| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
07-02-2010, 05:58 AM
| | Intermediate Member | |
Posts: 16
| |  [SOLVED] ldap - cache is out of date or doesn't exist
I've had some problems installing a goDaddy Cert (wish I'd checked the forums before charging ahead with the wizard). I think I have the certificate installed OK now but I still seem to be having problems with ldap. Code: zimbra@host:/root$ zmcontrol start
Host host.domain.com
Unable to determine enabled services from ldap.
Unable to determine enabled services. Cache is out of date or doesn't exist. Here's my ldap zmlocalconfig stuff Code: zimbra@host:/root$ zmlocalconfig | grep ldap
ldap_accesslog_cachefree = 1
ldap_accesslog_cachesize = 10000
ldap_accesslog_checkpoint = 64 5
ldap_accesslog_dncachesize = 0
ldap_accesslog_idlcachesize = 10000
ldap_accesslog_shmkey = 0
ldap_amavis_password = *
ldap_bind_url =
ldap_cache_account_maxage = 15
ldap_cache_account_maxsize = 20000
ldap_cache_cos_maxage = 15
ldap_cache_cos_maxsize = 100
ldap_cache_domain_maxage = 15
ldap_cache_domain_maxsize = 100
ldap_cache_external_domain_maxage = 15
ldap_cache_external_domain_maxsize = 2000
ldap_cache_group_maxage = 15
ldap_cache_group_maxsize = 200
ldap_cache_reverseproxylookup_domain_maxage = 15
ldap_cache_reverseproxylookup_domain_maxsize = 100
ldap_cache_reverseproxylookup_server_maxage = 15
ldap_cache_reverseproxylookup_server_maxsize = 100
ldap_cache_right_maxage = 15
ldap_cache_right_maxsize = 100
ldap_cache_server_maxage = 15
ldap_cache_server_maxsize = 100
ldap_cache_timezone_maxsize = 100
ldap_cache_xmppcomponent_maxage = 15
ldap_cache_xmppcomponent_maxsize = 100
ldap_cache_zimlet_maxage = 15
ldap_cache_zimlet_maxsize = 100
ldap_common_loglevel = 49152
ldap_common_require_tls = 0
ldap_common_threads = 8
ldap_common_toolthreads = 1
ldap_common_writetimeout = 0
ldap_connect_pool_debug = false
ldap_connect_pool_initsize = 1
ldap_connect_pool_master = false
ldap_connect_pool_maxsize = 50
ldap_connect_pool_prefsize = 0
ldap_connect_pool_timeout = 120000
ldap_connect_timeout = 30000
ldap_db_cachefree = 1
ldap_db_cachesize = 10000
ldap_db_checkpoint = 64 5
ldap_db_dncachesize = 0
ldap_db_idlcachesize = 10000
ldap_db_shmkey = 0
ldap_deref_aliases = always
ldap_host = host.domain.com
ldap_is_master = true
ldap_master_url = ldap://host.domain.com:389
ldap_nginx_password = *
ldap_overlay_accesslog_logpurge = 01+00:00 00+04:00
ldap_overlay_syncprov_checkpoint = 20 10
ldap_overlay_syncprov_sessionlog = 500
ldap_port = 389
ldap_postfix_password = *
ldap_read_timeout = 30000
ldap_replication_password = *
ldap_root_password = *
ldap_starttls_supported = 1
ldap_url = ldap://host.domain.com:389
postfix_sender_canonical_maps = proxy:ldap:${zimbra_home}/conf/ldap-scm.cf
postfix_transport_maps = proxy:ldap:${zimbra_home}/conf/ldap-transport.cf
postfix_virtual_alias_domains = proxy:ldap:${zimbra_home}/conf/ldap-vad.cf
postfix_virtual_alias_maps = proxy:ldap:${zimbra_home}/conf/ldap-vam.cf
postfix_virtual_mailbox_domains = proxy:ldap:${zimbra_home}/conf/ldap-vmd.cf
postfix_virtual_mailbox_maps = proxy:ldap:${zimbra_home}/conf/ldap-vmm.cf
zimbra_class_provisioning = com.zimbra.cs.account.ldap.LdapProvisioning
zimbra_ldap_password = *
zimbra_ldap_user = zimbra
zimbra_ldap_userdn = uid=zimbra,cn=admins,cn=zimbra
zimbra_zmprov_default_to_ldap = false I've also attached the last 5 mins or so of the zimbra.log file (during which time I tried to start zimbra using zmcontrol start). Code: Jul 2 13:43:01 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All MTA Authentication Target URLs update.
Jul 2 13:43:01 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllMtaAuthURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:43:06 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping Configuration for server host.uneeka.com update.
Jul 2 13:43:06 host zimbramon[9121]: 9121:info: zmmtaconfig: gs:host.uneeka.com ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:43:06 host zimbramon[9121]: 9121:info: zmmtaconfig: Sleeping...Key lookup failed.
Jul 2 13:43:17 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping Global system configuration update.
Jul 2 13:43:17 host zimbramon[9121]: 9121:info: zmmtaconfig: gacf ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:43:23 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Reverse Proxy URLs update.
Jul 2 13:43:23 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllReverseProxyURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:43:28 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Reverse Proxy Backends update.
Jul 2 13:43:28 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllReverseProxyBackends ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:43:33 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Memcached Servers update.
Jul 2 13:43:33 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllMemcachedServers ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:43:39 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All MTA Authentication Target URLs update.
Jul 2 13:43:39 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllMtaAuthURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:43:44 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping Configuration for server host.uneeka.com update.
Jul 2 13:43:44 host zimbramon[9121]: 9121:info: zmmtaconfig: gs:host.uneeka.com ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:43:44 host zimbramon[9121]: 9121:info: zmmtaconfig: Sleeping...Key lookup failed.
Jul 2 13:43:56 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping Global system configuration update.
Jul 2 13:43:56 host zimbramon[9121]: 9121:info: zmmtaconfig: gacf ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:44:00 host sshd[27288]: Accepted password for root from 192.168.1.65 port 51216 ssh2
Jul 2 13:44:01 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Reverse Proxy URLs update.
Jul 2 13:44:01 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllReverseProxyURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:44:10 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Reverse Proxy Backends update.
Jul 2 13:44:10 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllReverseProxyBackends ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:44:17 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Memcached Servers update.
Jul 2 13:44:17 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllMemcachedServers ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:44:22 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All MTA Authentication Target URLs update.
Jul 2 13:44:22 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllMtaAuthURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:44:28 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping Configuration for server host.uneeka.com update.
Jul 2 13:44:28 host zimbramon[9121]: 9121:info: zmmtaconfig: gs:host.uneeka.com ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:44:28 host zimbramon[9121]: 9121:info: zmmtaconfig: Sleeping...Key lookup failed.
Jul 2 13:44:39 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping Global system configuration update.
Jul 2 13:44:39 host zimbramon[9121]: 9121:info: zmmtaconfig: gacf ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:44:44 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Reverse Proxy URLs update.
Jul 2 13:44:44 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllReverseProxyURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:44:49 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Reverse Proxy Backends update.
Jul 2 13:44:49 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllReverseProxyBackends ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:44:53 host zimbramon[29029]: 29029:info: Starting services initiated by zmcontrol
Jul 2 13:44:56 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Memcached Servers update.
Jul 2 13:44:56 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllMemcachedServers ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:45:06 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All MTA Authentication Target URLs update.
Jul 2 13:45:06 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllMtaAuthURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:45:11 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping Configuration for server host.uneeka.com update.
Jul 2 13:45:11 host zimbramon[9121]: 9121:info: zmmtaconfig: gs:host.uneeka.com ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:45:11 host zimbramon[9121]: 9121:info: zmmtaconfig: Sleeping...Key lookup failed.
Jul 2 13:45:22 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping Global system configuration update.
Jul 2 13:45:22 host zimbramon[9121]: 9121:info: zmmtaconfig: gacf ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:45:28 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Reverse Proxy URLs update.
Jul 2 13:45:28 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllReverseProxyURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:45:33 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Reverse Proxy Backends update.
Jul 2 13:45:33 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllReverseProxyBackends ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:45:39 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Memcached Servers update.
Jul 2 13:45:39 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllMemcachedServers ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:45:44 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All MTA Authentication Target URLs update.
Jul 2 13:45:44 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllMtaAuthURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:45:49 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping Configuration for server host.uneeka.com update.
Jul 2 13:45:49 host zimbramon[9121]: 9121:info: zmmtaconfig: gs:host.uneeka.com ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:45:49 host zimbramon[9121]: 9121:info: zmmtaconfig: Sleeping...Key lookup failed.
Jul 2 13:46:00 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping Global system configuration update.
Jul 2 13:46:00 host zimbramon[9121]: 9121:info: zmmtaconfig: gacf ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
Jul 2 13:46:09 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping All Reverse Proxy URLs update.
Jul 2 13:46:09 host zimbramon[9121]: 9121:info: zmmtaconfig: Skipping getAllReverseProxyURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) I'm really new Linux and Zimbra - it's a single server installation and no-one in the office can access thier mail or calendars at the moment. Any help or pointers would be hugely welcome.  |
07-02-2010, 06:18 AM
| | Zimbra Consultant & Moderator | |
Posts: 20,313
| |
You appear to have the proxy installed and running, you should not have that on a single server, check if the proxy is installed/running: Code: zmproxyctl status
zmprov gs `zmhostname` | grep zimbraServiceEnabled
zmprov gs `zmhostname` | grep zimbraServiceInstalled If it's in, then run this: Code: zmproxyctl stop
zmprov ms `zmhostname` -zimbraServiceEnabled imapproxy
zmcontrol stop
zmcontrol start To reset the ports run the following (on one line): Code: zmprov -l ms `zmhostname` zimbraPop3BindPort 110 zimbraPop3SSLBindPort 995 zimbraPop3ProxyBindPort 7110 zimbraPop3SSLProxyBindPort 7995 zimbraImapBindPort 143 zimbraImapSSLBindPort 993 zimbraImapProxyBindPort 7143 zimbraImapSSLProxyBindPort 7993 then restart
When you've done that post the output of the following commands (run on the Zimbra server): Code: cat /etc/hosts
cat /etc/resolv.conf
dig yourdomain.com mx
dig yourdomain.com any
host `hostname` <- use that exact command with backticks not single quotes
__________________
Regards
Bill
|
07-02-2010, 07:39 AM
| | Intermediate Member | |
Posts: 16
| |
Looks like I had some problems still with the cert.
I managed to get past the ldap issues follow the advice in this post - [SOLVED] GoDaddy + ZCS 6 = FAIL
Zimbra is up and running again (and everyone can get their emails). I still have a problem with the IMAP service (which asked for a PEM password, then failed to start), but basically this issue is sorted.
Thanks for your input! It's encouraging to know that there's people out there who know what they're doing and are willing to help beginners like me!
(Once I've had a chance to back everything up I'll look into possible issues with the proxy) |
08-29-2010, 12:00 PM
| | |
Hi Bill,
when trying to do this: Quote:
Originally Posted by phoenix  To reset the ports run the following (on one line): Code: zmprov -l ms `zmhostname` zimbraPop3BindPort 110 zimbraPop3SSLBindPort 995 zimbraPop3ProxyBindPort 7110 zimbraPop3SSLProxyBindPort 7995 zimbraImapBindPort 143 zimbraImapSSLBindPort 993 zimbraImapProxyBindPort 7143 zimbraImapSSLProxyBindPort 7993 | I'm getting the following error: Quote: |
ERROR: service.FAILURE (system failure: unable to modify attrs: [LDAP: error code 1 - entry update failed]) (cause: javax.naming.NamingException [LDAP: error code 1 - entry update failed])
| Running zmcontrol status is getting this info on the top: Quote:
zmcontrol status
Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
| FYI, ldap is up one minute, then it goes down.
Error at the log is the following: Quote:
Aug 28 20:17:04 warriorlocal zimbramon[8890]: 8890:info: zmmtaconfig: gacf ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.naming.CommunicationException warriorlocal.info:389)
Aug 28 20:17:05 warriorlocal zimbramon[8890]: 8890:info: zmmtaconfig: Skipping All Reverse Proxy URLs update.
Aug 28 20:17:05 warriorlocal zimbramon[8890]: 8890:info: zmmtaconfig: Skipping getAllReverseProxyURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.naming.CommunicationException warriorlocal.info:389)
Aug 28 20:17:07 warriorlocal zimbramon[8890]: 8890:info: zmmtaconfig: Skipping All Reverse Proxy Backends update.
Aug 28 20:17:07 warriorlocal zimbramon[8890]: 8890:info: zmmtaconfig: Skipping getAllReverseProxyBackends ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.naming.CommunicationException warriorlocal.info:389)
Aug 28 20:17:09 warriorlocal zimbramon[8890]: 8890:info: zmmtaconfig: Skipping All Memcached Servers update.
Aug 28 20:17:09 warriorlocal zimbramon[8890]: 8890:info: zmmtaconfig: Skipping getAllMemcachedServers ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.naming.CommunicationException warriorlocal.info:389)
Aug 28 20:17:11 warriorlocal zimbramon[8890]: 8890:info: zmmtaconfig: Skipping All MTA Authentication Target URLs update.
Aug 28 20:17:11 warriorlocal zimbramon[8890]: 8890:info: zmmtaconfig: Skipping getAllMtaAuthURLs ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.naming.CommunicationException warriorlocal.info:389)
| Hostname, DNS and MX are ok.
Thanks for any advice. |
08-29-2010, 12:29 PM
| | Zimbra Consultant & Moderator | |
Posts: 20,313
| |
Quote:
Originally Posted by warrior Hostname, DNS and MX are ok. | You didn't follow the complete instructions from my previous post, check if the proxy is running then disable it and then reset the ports.
This information: Quote:
zmcontrol status
Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
| Indicates that you have a DNS problem so when you done the other steps you should post the DNS information I asked for in the previous post.
__________________
Regards
Bill
|
08-29-2010, 01:42 PM
| | |
Hi Bill,
thanks for your response.
When using this code: Quote: |
zmprov ms `zmhostname` -zimbraServiceEnabled imapproxy
| I get the following error: Quote: |
ERROR: service.FAILURE (system failure: unable to modify attrs: [LDAP: error code 1 - entry update failed])
| BTW, the output for this: Quote:
zmproxyctl status
zmprov gs `zmhostname` | grep zimbraServiceEnabled
zmprov gs `zmhostname` | grep zimbraServiceInstalled
| was Quote:
[zimbra@warriorlocal root]$ zmproxyctl status
[zimbra@warriorlocal root]$ zmprov gs `zmhostname` | grep zimbraServiceEnabled
zimbraServiceEnabled: antivirus
zimbraServiceEnabled: antispam
zimbraServiceEnabled: mailbox
zimbraServiceEnabled: memcached
zimbraServiceEnabled: mta
zimbraServiceEnabled: convertd
zimbraServiceEnabled: stats
zimbraServiceEnabled: imapproxy
zimbraServiceEnabled: snmp
zimbraServiceEnabled: spell
zimbraServiceEnabled: ldap
[zimbra@warriorlocal root]$ zmprov gs `zmhostname` | grep zimbraServiceInstalled
zimbraServiceInstalled: antivirus
zimbraServiceInstalled: antispam
zimbraServiceInstalled: logger
zimbraServiceInstalled: mailbox
zimbraServiceInstalled: memcached
zimbraServiceInstalled: mta
zimbraServiceInstalled: stats
zimbraServiceInstalled: imapproxy
zimbraServiceInstalled: snmp
zimbraServiceInstalled: ldap
zimbraServiceInstalled: spell
[zimbra@warriorlocal root]$ zmproxyctl stop
Stopping nginx...done.
| The zmcontrol stop and start process gave me this output: Quote:
[zimbra@warriorlocal root]$ zmcontrol stop
Host warriorlocal.info
Stopping stats...Done.
Stopping mta...Done.
Stopping spell...Done.
Stopping snmp...Done.
Stopping archiving...Done.
Stopping antivirus...Done.
Stopping antispam...Done.
Stopping imapproxy...Done.
Stopping memcached...Done.
Stopping mailbox...Done.
Stopping convertd...skipped.
/opt/zimbra/bin/zmconvertctl missing or not executable.
Stopping logger...Done.
Stopping ldap...Done.
[zimbra@warriorlocal root]$ zmcontrol start
Host warriorlocal.info
Starting ldap...Done.
Starting convertd...skipped.
/opt/zimbra/bin/zmconvertctl missing or not executable.
Starting mailbox...Done.
Starting memcached...Done.
Starting imapproxy...Done.
Starting antispam...Done.
Starting antivirus...Done.
Starting snmp...Done.
Starting spell...Done.
Starting mta...Done.
Starting stats...Done.
[zimbra@warriorlocal root]$ zmcontrol status
Host warriorlocal.info
antispam Running
antivirus Running
convertd Stopped
imapproxy Running
ldap Running
mailbox Running
memcached Running
mta Running
snmp Running
spell Running
stats Running
| Then reset ports gave me this: Quote:
[zimbra@warriorlocal root]$ zmprov -l ms `zmhostname` zimbraPop3BindPort 110 zimbraPop3SSLBindPort 995 zimbraPop3ProxyBindPort 7110 zimbraPop3SSLProxyBindPort 7995 zimbraImapBindPort 143 zimbraImapSSLBindPort 993 zimbraImapProxyBindPort 7143 zimbraImapSSLProxyBindPort 7993
ERROR: service.FAILURE (system failure: unable to modify attrs: [LDAP: error code 1 - entry update failed]) (cause: javax.naming.NamingException [LDAP: error code 1 - entry update failed])
| Finally, the output you requested about the DNS and hostname is the following: Quote:
[zimbra@warriorlocal root]$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
186.66.85.110 warriorlocal.info
#192.168.1.1 warriorlocal.info
#186.66.85.110 mail.warriorlocal.info mail
# ::1 localhost6.localdomain6 localhost6
[zimbra@warriorlocal root]$ cat /etc/resolv.conf
# Generated by NetworkManager
# No nameservers found; try putting DNS servers into your
# ifcfg files in /etc/sysconfig/network-scripts like so:
#
# DNS1=xxx.xxx.xxx.xxx
# DNS2=xxx.xxx.xxx.xxx
# DOMAIN=lab.foo.com bar.foo.com
[zimbra@warriorlocal root]$ dig warriorlocal.info mx
; <<>> DiG 9.3.4-P1 <<>> warriorlocal.info mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40104
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;warriorlocal.info. IN MX
;; ANSWER SECTION:
warriorlocal.info. 38400 IN MX 10 warriorlocal.info.
;; AUTHORITY SECTION:
warriorlocal.info. 38400 IN NS mail.
;; ADDITIONAL SECTION:
warriorlocal.info. 38400 IN A 186.66.85.110
;; Query time: 26 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Aug 29 15:42:01 2010
;; MSG SIZE rcvd: 85
[zimbra@warriorlocal root]$ dig warriorlocal.info any
; <<>> DiG 9.3.4-P1 <<>> warriorlocal.info any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7065
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;warriorlocal.info. IN ANY
;; ANSWER SECTION:
warriorlocal.info. 38400 IN MX 10 warriorlocal.info.
warriorlocal.info. 38400 IN SOA warriorlocal.info. team.warriorlocal.info. 1236710590 10800 3600 604800 38400
warriorlocal.info. 38400 IN NS mail.
warriorlocal.info. 38400 IN A 186.66.85.110
;; ADDITIONAL SECTION:
warriorlocal.info. 38400 IN A 186.66.85.110
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Aug 29 15:42:05 2010
;; MSG SIZE rcvd: 142
[zimbra@warriorlocal root]$ host `hostname`
warriorlocal.info has address 186.66.85.110
warriorlocal.info mail is handled by 10 warriorlocal.info.
| Thanks a lot for taking a look at that. Best regards. |
08-29-2010, 10:20 PM
| | Zimbra Consultant & Moderator | |
Posts: 20,313
| |
Your hosts file and DNS records are incorrect, you are using the domain name in places where you should be using the FQDN of the server and you seem to have no A record for your DNS server and no entry in the resolv.conf pointing to a DNS server (one entry only if the DNS server is also on the Zimbra server).
The name used in these records for your zimbra server should be a Fully Qualified Domain Name which consists of the hostname (let's call it 'mail') and your domain name, so in this example you should have the following in your hosts file (the rest of your hosts file is OK): Code: 186.66.85.110 mail.warriorlocal.info mail The DNS records should also reflect this, the A & MX records should be: Code: mail.warriorlocal.info. 38400 IN A 186.66.85.110
warriorlocal.info. 38400 IN MX 10 mail.warriorlocal.info. Make those changes and confirm that it's all correct then try again to get rid of the imapproxy and memcached - they should not be installed on a single server (I'm assuming that’s what you have?)..
__________________
Regards
Bill
|
08-30-2010, 06:18 AM
| | |
Thanks Bill.
The FQDN is as follows: Quote:
[zimbra@warriorlocal root]$ hostname --fqdn
warriorlocal.info
| The hosts and dns now show the following: Quote:
[root@warriorlocal ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
186.66.85.110 warriorlocal.info
186.66.85.110 mail.warriorlocal.info mail
#192.168.1.1 warriorlocal.info
#186.66.85.110 mail.warriorlocal.info mail
# ::1 localhost6.localdomain6 localhost6
[root@warriorlocal ~]# cat /etc/resolv.conf
# Generated by NetworkManager
# No nameservers found; try putting DNS servers into your
# ifcfg files in /etc/sysconfig/network-scripts like so:
#
# DNS1=xxx.xxx.xxx.xxx
# DNS2=xxx.xxx.xxx.xxx
# DOMAIN=lab.foo.com bar.foo.com
mail.warriorlocal.info. 38400 IN A 186.66.85.110
warriorlocal.info. 38400 IN MX 10 mail.warriorlocal.info.
| BTW, are the dots at the last line ok? If not, how should it be?
Now I'm having an issue with the sql server, since when I'm restarting the zimbra, I'm getting the following error: Quote:
[zimbra@warriorlocal root]$ zmcontrol status
Host warriorlocal.info
antispam Running
antivirus Running
convertd Stopped
imapproxy Running
ldap Running
mailbox Stopped
mysql.server is not running.
memcached Running
mta Running
snmp Running
spell Running
stats Stopped
| Seems to be another problem.
The mysqld process appears to be working on the server: Quote:
[root@warriorlocal ~]# /etc/init.d/mysqld status
Se está ejecutando mysqld (pid 24221 3248)...
| Or is it a different one for Zimbra?
What about the code with the hosts and dns above, is it now ok? |
08-30-2010, 06:44 AM
| | Zimbra Consultant & Moderator | |
Posts: 20,313
| |
Quote:
Originally Posted by warrior The FQDN is as follows: Code: [zimbra@warriorlocal root]$ hostname --fqdn
warriorlocal.info | That is not a FQDN, it is a domain name, I've explained that an FQDN consists of a hostname + the domain name i.e. hostname = 'mail' domain name = mydomain.com giving an FQDN of mail.mydomain.com Quote:
Originally Posted by warrior The hosts and dns now show the following:
[root@warriorlocal ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
186.66.85.110 warriorlocal.info
186.66.85.110 mail.warriorlocal.info mail
#192.168.1.1 warriorlocal.info
#186.66.85.110 mail.warriorlocal.info mail
# ::1 localhost6.localdomain6 localhost6 | That is also incorrect, the idea was to modify the original line containing your IP address. The following is the format of the line for the hosts file: Code: 186.66.85.110 mail.warriorlocal.info mail Remove the other (highlighted) line from the hosts file. Quote:
Originally Posted by warrior [root@warriorlocal ~]# cat /etc/resolv.conf
# Generated by NetworkManager
# No nameservers found; try putting DNS servers into your
# ifcfg files in /etc/sysconfig/network-scripts like so:
#
# DNS1=xxx.xxx.xxx.xxx
# DNS2=xxx.xxx.xxx.xxx
# DOMAIN=lab.foo.com bar.foo.com
mail.warriorlocal.info. 38400 IN A 186.66.85.110
warriorlocal.info. 38400 IN MX 10 mail.warriorlocal.info. | Why have you added those two lines to your resolv.conf?  They are DNS records and you need to modify your DNS server records to reflect that format of those records above, they do not belong in that file. In the resolv.con you need a line that points to the IP address of your DNS server that you're running. Quote:
Originally Posted by warrior Now I'm having an issue with the sql server, since when I'm restarting the zimbra, I'm getting the following error:
Seems to be another problem.
The mysqld process appears to be working on the server:
Or is it a different one for Zimbra?
What about the code with the hosts and dns above, is it now ok? | That is not the Zimbra MySQL server, if you're not using that copy of MySQL then you should disable it from starting and kill that process. To find out what's happening with your server look in the log files and then search the forums for the solution (it's a problem that's been asked and answered many times).
__________________
Regards
Bill
|
08-30-2010, 09:01 AM
| | |
Hi Bill,
I've done the changes (sorry, I missunderstood the thing about the dns and the resolv.conf). Now the hosts and resolv.conf are showing the following: Quote:
[root@warriorlocal /]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
186.66.85.110 mail.warriorlocal.info mail
#186.66.85.110 warriorlocal.info
#192.168.1.1 warriorlocal.info
# ::1 localhost6.localdomain6 localhost6
[root@warriorlocal /]# cat /etc/resolv.conf
# Generated by NetworkManager
# No nameservers found; try putting DNS servers into your
# ifcfg files in /etc/sysconfig/network-scripts like so:
#
# DNS1=xxx.xxx.xxx.xxx
# DNS2=xxx.xxx.xxx.xxx
# DOMAIN=lab.foo.com bar.foo.com
#DNS1=208.67.222.222
#DNS2=208.67.220.220
DNS1=192.168.1.1
| (I tried also with the OpenDNSes unsuccessfull)
The issue about the mysql is resolved.
About the fqdn, perhaps I need to say that the configuration as stated before was running since zcs 5. Nor the hosts resolv.conf dns records neither the fqdn have been changed since that.
All the issue began as we restarted our server days ago. From that point, the ldap went crazy (we also  ) ...
We've tried the post [SOLVED] LDAP / slapd - Database environment corrupt (Issue & Solution), but stacked at the following line at Solution 2, because AFAIK in zcs 6 the slapd.conf is not being used anymore: Quote: |
~/openldap/sbin/slapadd -w -q -f ~/conf/slapd.conf -l /opt/zimbra/backup/ldap/incr-20070704.080005.554/ldap.bak
| We also saw your post zcs-6.0.7 inconsistent SLAPD.CONF to see if we could do substitute the mentioned line, however no solution was made. FYI, we tried with this line: Quote: |
/opt/zimbra/openldap/sbin/slapcat -F /opt/zimbra/data/ldap/config -b "" -l /opt/zimbra/data/ldap/ldap.bak
| And got the following error: Quote:
hdb_db_open: database "": unclean shutdown detected; attempting recovery.
bdb(): recovery requires transaction support
hdb_db_open: database "" cannot be recovered, err 22. Restore from backup!
backend_startup_one (type=hdb, suffix=""): bi_db_open failed! (22)
slap_startup failed
| The solution 2 for zcs 6 would be the following? Quote:
# su - zimbra
$ ldap stop
$ exit
# mv /opt/zimbra/data/ldap/hdb /opt/zimbra/data/ldap/hdb_crash29082010
# mkdir /opt/zimbra/data/ldap/hdb
# mkdir /opt/zimbra/data/ldap/hdb/db
# mkdir /opt/zimbra/data/ldap/hdb/logs
# cp /opt/zimbra/data/ldap/hdb_crash29082010/db/DB_CONFIG /opt/zimbra/data/ldap/hdb/db/DB_CONFIG
# chown -R zimbra:zimbra /opt/zimbra/data/ldap/hdb
# su - zimbra
# /opt/zimbra/openldap/sbin/slapcat -F /opt/zimbra/data/ldap/config -b "" -l /opt/zimbra/data/ldap/ldap.bak
# /opt/zimbra/openldap/sbin/slapindex -f /opt/zimbra/data/ldap/config
# ldap start
| Or has this nothing to do the attempted solution required?
I appretiate your help. Hope to find a solution soon. Thanks. | | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
