I know there are ALOT of posts about this, but...

[NoDoze]

Additionally....

Since the clean install works, but I get that ldap error with the restored version, I would think it's a ldap setting that needs to be corrected....?
What in the zimbra ldap could cause this error...?

Thanks.

[Bill Brock]

I'm saying zimbra tries to use mail.domain.com as the domain instead of domain.com. And that it appears that your original dig response shows you have a domain called mail.domain.com instead of domain.com.

So it looks like your local DNS has a domain called mail.domain.com. Of course this is the servers FQDN and not the domain name. I think this is where all your problems are. That is why when you dig domain.com any it gives you a response from your external DNS server but when you dig mail.domain.com any you get a response from your local DNS server.

Double check the local dns zone file and see if it is for domain domain.com or mail.domain.com.

[Bill Brock]

IMHO. I think you have a DNS problem and not an LDAP problem. I have tried my best to explain my take on the issue and I'm sorry that we aren't understanding one another. But I'm 99.9% sure it is in your DNS. But I could be wrong.

[NoDoze]

So you're saying the issue is in my primary DNS server...? ...Is that what you're calling the "local DNS"...? Or is the "local DNS" referring to the test zimbra server...?

This is the record file from the primary DNS server:

$ttl 120
; domain.com
@ IN SOA domain.com. admin.domain.com. (
2008063074
120
120
604800
3600 )

wXw.domain.com. IN A 71.X.XX.180
mail.domain.com. IN A 71.X.XX.182
ns1.domain.com. IN A 71.X.XX.180
ns2.domain.com. IN A 71.X.XX.181
domain.com. IN NS ns1.domain.com.
domain.com. IN NS ns2.domain.com.
domain.com. IN MX 10 mail.domain.com.
domain.com. IN A 71.X.XX.180

XX.X.71.in-addr.arpa. IN NS ns1.domain.com.
XX.X.71.in-addr.arpa. IN NS ns2.domain.com.
180 IN PTR domain.com.
182 IN PTR mail.domain.com.

And the dig from the test zimbra server:

dig domain.com any

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> domain.com any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37051
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:
;domain.com. IN ANY

;; ANSWER SECTION:
domain.com. 120 IN SOA domain.com. admin.domain.com. 2008063074 120 120 604800 3600
domain.com. 120 IN A 71.X.XX.180
domain.com. 120 IN MX 10 mail.domain.com.
domain.com. 120 IN NS ns2.domain.com.
domain.com. 120 IN NS ns1.domain.com.

;; AUTHORITY SECTION:
domain.com. 120 IN NS ns1.domain.com.
domain.com. 120 IN NS ns2.domain.com.

;; ADDITIONAL SECTION:
mail.domain.com. 120 IN A 192.168.1.176
ns1.domain.com. 120 IN A 71.X.XX.180
ns2.domain.com. 120 IN A 71.X.XX.181

;; Query time: 2 msec
;; SERVER: 192.168.1.176#53(192.168.1.176)
;; WHEN: Tue Oct 27 09:43:21 2009
;; MSG SIZE rcvd: 225

[Bill Brock]

the first time you ran - dig mail.domain.com any instead of dig domain.com any.

This responded as though you have a zone file somewhere that has a domain called mail.domain.com. Of course your domain is domain.com. I don't know what DNS server has this but it would be the DNS server that is being used as a resolver for the machine from where you ran the command.

Do you have a zone file other than the one you just posted somewhere?

[NoDoze]

The zone file from the primary DNS server:

$ttl 120
; domain.com
@ IN SOA domain.com. admin.domain.com. (
2008063074
120
120
604800
3600 )

wXw.domain.com. IN A 71.X.XX.180
mail.domain.com. IN A 71.X.XX.182
ns1.domain.com. IN A 71.X.XX.180
ns2.domain.com. IN A 71.X.XX.181
domain.com. IN NS ns1.domain.com.
domain.com. IN NS ns2.domain.com.
domain.com. IN MX 10 mail.domain.com.
domain.com. IN A 71.X.XX.180

XX.X.71.in-addr.arpa. IN NS ns1.domain.com.
XX.X.71.in-addr.arpa. IN NS ns2.domain.com.
180 IN PTR domain.com.
182 IN PTR mail.domain.com.

The zone file from the production zimbra server:

$ttl 120
mail.domain.com. IN SOA ns1.domain.com. netadmin.netadmin.com. (
1255040795
120
120
604800
38400 )
mail.domain.com. IN NS 192.168.1.248
mail.domain.com. IN A 192.168.1.248
mail.domain.com. IN MX 10 mail.domain.com.

The zone file from the test zimbra server:

$ttl 120
mail.domain.com. IN SOA ns1.domain.com. netadmin.netadmin.com. (
1256581218
120
120
604800
38400 )
mail.domain.com. IN NS 192.168.1.176
mail.domain.com. IN A 192.168.1.176
mail.domain.com. IN MX 10 mail.domain.com.

Those are the only zone files on the network...
As stated the original dig was corrected...but the issue still persists...

[ArcaneMagus]

There are only two possible DNS issue that I see. One is that your name servers are listed with public IP addresses, if they are on the local network you should change the result returned to LAN clients to show the internal address (this can be ignored however if your NAT device supports NAT Reflection).
You can have your name servers return one set of results to public clients, and another set to LAN clients by using views in BIND, I am not sure if/how other DNS servers would do this.

The other issue is only a possibility that the PTR record for 192.168.1.176 doesn't point to mail.domain.com. But that issue is not going to cause the problem you are having.

I doubt that your problem is DNS as it looks like everything is returning results that should work.

I just did some digging into the startup script to see exactly where it is failing for you and here is what I have found:
The stage that is failing is when it calls the equivalent of

Code:

/opt/zimbra/bin/zmprov -l gs $localHostName | grep "zimbraServiceEnabled"

. "$localHostName" is defined by a function that parses the output of the equivalent of

Code:

/opt/zimbra/bin/zmlocalconfig -x -s -q -m shell | grep "zimbra_server_hostname"

So..... the question that I have for you is what do you get from the output of the following command?

Code:

zmprov -l gs `zmhostname` | grep "zimbraServiceEnabled"

If that fails try typing in the hostname manually.

[Bill Brock]

zone files show you have a domain called mail.domain.com. It appears to me that your domain is actually domain.com. But if you did not change your zimbra install it probably set up a domain called mail.domain.com. Did zimbra create a domain called mail.domain.com in the mail server? Is it listed in the admin GUI?

[NoDoze]

ERROR: service.FAILURE (system failure: unable to get config) (cause: javax.naming.NamingException [LDAP: error code 80 - internal error])

How do I type the hostname manually?

When I do a zmhostname it shows: mail.domain.com

[NoDoze]

Yes Bill, the domain mail.domain.com was automatically created in the new install...the same domain name as the restored version...