Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: Unable to determine enabled services. Cache is out of date or doesn't exist.

  1. #11
    getonlove2 is offline New Member
    Join Date
    Aug 2012
    Posts
    5
    Rep Power
    3

    Default

    [zimbra@mail ~]$ dig abc.com.np

    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> abc.com.np
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9766
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

    ;; QUESTION SECTION:
    ;abc.com.np. IN A

    ;; ANSWER SECTION:
    abc.com.np. 86345 IN A 192.168.1.5

    ;; AUTHORITY SECTION:
    abc.com.np. 81227 IN NS krishna.xyz.com.np.
    abc.com.np. 81227 IN NS ram.xyz.com.np.
    abc.com.np. 81227 IN NS dns3.xyz.com.np.

    ;; ADDITIONAL SECTION:
    ram.xyz.com.np. 5720 IN A 192.168.1.10
    dns3.xyz.com.np. 8633 IN A 192.168.1.11
    krishna.xyz.com.np. 5720 IN A 192.168.1.12

    ;; Query time: 1 msec
    ;; SERVER: 8.8.8.8#53(8.8.8.8)
    ;; WHEN: Thu Aug 23 17:27:27 2012
    ;; MSG SIZE rcvd: 163



    [zimbra@mail ~]$ dig abc.com.np mx

    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> abc.com.np mx
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15425
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

    ;; QUESTION SECTION:
    ;abc.com.np. IN MX

    ;; ANSWER SECTION:
    abc.com.np. 23288 IN MX 10 mail.abc.com.np.

    ;; AUTHORITY SECTION:
    abc.com.np. 81036 IN NS dns3.xyz.com.np.
    abc.com.np. 81036 IN NS krishna.xyz.com.np.
    abc.com.np. 81036 IN NS ram.xyz.com.np.

    ;; ADDITIONAL SECTION:
    ram.xyz.com.np. 5529 IN A 192.168.1.10
    dns3.xyz.com.np. 8442 IN A 192.168.1.11
    krishna.xyz.com.np. 5529 IN A 192.168.1.12

    ;; Query time: 1 msec
    ;; SERVER: 8.8.8.8#53(8.8.8.8)
    ;; WHEN: Thu Aug 23 17:30:38 2012
    ;; MSG SIZE rcvd: 168

    [zimbra@mail ~]$

    [zimbra@mail ~]$ dig abc.com.np any

    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> abc.com.np any
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54694
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 3, ADDITIONAL: 3

    ;; QUESTION SECTION:
    ;abc.com.np. IN ANY

    ;; ANSWER SECTION:
    abc.com.np. 85984 IN A 192.168.1.5
    abc.com.np. 80866 IN NS ram.xyz.com.np.
    abc.com.np. 80866 IN NS dns3.xyz.com.np.
    abc.com.np. 80866 IN NS krishna.xyz.com.np.
    abc.com.np. 23118 IN MX 10 mail.abc.com.np.

    ;; AUTHORITY SECTION:
    abc.com.np. 80866 IN NS dns3.xyz.com.np.
    abc.com.np. 80866 IN NS krishna.xyz.com.np.
    abc.com.np. 80866 IN NS ram.xyz.com.np.

    ;; ADDITIONAL SECTION:
    ram.xyz.com.np. 5359 IN A 192.168.1.10
    dns3.xyz.com.np. 8272 IN A 192.168.1.11
    krishna.xyz.com.np. 5359 IN A 192.168.1.12

    ;; Query time: 1 msec
    ;; SERVER: 8.8.8.8#53(8.8.8.8)
    ;; WHEN: Thu Aug 23 17:33:28 2012
    ;; MSG SIZE rcvd: 226

    [zimbra@mail ~]$

  2. #12
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,582
    Rep Power
    57

    Default

    You didn't provide the output of all the commands I asked for (in the 'Verify...' section), you also neglected to tell me that you were behind a NAT router. In any case, your hosts file is incorrect I'd suggest you read the Split DNS article to see what IP address should be in the hosts file.
    Last edited by phoenix; 08-23-2012 at 05:34 AM.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #13
    kky
    kky is offline Intermediate Member
    Join Date
    Sep 2011
    Posts
    23
    Rep Power
    3

    Default

    Hi all,

    we had a power outage (because of Sandy) and the zimbra 7 open source server is now giving me the same error:

    [zimbra@portal2 ~]$ zmcontrol status
    Unable to determine enabled services from ldap.
    Unable to determine enabled services. Cache is out of date or doesn't exist.

    I've tried domain, filesystem and certificate troubleshooting but i wasn't successful, could it be a corruption on the ldap database?

    It was working fine just before the power outage. The server is behind a firewall/nat and uses an external DNS server.

    [zimbra@portal2 ~]$ zmcontrol -v
    Release 7.1.3_GA_3346.RHEL6_64_20110928134428 CentOS6_64 FOSS edition.

    Domain debugging:

    [zimbra@portal2 ~]$ dig portal2.mydomain.org

    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.5 <<>> portal2.mydomain.org
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39748
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;portal2.mydomain.org. IN A

    ;; ANSWER SECTION:
    portal2.mydomain.org. 10800 IN A 10.0.104.15

    ;; AUTHORITY SECTION:
    portal2.mydomain.org. 10800 IN NS portal2.mydomain.org.

    ;; Query time: 2 msec
    ;; SERVER: 10.0.104.7#53(10.0.104.7)
    ;; WHEN: Mon Nov 5 12:34:19 2012
    ;; MSG SIZE rcvd: 65

    [zimbra@portal2 ~]$
    [zimbra@portal2 ~]$ dig portal2.mydomain.org mx

    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.5 <<>> portal2.mydomain.org mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46436
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

    ;; QUESTION SECTION:
    ;portal2.mydomain.org. IN MX

    ;; ANSWER SECTION:
    portal2.mydomain.org. 10800 IN MX 10 mail.portal2.mydomain.org.

    ;; AUTHORITY SECTION:
    portal2.mydomain.org. 10800 IN NS portal2.mydomain.org.

    ;; ADDITIONAL SECTION:
    mail.portal2.mydomain.org. 10800 IN A 10.0.104.15
    portal2.mydomain.org. 10800 IN A 10.0.104.15

    ;; Query time: 1 msec
    ;; SERVER: 10.0.104.7#53(10.0.104.7)
    ;; WHEN: Mon Nov 5 12:34:51 2012
    ;; MSG SIZE rcvd: 102

    [zimbra@portal2 ~]$
    [zimbra@portal2 ~]$ dig portal2.mydomain.org any

    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.5 <<>> portal2.mydomain.org any
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7349
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;portal2.mydomain.org. IN ANY

    ;; ANSWER SECTION:
    portal2.mydomain.org. 10800 IN A 10.0.104.15
    portal2.mydomain.org. 10800 IN MX 10 mail.portal2.mydomain.org.
    portal2.mydomain.org. 10800 IN SOA portal2.mydomain.org. admin.portal2.mydomain.org. 2012110503 86400 3600 604800 345600
    portal2.mydomain.org. 10800 IN NS portal2.mydomain.org.

    ;; ADDITIONAL SECTION:
    mail.portal2.mydomain.org. 10800 IN A 10.0.104.15

    ;; Query time: 1 msec
    ;; SERVER: 10.0.104.7#53(10.0.104.7)
    ;; WHEN: Mon Nov 5 12:35:25 2012
    ;; MSG SIZE rcvd: 144

    [zimbra@portal2 ~]$
    [zimbra@portal2 ~]$ host portal2.mydomain.org
    portal2.mydomain.org has address 10.0.104.15
    portal2.mydomain.org mail is handled by 10 mail.portal2.mydomain.org.

    [zimbra@portal2 ~]$ cat /etc/resolv.conf
    nameserver 10.0.104.7
    nameserver 8.8.8.8
    [zimbra@portal2 ~]$

    [zimbra@portal2 ~]$ cat /etc/hosts
    127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
    10.0.104.15 portal2.mydomain.org
    10.0.104.15 zimbra.mydomain.org
    10.0.104.15 zimbra.my2domain.org
    10.0.104.12 mydomain.org
    [zimbra@portal2 ~]$

    A little explanation on the above configuration:

    Our zimbra portal has 3 domains: portal2.mydomain.org (Main one),
    zimbra.mydomain.org and zimbra.my2domain.org

    The last entry (10.0.104.12 mydomain.org) is used to let zimbra know about another mail server


    I've did the following in the filesystem:

    [root@portal2 ~]# chown -R zimbra:zimbra /opt/zimbra
    [root@portal2 ~]# /opt/zimbra/libexec/zmfixperms -verbose

    [zimbra@portal2 ~]$ zmlocalconfig -s ssl_allow_untrusted_certs
    ssl_allow_untrusted_certs = true
    [zimbra@portal2 ~]$

    Regarding the certificate:

    [root@portal2 ~]# /opt/zimbra/java/bin/keytool -delete -alias my_ca -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit
    [root@portal2 ~]# # /opt/zimbra/java/bin/keytool -delete -alias jetty -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `su - zimbra -c 'zmlocalconfig -s -m nokey mailboxd_keystore_password'`
    [root@portal2 ~]# vim /opt/zimbra/bin/zmcertmgr

    Changed the server name to portal2.mydomain.org and saved

    [root@portal2 ~]#
    [root@portal2 ~]# /opt/zimbra/bin/zmcertmgr createca -new
    ** Creating /opt/zimbra/ssl/zimbra/ca/zmssl.cnf...done
    ** Creating CA private key /opt/zimbra/ssl/zimbra/ca/ca.key...done.
    ** Creating CA cert /opt/zimbra/ssl/zimbra/ca/ca.pem...done.
    [root@portal2 ~]# /opt/zimbra/bin/zmcertmgr deployca -localonly
    ** Importing CA /opt/zimbra/ssl/zimbra/ca/ca.pem into CACERTS...done.
    ** Copying CA to /opt/zimbra/conf/ca...done.
    [root@portal2 ~]# /opt/zimbra/bin/zmcertmgr createcrt self -new
    ** Creating /opt/zimbra/conf/zmssl.cnf...done
    ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20121105124500
    ** Retrieving server config key zimbraSSLCertificate...failed.
    ** Retrieving server config key zimbraSSLPrivateKey...failed.
    ** Generating a server csr for download self -keysize 1024
    ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20121105124505
    ** Retrieving Commercial CA cert from ldap...failed.
    ** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr...done.
    ** Saving server config key zimbraSSLPrivateKey...failed.
    ** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csr...done.
    [root@portal2 ~]# /opt/zimbra/bin/zmcertmgr deploycrt self
    ** Saving server config key zimbraSSLCertificate...failed.
    ** Saving server config key zimbraSSLPrivateKey...failed.
    ** Installing mta certificate and key...done.
    ** Installing slapd certificate and key...done.
    ** Installing proxy certificate and key...done.
    ** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done.
    ** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done.
    ** Installing CA to /opt/zimbra/conf/ca...done.
    [root@portal2 ~]#


    I thought it was an ldap corruption but i've tried to

    [zimbra@portal2 ~]$ zmlocalconfig -e ldap_log_level=256
    [zimbra@portal2 ~]$ ldap start
    Started slapd: pid 22245
    [zimbra@portal2 ~]$ ldap stop
    Killing slapd with pid 22245 done.
    [zimbra@portal2 ~]$

    and it seems to work well, /var/log/zimbra.log doesnt help me, what else should i check to
    troubleshoot the zimbra sever?

