Results 1 to 5 of 5

Thread: zmprov not working from SMTP or proxy server in multi-server install

  1. #1
    fultonj is offline Senior Member
    Join Date
    Feb 2008
    Location
    Easton PA
    Posts
    63
    Rep Power
    7

    Default zmprov not working from SMTP or proxy server in multi-server install

    I have a working ZCS 5.10 multi-server install with separate servers for store, ldap, smtp and imap proxy. I did the install according to the documentation [0]. zmprov commands work on the store and ldap servers but do not work on the smtp or proxy servers (exact error message below) [1]. How can I run zmprov on the smtp or proxy servers?

    I've seen this on other multi-server installs. Is this by design? I would like to use the smtp and proxy servers to reset passwords via the CLI. I'm doing a large imapsync which is CPU bound. I'd like to distribute load on many servers to use their CPU to speed up the sync. My script to do the sync sets a local password with zmprov sp and then disables it after the sync.

    footnotes:
    [0]
    cover.1.1.html

    [1]
    [zimbra@zstore00 import]$ zmprov ga fultonj@zprd.lafayette.edu | wc -l
    243
    [zimbra@zstore00 import]$

    [zimbra@zldap0 import]$ zmprov ga fultonj@zprd.lafayette.edu | wc -l
    243
    [zimbra@zldap0 import]$

    [zimbra@zsmtp0 import]$ zmprov ga fultonj@zprd.lafayette.edu
    ERROR: zclient.IO_ERROR (invoke Connection refused, server: localhost) (cause: java.net.ConnectException Connection refused)
    [zimbra@zsmtp0 import]$

    [zimbra@zproxy0 import]$ zmprov ga fultonj@zprd.lafayette.edu
    ERROR: zclient.IO_ERROR (invoke Connection refused, server: localhost) (cause: java.net.ConnectException Connection refused)
    [zimbra@zproxy0 import]$

  2. #2
    bdial's Avatar
    bdial is offline Moderator
    Join Date
    Jul 2007
    Location
    Baltimore
    Posts
    1,649
    Rep Power
    11

    Default

    try this on your mta box

    Code:
    zmlocalconfig -e zimbra_zmprov_default_soap_server zstore00.domain.com
    change the last part to one of your mailbox servers

  3. #3
    fultonj is offline Senior Member
    Join Date
    Feb 2008
    Location
    Easton PA
    Posts
    63
    Rep Power
    7

    Default

    Thank you bdial.

    That fixed my problem. Two questions:

    1. My LDAP server has zimbra_zmprov_default_soap_server = localhost yet it seems to work without the fix. Any idea why? Should I set it to the store server instead?

    2. I have two store servers. What's the best way to share the load? Should I set half for one and half for the other?

  4. #4
    bdial's Avatar
    bdial is offline Moderator
    Join Date
    Jul 2007
    Location
    Baltimore
    Posts
    1,649
    Rep Power
    11

    Default

    1. your ldap server might be using ldap instead of soap to do stuff. you can check with the command

    Code:
    zmlocalconfig | grep zimbra_zmprov_default_to_ldap
    2. i guess ify ou're concerned you could do that. why are you executing zmprov commands on so many different servers though? why not just choose 1 or 2 and call it a day?

  5. #5
    fultonj is offline Senior Member
    Join Date
    Feb 2008
    Location
    Easton PA
    Posts
    63
    Rep Power
    7

    Default

    1. As you suggested, LDAP seems to be using itself instead of SOAP:

    [zimbra@zldap0 import]$ zmlocalconfig | grep zimbra_zmprov_default_to_ldap
    zimbra_zmprov_default_to_ldap = true
    [zimbra@zldap0 import]$

    I actually had a strange bug where zldap0 wouldn't set the local password for certain users via zmprov followed by a quick imapsync until I changed the above to false and had it use one of my store servers instead by changing zimbra_zmprov_default_soap_server.

    I assume that SOAP calls to the store servers to change a user's Zimbra password get translated into calls to LDAP. I wonder if asking the ldap server to use the store server for zmprov calls updated some sort of cache on the store server. I'm imapsyncing a user very shortly after setting their local password and then setting it back. If LDAP knew it had a new password but didn't push it to the store or proxy server in time, then the user would have been denied when the imapsync was attempted.

    2. imapsync is CPU bound (with fast enough disks). I can speed my conversion up a lot by using all of the CPUs I have available, i.e. all of my servers for Zimbra (store, smtp, etc). My script changes the password before and after it syncs so each server needs to zmprov. The basic algorithm is:

    for users in users:
    change_local_passwords(user)
    imap_sync(user)
    disable_local_passwords(user)

    Thanks for your suggestion as it solved my problem.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. initializing ldap...FAILED(256)ERROR
    By manjunath in forum Installation
    Replies: 39
    Last Post: 06-07-2013, 10:27 AM
  2. Erorr..initializing ldap failed(5362)
    By Logan_filter in forum Installation
    Replies: 10
    Last Post: 12-19-2008, 01:10 PM
  3. Zimbra fails after working for 2 weeks
    By Linsys in forum Administrators
    Replies: 10
    Last Post: 10-07-2008, 12:42 AM
  4. Installation Problem - Possibly LDAP
    By geroshea in forum Installation
    Replies: 5
    Last Post: 03-16-2007, 04:47 AM
  5. Intallation on FC5
    By rsharpe in forum Installation
    Replies: 24
    Last Post: 06-13-2006, 05:15 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •