ldap_bind error (-1)

[dlochart]

This occurs during installation. The LDAP server (slapd) starts and listens on port 389 (tcp) I have verified this with nmap (from an external machine) and netstat (internal).

My installation won't continue unless I get this straightened out. There are no firewall rules in iptables and SELinux is set to WARN only.

Any kind of help is appreciated

thanks

Doug

[phoenix]

I think some more information might be useful, my telepathy skills don't work on Tuesdays.

How about zimbra version/release? Is it a new install or upgrade? What does it say in the logs apart from the info you've posted in the title? Have you got a DNS server installed? Do your DNS records point to your zimbra server? Have you got the correct information in the /etc/hosts file? Which operating system? Is it a single or multi-server? Have you checked that the LDAP you see is the zimbra one and not openLDAP on you machine that's starting? etc. etc.

[dlochart]

I think some more information might be useful, my telepathy skills don't work on Tuesdays.

Really ? Mine has to work everyday ... at least my wife thinks so

Sorry ... this is a cross post (I posted in Installation as well) I wanted to try and present it differently

How about zimbra version/release?

zimbra 4.0.2 RHEL4-20060922120643

Is it a new install or upgrade?

New (Reinstall actually)

What does it say in the logs apart from the info you've posted in the title?

Code:

....
Initializing ldap...
*** Running as zimbra user: /opt/zimbra/libexec/zmldapinit

Started slapd: pid 15735
ldap_bind: Can't contact LDAP server (-1)
ldap_bind: Can't contact LDAP server (-1)
ldap_bind: Can't contact LDAP server (-1)
FAILED (512)
ERROR

Have you got a DNS server installed?
Do your DNS records point to your zimbra server?

Yep. It is a purely internal domain.

Code:

Domain=capeinternal.com
Host=mail.capeinternal.com
SOA=capeinternal.com
A=mail.capeinternal.com
MX=capeinternal.com points to mail.capeinternal.com

One odd thing though. To get installation to work I had to hack the script ( I know) the zmsetup.pl was trying to do an MX DNS lookup using the full hostname (mail.capeinternal.com) instead of (capeinteranl.com)
If I run host, dig, nslookup for an MX record it works fine if I provide the domain but I get back the SOA for the full hostname. I believe that MX queries should go against a domain though. Once I changed it to use the domain I got passed that and encountered the ldap issue

Have you got the correct information in the /etc/hosts file? Which operating system? Is it a single or multi-server?
Single server

/etc/hosts

Code:

127.0.0.1               localhost.localdomain localhost
10.3.120.58             mail.capeinternal.com mail

OS = CentOS 4.4 (32 bit) This is running in VMWare

Have you checked that the LDAP you see is the zimbra one and not openLDAP on you machine that's starting? etc. etc.

Yes yes yes. This is a fresh install of Centos, no firewall, SELinux set to WARN, no httpd install, sendmail disabled I checked to make sure all other potential conflicts were resolved.

thanks, please let me know if you need anything else.

[phoenix]

First, disable SElinux - zimbar (and a lot of other software) has problems with SElinux and it's a requirement it's disabled. As this is a VM, have you got plenty of memory allocated to it? When you've disabled SElinx try again. BTW you could have changed the domain name before you commit the install, it asks if you want to change anything.

[dlochart]

I assumed (wrongly) that setting SELinux to WARN would be ok as it allows everything to execute. However, contrary to my beliefe, you actuallu have to disable it in order to get things to work.

Its running now but I don't have the license file I need.

I don't plan to do anything else until I get the license file. Do I have to do anything special to use the license file other than restart everything?

I haven't actually looked but is there a single initd script that starts and stops all of Zimbra or are the components done independently?

thanks again!

[dlochart]

Ok I see there is once initd script (excellent) I assume I just restart or reload once I get the license file?

[phoenix]

No, SElinux has to be disabled. Contrary to expectation the 'warn' mode still interferes with software.

Yes, as you've found there's a single script to start zimbra at boot. You can also stop/start from a terminal using 'zmcontrol start' as the zimbra user. Have a look at the documentation and the wiki also has details of the cli commands.

You can get the trial license from the support portal, obviously if you've purchased zimbra then your sales person will send it to you. You can import the license using zmlicense:

Code:

su - zimbra
zmlicense -i <license-file>

or via the admin ui, IIRC.