I decided to try a different approach (well, I was told to test the install behind the firewall). The firewall is 10.1.10.1 (LAN side) and DNS also runs on it. The mail is 10.1.10.4, and cvt.local is the internal domain. I placed an MX record on the DNS server. Now, the LDAP error is gone, but much of the installation following fails.
The installation log is *huge* and won't fit in this post, but I'm seeing hundreds of errors relating to LDAP.
Examples:
Code:
Wed Nov 4 12:37:56 2009 This is the ldap master and ldap hasn't been configured yet.
Wed Nov 4 12:38:45 2009 ERROR: service.FAILURE (system failure: unable to lookup server by name: mail.checkmypharm.com message: [LDAP: error code 49 - Invalid Credentials]) (cause: javax.naming.AuthenticationException [LDAP: error code 49 - Invalid Credentials])
etc.
so, here are the results of the command outputs you requested (run from the mail server)
Code:
[root@mail /]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain
10.1.10.4 mail.checkmypharm.com mail
Code:
cat /etc/resolv.conf
domain cvt.local
search cvt.local
nameserver 10.1.10.1
and since you will probably ask, the firewall resolv.conf
Code:
firewall.cvt.local{root}[78]: cat /etc/resolv.conf
domain cvt.local
search cvt.local
nameserver 10.1.10.1
nameserver 66.7.224.17
nameserver 66.7.224.18
nameserver 4.2.2.1 Code:
[root@mail /]# dig checkmypharm.com any
; <<>> DiG 9.6.1-P1-RedHat-9.6.1-6.P1.fc11 <<>> checkmypharm.com any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44644
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;checkmypharm.com. IN ANY
;; ANSWER SECTION:
checkmypharm.com. 86400 IN SOA firewall.cvt.local. root.checkmypharm.com. 2009110402 10800 900 604800 86400
checkmypharm.com. 86400 IN NS firewall.cvt.local.
checkmypharm.com. 86400 IN MX 0 mail.checkmypharm.com.
checkmypharm.com. 86400 IN A 10.1.10.4
;; ADDITIONAL SECTION:
firewall.cvt.local. 86400 IN A 10.1.10.1
mail.checkmypharm.com. 86400 IN A 10.1.10.4
;; Query time: 1 msec
;; SERVER: 10.1.10.1#53(10.1.10.1)
;; WHEN: Wed Nov 4 13:07:15 2009
;; MSG SIZE rcvd: 176
Code:
[root@mail /]# dig checkmypharm.com mx
; <<>> DiG 9.6.1-P1-RedHat-9.6.1-6.P1.fc11 <<>> checkmypharm.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61431
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; QUESTION SECTION:
;checkmypharm.com. IN MX
;; ANSWER SECTION:
checkmypharm.com. 86400 IN MX 0 mail.checkmypharm.com.
;; AUTHORITY SECTION:
checkmypharm.com. 86400 IN NS firewall.cvt.local.
;; ADDITIONAL SECTION:
mail.checkmypharm.com. 86400 IN A 10.1.10.4
firewall.cvt.local. 86400 IN A 10.1.10.1
;; Query time: 1 msec
;; SERVER: 10.1.10.1#53(10.1.10.1)
;; WHEN: Wed Nov 4 13:08:07 2009
;; MSG SIZE rcvd: 119
So far I *think* there is not a problem... however, the next result looks problematic to me:
Code:
[root@mail /]# host `hostname`
mail.cvt.local has address 10.1.10.4
I've spent several days on this, and am starting to think this project is beyond me. Unless the solution is clearly solvable by me based on the feedback I get here, I plan on advocating the hiring of a Zimbra consultant, letting me get back to my other duties.
Thanks for your help,
Joe