installation error during ldap setup

**ljramos** · 08-08-2007, 06:48 AM

This is a hosted dedicated server no LAN/WAN schema.
As per ur request
[root@webmail rc3.d]# uname -a
Linux webmail.cntit.com 2.6.20.1 #12 SMP Fri May 18 19:03:50 EDT 2007 i686 i686 i386 GNU/Linux
[root@webmail rc3.d]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
# 64.33.49.12 controlpanel.cntit.cntit.com www.controlpanel.cntit.cntit.com
64.33.49.11 webmail.cntit.com webmail
[root@webmail rc3.d]# vi /etc/hosts
[root@webmail rc3.d]# cat /etc/redhat-release
Fedora Core release 5 (Bordeaux)
[root@webmail rc3.d]#
Luis

**phoenix** · 08-08-2007, 07:12 AM

Well, as I mentioned earlier, your DNS records are not set-up correctly. Check the details here and here and check the set-up against the details against the split DNS article - that will tell you waht's needed.

**ljramos** · 08-08-2007, 08:52 AM

Bill I dont understand why you keep telling the same things over and over
I cannot make this to work one way or the other.
I dont follow the relation between DNS and the ZIMBRA.
I enable BIND on the same server and still get the same error
Initializing ldap.../opt/zimbra/bin/ldap: line 107: /usr/bin/sudo: Permission denied
/opt/zimbra/bin/ldap: line 113: /usr/bin/sudo: Permission denied

no matter what i do dont understand why permission denied error is related to DNS
------
This is my last try log file
->
[root@webmail zcs]# cat /tmp/zmsetup.log.12524
Getting installed packages
checking isEnabled zimbra-core
zimbra-core not in enabled cache
enabled packages
Newinstall enabling all installed packages
Enabling zimbra-core
Enabling zimbra-ldap
Enabling zimbra-store
Enabling zimbra-mta
Enabling zimbra-snmp
Enabling zimbra-logger
Enabling zimbra-apache
Enabling zimbra-spell
Setting defaults...
Setting local config zimbra_java_home to /opt/zimbra/java
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_java_home='/opt/zimbra/java'
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled

DNS ERROR resolving MX for webmail.cntit.com
It is suggested that the domain name have an MX record configured in DNS
checking isEnabled zimbra-mta
zimbra-mta is enabled
MX: webmail.cntit.com (127.0.0.1)

Interface: 64.33.49.11
Interface: 127.0.0.1
Interface: 127.0.0.2
Done
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-spell
zimbra-spell is enabled
Checking for port conflicts
checking isEnabled zimbra-mta
zimbra-mta is enabled
Port conflict detected: 25 (zimbra-mta)
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-logger
zimbra-logger is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
Global config attribute retrieved from ldap: zimbraSpamIsSpamAccount=
Global config attribute retrieved from ldap: zimbraSpamIsNotSpamAccount=
Global config attribute retrieved from ldap: zimbraNotebookAccount=
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-snmp
zimbra-snmp is enabled
checking isEnabled zimbra-spell
zimbra-spell is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-snmp
zimbra-snmp is enabled
checking isEnabled zimbra-spell
zimbra-spell is enabled
Saving config in /opt/zimbra/config.12524...
Done
Operations logged to /tmp/zmsetup.log.12524
Setting local config values...
Setting local config zimbra_server_hostname to webmail.cntit.com
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_server_hostname='webmail.cntit.com'
Setting local config ldap_master_url to ldap://webmail.cntit.com:389
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_master_url='ldap://webmail.cntit.com:389'
Setting local config ldap_url to ldap://webmail.cntit.com:389
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_url='ldap://webmail.cntit.com:389'
Setting local config ldap_port to 389
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_port='389'
Setting local config ldap_host to webmail.cntit.com
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_host='webmail.cntit.com'
Setting local config zimbra_uid to 510
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_uid='510'
Setting local config zimbra_gid to 513
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_gid='513'
Setting local config zimbra_user to zimbra
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_user='zimbra'
Setting local config av_notify_user to admin@cntit.com
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e av_notify_user='admin@cntit.com'
Setting local config ssl_allow_untrusted_certs to TRUE
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ssl_allow_untrusted_certs='TRUE'
Setting local config mysql_memory_percent to 30
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e mysql_memory_percent='30'
Setting local config tomcat_java_heap_memory_percent to 40
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e tomcat_java_heap_memory_percent='40'
Done
Setting up CA...
*** Running as zimbra user: cd /opt/zimbra; zmcreateca
** Creating CA private key

Generating a 1024 bit RSA private key
..................................++++++
..++++++
unable to write 'random state'
writing new private key to '/opt/zimbra/ssl/ssl/ca/ca.key'
-----
** Creating CA cert

Signature ok
subject=/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite
Getting Private key
unable to write 'random state'
Done
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
Creating SSL certificate...
*** Running as zimbra user: cd /opt/zimbra; zmcreatecert
** Importing CA

Certificate was added to keystore
** Creating keystore

** Creating server cert request

Generating a 1024 bit RSA private key
..........++++++
............++++++
unable to write 'random state'
writing new private key to '/opt/zimbra/ssl/ssl/server/server.key'
-----
** Signing cert request

Using configuration from /opt/zimbra/ssl/ssl/zmssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number:
11:86:58:78:44
Validity
Not Before: Aug 8 15:44:06 2007 GMT
Not After : Aug 7 15:44:06 2008 GMT
Subject:
countryName = US
stateOrProvinceName = N/A
organizationName = Zimbra Collaboration Suite
commonName = webmail.cntit.com
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
98:7C:F2:BD:93

B:71:F9:44:35:3B:76:B1:53:97:1C:76:33:65:2B
X509v3 Authority Key Identifier:
DirName:/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite
serial:E1:EE:92:00:2C

E:10:2C

X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Certificate is to be certified until Aug 7 15:44:06 2008 GMT (365 days)

Write out database with 1 new entries
Data Base Updated
unable to write 'random state'
Signature ok
subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=webmail.cntit.com
Getting CA Private Key
unable to write 'random state'
Done
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
Initializing ldap...
*** Running as zimbra user: /opt/zimbra/libexec/zmldapinit
FAILED (1)

ERROR

Configuration failed

Please address the error and re-run /opt/zimbra/libexec/zmsetup.pl to
complete the configuration.

Errors have been logged to /tmp/zmsetup.log.12524
_>>>>>>>

**phoenix** · 08-08-2007, 09:39 AM

The reason I keep saying the same thing over and over is because your DNS is screwed (and you ahven't corrected it), you need to fix itthen uninstall Zimbra then re-install zimbar when you've got the DNS sorted. This error:

Code:

DNS ERROR resolving MX for webmail.cntit.com
It is suggested that the domain name have an MX record configured in DNS
checking isEnabled zimbra-mta
zimbra-mta is enabled
MX: webmail.cntit.com (127.0.0.1)

indicates what your problem is. Have you looked at the links I gave you? Have you set-up your DNS in the manner shown in those articles? The forum is littered with details of why LDAP won't start when the DNS set-up is wrong.

**ljramos** · 08-08-2007, 11:28 AM

You have not answer my question on the raltion between DNS and permission denied.

last try---
[root@webmail zcs]# cat /tmp/zmsetup.log.4902
Getting installed packages
checking isEnabled zimbra-core
zimbra-core not in enabled cache
enabled packages
Newinstall enabling all installed packages
Enabling zimbra-core
Enabling zimbra-ldap
Enabling zimbra-store
Enabling zimbra-mta
Enabling zimbra-snmp
Enabling zimbra-logger
Enabling zimbra-apache
Enabling zimbra-spell
Setting defaults...
Setting local config zimbra_java_home to /opt/zimbra/java
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_java_home='/opt/zimbra/java'
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
MX: cntit.com (64.33.49.11)

Interface: 64.33.49.11
Interface: 127.0.0.1
Interface: 127.0.0.2
Done
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-spell
zimbra-spell is enabled
Checking for port conflicts
checking isEnabled zimbra-mta
zimbra-mta is enabled
Port conflict detected: 25 (zimbra-mta)
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-logger
zimbra-logger is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
Global config attribute retrieved from ldap: zimbraSpamIsSpamAccount=
Global config attribute retrieved from ldap: zimbraSpamIsNotSpamAccount=
Global config attribute retrieved from ldap: zimbraNotebookAccount=
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-snmp
zimbra-snmp is enabled
checking isEnabled zimbra-spell
zimbra-spell is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-snmp
zimbra-snmp is enabled
checking isEnabled zimbra-spell
zimbra-spell is enabled
Saving config in /opt/zimbra/config.4902...
Done
Operations logged to /tmp/zmsetup.log.4902
Setting local config values...
Setting local config zimbra_server_hostname to webmail.cntit.com
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_server_hostname='webmail.cntit.com'
Setting local config ldap_master_url to ldap://webmail.cntit.com:389
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_master_url='ldap://webmail.cntit.com:389'
Setting local config ldap_url to ldap://webmail.cntit.com:389
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_url='ldap://webmail.cntit.com:389'
Setting local config ldap_port to 389
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_port='389'
Setting local config ldap_host to webmail.cntit.com
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_host='webmail.cntit.com'
Setting local config zimbra_uid to 510
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_uid='510'
Setting local config zimbra_gid to 513
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_gid='513'
Setting local config zimbra_user to zimbra
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_user='zimbra'
Setting local config av_notify_user to admin@webmail.cntit.com
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e av_notify_user='admin@webmail.cntit.com'
Setting local config ssl_allow_untrusted_certs to TRUE
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ssl_allow_untrusted_certs='TRUE'
Setting local config mysql_memory_percent to 30
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e mysql_memory_percent='30'
Setting local config tomcat_java_heap_memory_percent to 40
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e tomcat_java_heap_memory_percent='40'
Done
Setting up CA...
*** Running as zimbra user: cd /opt/zimbra; zmcreateca
** Creating CA private key

Generating a 1024 bit RSA private key
........++++++
.....++++++
unable to write 'random state'
writing new private key to '/opt/zimbra/ssl/ssl/ca/ca.key'
-----
** Creating CA cert

Signature ok
subject=/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite
Getting Private key
unable to write 'random state'
Done
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
Creating SSL certificate...
*** Running as zimbra user: cd /opt/zimbra; zmcreatecert
** Importing CA

Certificate was added to keystore
** Creating keystore

** Creating server cert request

Generating a 1024 bit RSA private key
..........................++++++
..................++++++
unable to write 'random state'
writing new private key to '/opt/zimbra/ssl/ssl/server/server.key'
-----
** Signing cert request

Using configuration from /opt/zimbra/ssl/ssl/zmssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number:
11:86:59:75:87
Validity
Not Before: Aug 8 18:26:29 2007 GMT
Not After : Aug 7 18:26:29 2008 GMT
Subject:
countryName = US
stateOrProvinceName = N/A
organizationName = Zimbra Collaboration Suite
commonName = webmail.cntit.com
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
44:50:3D:2C

4:B8:36:0A:3D:C3:56:A2:4A:34:76:61:7D:23:CB:8F
X509v3 Authority Key Identifier:
DirName:/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite
serial:C0:11

0:A9:20:22:F8:E8

X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Certificate is to be certified until Aug 7 18:26:29 2008 GMT (365 days)

Write out database with 1 new entries
Data Base Updated
unable to write 'random state'
Signature ok
subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=webmail.cntit.com
Getting CA Private Key
unable to write 'random state'
Done
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
Initializing ldap...
*** Running as zimbra user: /opt/zimbra/libexec/zmldapinit
FAILED (1)

ERROR

Configuration failed

Please address the error and re-run /opt/zimbra/libexec/zmsetup.pl to
complete the configuration.

Errors have been logged to /tmp/zmsetup.log.4902
--->

Luis

**phoenix** · 08-08-2007, 11:34 AM

Originally Posted by ljramos

You have not answer my question on the raltion between DNS and permission denied.

You don't need to post the whole log again, I saw it first time. The reason I didn't answer is because it's a pointless question and it's not the source of your problem - the problem with your installation is DNS (there, I've said it again) and you will get nowhere until you remove zimbra and fix the DNS and reinstall.

**ljramos** · 08-08-2007, 11:59 AM

The link that u point are for server with NAT . My server is hosted, DNS is with godaddy there is no internal/external interface

**ljramos** · 08-08-2007, 12:00 PM

The link that u point are for server with NAT . My server is hosted, DNS is with godaddy there is no internal/external interface
Do i need to enable bind do i need to fix isp dns record i've up all night and my brain cells are melting

What is this error
Stopping logger...Done
Stopping ldap...FAILED
ldap_url and ldap_master_url cannot be the same on an ldap replica

**ljramos** · 08-08-2007, 04:15 PM

I has been 24 hrs straight and like 100 tries and I am stuck in the same hole.
I have followed this liknshttp://www.zimbra.com/blog/archives/...ogether_1.html and this DNS error resolving MX...

and my DNS request are as right as the doc but still no matter what I do I get the same error
"Initializing ldap.../opt/zimbra/bin/ldap: line 107: /usr/bin/sudo: Permission denied

**mmorse** · 08-08-2007, 06:50 PM

If I may jump in-from the external aspect...for the your domain 'cntit.com' the MX record value 'webmail.cntit.com' points to a CNAME. It must point to a host name with an A record.
Webmail.cntit.com is a CNAME pointing to webmail.cntit.com (change that entry to an A record/IP address)

do a
dig mx cntit.com
it should return an answer in the authority section...

This is a hosted dedicated server no LAN/WAN schema.

Hosted whith what company & how are you currently managing DNS entries?

Zimbra

Thread: installation error during ldap setup

LinkBack

Thread Tools

Search Thread

Display

Thread Information

Users Browsing this Thread

Similar Threads

Zimbra Install Problem - getDirectContext

3 testing: LDAP: 389 Failed when restore zimbra

Installation Problem - Possibly LDAP

First Time New Installation ldap failure (512)

Can't get ride of Initializing ldap...FAILED (256) error

Posting Permissions