Enter.

11.	When The system will be modified - continue? appears, type y and press Enter.

The server is modified. Installing all the components and configuring the MTA server can take a few minutes. This can include setting passwords, setting ports, setting time zone preferences, and starting the server, among other processes.

12.	When Installation complete - press return to exit displays, press Enter.

The installation of the MTA server is complete.

Installing zimbra-proxy

Installing the zimbra-proxy package is optional, but recommended for scalable multi-server deployment. Zimbra proxy is normally installed on the MTA server or can be configured on a separate server. Zimbra proxy can be installed on more than one server.

Important: If you are moving from a non-proxy environment (for example, single server to multi-server environment), additional steps are necessary for the mailbox server and proxy configuration. After you complete the proxy installation, reconfigure the mailbox server as described in the ZCS Administration Guide, Zimbra Proxy chapter.

Note: Memcached is shipped as the caching layer to cache LDAP lookups. Memcache does not have authentication and security features so the servers should have a firewall set up appropriately. The default port is 11211 and is controlled by zimbraMemcacheBindPort conf setting in zimbraserver.

If you are installing zimbra-proxy on the MTA server, select the zimbra-proxy package. Follow the installation process for “Installing Zimbra MTA on a Server” . After Step 8, configure the Zimbra-proxy.

1.	On the MTA server to install the zimbra-proxy package, type Y and press Enter to install the selected package.

2.	The Main menu displays the default entries for the Zimbra component you are installing. Select Proxy Configuration menu. You can modify any of the values.

•	The default is POP/IMAP proxy enabled and HTTP Proxy disabled.

•

The Bind password for Nginx ldap user is configured when the LDAP server was installed. This is set when the MTA connected to the LDAP server. This is not used unless the Kerberos5 authenticating mechanism is enabled. Note: Setting the password even though GSSAPI auth/proxy is not set up does not cause any issues.

 

Proxy configuration   1) Status: Enabled    2) Enable POP/IMAP proxy:                   TRUE    3) IMAP proxy port: 143 4) IMAP SSL proxy port: 993 5) POP proxy port: 110 6) POP SSL proxy port: 995    7) Bind password for Nginx ldap user       (Only required for GSSAPI auth):         set    8) Enable HTTP[S] Proxy:                    FALSE

Return to the MTA section, step 8 on page 41 to continue the MTA server installation.

Installing Zimbra-Proxy on a separate server

The LDAP host name and the Zimbra LDAP password must be known to the proxy server. If not, the proxy server cannot contact the LDAP server and the installation fails.

1.	Follow steps 1 through 4 in “Starting the Installation Process” to open a SSH session to the server, log on to the server as root, and unpack the Zimbra software.

2.	Type Y and press Enter to install the zimbra-proxy package. The other packages should be marked N. In the following screen shot example, the package to be installed is emphasized.

Note: If SNMP is used, the zimbra-snmp package must also be installed.

 

Select the packages to install   Install zimbra-ldap [Y] N Install zimbra-logger [Y] N Install zimbra-mta [Y] N Install zimbra-snmp [Y] N Install zimbra-store [Y] N Install zimbra-apache [Y] N Install zimbra-spell [Y] N Install zimbra-archiving [N] N Install zimbra-convertd [N] N Install zimbra-proxy [N] Y   Installing: zimbra-proxy   This system will be modified. Continue [N} Y Configuration section

3.	Type Y, and press Enter to install the selected package.

4.	The Main menu displays. Type 1 and press Enter to go to the Common Configuration menu.

The mailbox server hostname is displayed. You must change the LDAP master host name and password to be the values configured on the LDAP server.

•	Type 2, press Enter, and type the LDAP host name. (ldap-1.example.com, in this example.)

•	Type 4, press Enter, and type the LDAP password.

After you set these values, the server immediately contacts the LDAP server. If it cannot contact the server, you cannot proceed.

•	Type 6 to set the correct time zone, if your time zone is not Pacific Time.

5.	Select Proxy Configuration menu. You can modify any of the values.

•	The default is POP/IMAP proxy enabled and HTTP Proxy disabled.

•

The Bind password for Nginx ldap user is configured when the LDAP server was installed. This is set when the MTA connected to the LDAP server. This is not used unless the Kerberos5 authenticating mechanism is enabled. Note: Setting the password even though GSSAPI auth/proxy is not set up does not cause any issues.

 

Proxy configuration   1) Status: Enabled    2) Enable POP/IMAP proxy:                   TRUE    3) IMAP proxy port: 143 4) IMAP SSL proxy port: 993 5) POP proxy port: 110 6) POP SSL proxy port: 995    7) Bind password for Nginx ldap user       (Only required for GSSAPI auth):         set    8) Enable HTTP[S] Proxy:                    FALSE

6.	Type r to return to the Main menu.

7.	When the proxy server is configured, return to the Main menu and type a to apply the configuration changes. Press Enter to save the configuration data.

8.	When Save Configuration data to a file appears, press Enter.

9.	The next request asks where to save the files. To accept the default, press Enter. To save the files to another directory, enter the directory and then press Enter.

10.	When The system will be modified - continue? appears, type y and press Enter.

11.	When Installation complete - press return to exit displays, press Enter.

The installation of the proxy server is complete.

Installing the zimbra-SNMP package

Installing the zimbra-SNMP package is optional, but if you use SNMP monitoring, this package should be installed on each Zimbra server.

In the Main menu, select zimbra-snmp to make changes to the default values.

The following questions are asked for SNMP configuration.

•	Configure whether to be notified by SNMP or SMTP. The default is No. If you enter yes, you must enter additional information.

•	For SNMP type the SNMP Trap host name.

•	For SMTP type the SMTP source email address and destination email address.

 

8) zimbra-snmp: Enabled     +Enable SNMP notifications: yes     +SNMP Trap hostname:                   example.com     +Enable SMTP notifications: yes     +SMTP Source email address: admin@example.com     +SMTP Destination email address:       admin@example.com

Final Set-Up

After the Zimbra servers are configured in a multi-node configuration, the following two functions must be configured:

•	In order for remote management and postfix queue management, the ssh keys must be manually populated on each server.

•

If logger is installed, set up the syslog configuration files on each server to enable server statistics to display on the administration console, and then enable the logger monitor host. The server statistics includes information about the message count, message volume, and anti-spam and anti-virus activity.

•

ZCS ships a default zimbra user with a disabled password. ZCS requires access to this account via ssh public key authentication. On most operating systems this combination is okay, but if you have modified pam rules to disallow any ssh access to disabled accounts then you must define a password for the zimbra UNIX account. This will allow ssh key authentication for checking remote queues. See the Zimbra wiki article, Mail Queue Monitoring.

Set up the ssh keys.

To populate the ssh keys, on each server, as Zimbra user (su-zimbra). Type zmupdateauthkeys and press Enter. The key is updated on
/opt/zimbra/.ssh/authorized_keys.

Enabling Server Statistics Display.

In order for the server statistics to display on the administration console, the syslog configuration files must be modified.

1.	On each server, as root, type /opt/zimbra/bin/zmsyslogsetup. This enables the server to display statistics.

2.	On the logger monitor host, you must enable syslog to log statistics from remote machines.

a.	Edit the /etc/sysconfig/syslog file, add -r to the SYSLOGD_OPTIONS setting, SYSLOGD_options=”-r -m 0”

b.	Stop the syslog daemon. Type /etc/init.d/syslog stop.

c.	Start the syslog daemon. Type /etc/init.d/syslog start.

Verifying Server Configuration

When Configuration complete - press return to exit is displayed, the installation is finished and the server has been started. Before going to the next server, you should verify that the server is running.

Use the CLI command, zmcontrol status, to verify that each server is running.

1.	For each server in the Zimbra Collaboration Suite environment, log on as a Zimbra administrator, from the root.

2.	Type su - zimbra.

3.	Type zmcontrol status. The services status information is displayed. All services should be running.

Note: If services are not started, you can type zmcontrol start. See the CLI command appendix in the Administration Guide for more zmcontrol commands.

Logging on to the Administration Console

To log on to the administration console, open your browser, type the administration console URL and log on to the console. The administration console URL is entered as
https://[example.com]:7071/zimbraAdmin.

Note: The administration console address must be typed with “https”, even if you configured only “http”.

The first time you log on, a certificate authority (CA) alert may be displayed. Click Accept this certificate permanently to accept the certificate and be able connect to the Zimbra administration console. Then click OK.

Enter the admin user name and password configured during the installation process. Enter the user name as admin@example.com

Post Installation Tasks

Once the Zimbra Collaboration Suite is installed, you can log on to the administration console and configure additional domains, create Classes of Service, and provision accounts. See the Zimbra Administrator’s Guide.

Defining Classes of Service

A default Class of Service (COS) is automatically created during the installation of Zimbra software. The COS controls mailbox quotas, message lifetime, password restrictions, attachment blocking and server pools. You can modify the default COS and create new COSs to assign to accounts according to your group management policies.

In an environment with multiple mailbox servers, COS is used to assign the new accounts to a mailbox server. The COS server pool tab lists the mailbox servers in your Zimbra environment. When you configure the COS, select which servers to add to the server pool. Within each pool of servers, a random algorithm assigns new mailboxes to any available server.

To create or modify a COS, from the administration console, click COS. If you have questions, refer to the Help.

Provisioning Accounts

You can configure one account at a time with the New Account Wizard or you can create many accounts at once using the Bulk Provisioning Wizard.

Configuring One Account

The administration console New Account Wizard steps you through the account information to be completed.

1.	From the administration console Navigation pane, click Accounts.

Note: Four accounts are listed: admin account, two spam training accounts, and a global Documents account. These accounts do not need any additional configuration.

2.	Click New. The first page of the New Account Wizard opens.

3.	Enter the account name to be used as the email address and the last name. This the only required information to create an account.

4.	You can click Finish at this point, and the account is configured with the default COS and global features.

To configure aliases, forwarding addresses, and specific features for this account, proceed through the dialog before you click Finish.

When the accounts are provisioned, these accounts can immediately start to send and receive emails.

Configuring Many Accounts at Once

You can provision up to 500 accounts on once using the Bulk Account Wizard from the administration console. The wizard takes you through the steps to upload a .csv file with the account information and then provisions the user accounts. These accounts are configured with a user name, display name and password (optional). The accounts are automatically assigned the domain default COS.

Refer to the administration guide to learn more about provisioning accounts.

Import the Content of Users’ Mailboxes

Zimbra’s migration and import tools can be used to move users’ email messages, calendars, and contacts from their old email servers to their accounts on the Zimbra server. When the user’s files are imported, the folder hierarchy is maintained. These tools can be accessed from the administration console Download page and instruction guides are available from the Administration Console Help Desk.

Uninstalling Zimbra Collaboration Suite

To uninstall servers, you run the install script -u and then delete the zcs directory and remove the ZCS tgz file on the servers.

1.	Change directories to the original install directory for the zcs files.

2.	Type ./install.sh -u.

3.	When Completely remove existing installation? is displayed, type Yes.

The Zimbra servers are stopped, the existing packages, the webapp directories, and the /opt/zimbra directory are removed.

4.	Delete the zcs directory, type rm -rf [zcsfilename].

5.	Delete the zcs.tgz file, type rm -rf zcs.tgz.

6.	Additional files may need to be delete. See the Zimbra Wiki Installation section on http://wiki.zimbra.com/index.php?title=Main_Page.

Note: For Mac, type cd /;/opt/zimbra/libexec/installer/install-mac.sh - u.

 

ZCS Multi-Server Installation Guide, Network Edition 5.0 (Rev 5.0.19 September 2009)