    thanks!!
    kky

  4. #14
    kky
    kky is offline Intermediate Member
    Join Date
    Sep 2011
    Posts
    23
    Rep Power
    3

    Default

    the certificate seems not expired:

    [root@portal2 ~]# /opt/zimbra/bin/zmcertmgr viewdeployedcrt
    ::service mta::
    notBefore=Nov 5 17:45:11 2012 GMT
    notAfter=Nov 3 17:45:11 2022 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=portal2.mydomain.org
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=portal2.mydomain.org
    SubjectAltName=
    ::service proxy::
    notBefore=Nov 5 17:45:11 2012 GMT
    notAfter=Nov 3 17:45:11 2022 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=portal2.mydomain.org
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=portal2.mydomain.org
    SubjectAltName=
    ::service mailboxd::
    notBefore=Nov 5 17:45:11 2012 GMT
    notAfter=Nov 3 17:45:11 2022 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=portal2.mydomain.org
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=portal2.mydomain.org
    SubjectAltName=
    ::service ldap::
    notBefore=Nov 5 17:45:11 2012 GMT
    notAfter=Nov 3 17:45:11 2022 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=portal2.mydomain.org
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=portal2.mydomain.org
    SubjectAltName=
    [root@portal2 ~]#

  5. #15
    kky
    kky is offline Intermediate Member
    Join Date
    Sep 2011
    Posts
    23
    Rep Power
    3

    Default

    ok, got it.. the server has 3 domains and somehow the ldap_master_url and ldap_url has been rewritten with zimbra.mydomain.org, this made it work:

    zmlocalconfig | grep mydomain
    zmlocalconfig -e ldap_master_url="ldaps://portal2.mydomain.org:636"
    zmlocalconfig -e ldap_url = "ldaps://portal2.mydomain.org:636"

    now i've got the following issue but its another story:

    [zimbra@portal2 ~]$ zmcontrol start
    Host portal2.mydomain.org
    Starting ldap...Done.
    Starting zmconfigd...Done.
    Starting logger...Done.
    Starting mailbox...Done.
    Starting memcached...Done.
    Starting imapproxy...Done.
    Starting antispam...Done.
    Starting antivirus...Done.
    Starting snmp...Done.
    Starting spell...Done.
    Starting mta...Failed.
    postsuper: fatal: scan_dir_push: open directory defer: Permission denied
    postfix failed to start
    Starting saslauthd...done.


    Starting stats...Done.

  6. #16
    kky
    kky is offline Intermediate Member
    Join Date
    Sep 2011
    Posts
    23
    Rep Power
    3

    Default

    rerunning the following fixed the above issue

    [root@portal2 init.d]# /opt/zimbra/libexec/zmfixperms -verbose

  7. #17
    lleniere is offline New Member
    Join Date
    Mar 2014
    Posts
    3
    Rep Power
    1

    Default

    The solutions given above by cloudmafia saved my day today. After a restart (without changing anything) of my VM running SusE SLES 11 SP3, Zimbra OSE 8.0.6 refused to start, zmcontrol status showing the error message mentioned above.
    After setting the timezone with tzselect for the zimbra user and chown -R zimbra:zimbra /opt/zimbra all services started normally.
    Man, am I happy again!
    Thx to all people contributing to solve our problems!

Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Unable to determine enabled services from ldap.
    By farrukhndm in forum Administrators
    Replies: 15
    Last Post: 02-11-2013, 12:19 AM
  2. Replies: 10
    Last Post: 01-15-2012, 11:26 PM
  3. Unable to determine enabled services from ldap
    By rakesraja in forum Administrators
    Replies: 24
    Last Post: 12-19-2011, 01:07 AM
  4. Unable to determine enabled services from ldap.
    By flanciotti in forum Administrators
    Replies: 6
    Last Post: 08-18-2011, 06:46 AM
  5. Unable to determine enabled services from ldap.
    By shaunsaravana in forum Administrators
    Replies: 1
    Last Post: 03-02-2011, 01:19 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •