Zimbra

Klug · #11 (**permalink**) 12-21-2007, 02:40 PM

Thanks for the syntax.

Still not working (tried 3 times, double-checking the password each time and trying cut/paste too) :

Code:

[zimbra@zimbra-oss ~]$ ldapmodify -x -h localhost  -D "uid=zimbra,cn=admins,cn=zimbra" -W
Enter LDAP Password:
ldap_bind: Can't contact LDAP server (-1)

quanah · #12 (**permalink**) 12-21-2007, 02:41 PM

slapd doesn't listen on localhost. It must be the name of your host.

--Quanah

Klug · #13 (**permalink**) 12-21-2007, 02:44 PM

/me stupid

All done (steps a, b, c and d), no error.
Now restarting zimbra...

Klug · #14 (**permalink**) 12-21-2007, 02:50 PM

Still not working, same error in zimbra.log

quanah · #15 (**permalink**) 12-21-2007, 02:55 PM

What is the output of (running as zimbra)

Code:

ldapsearch -x -ZZ -h "FQDN" -b "" -s base

And it must be the fully qualified name of the host (FQDN).

--Quanah

jholder · #16 (**permalink**) 12-21-2007, 03:48 PM

Move the stuff in /opt/zimbra/ssl to a temp directory, and rerun the commands.

Klug · #17 (**permalink**) 12-22-2007, 01:07 AM

Quote:

Originally Posted by quanah

What is the output of (running as zimbra)

Code:

ldapsearch -x -ZZ -h "FQDN" -b "" -s base

It says :

Code:

$ ldapsearch -x -ZZ -h "zimbra-oss.network-studio.com" -b "" -s base
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: ALL
#

#
dn:
objectClass: top
objectClass: OpenLDAProotDSE

# search result
search: 3
result: 0 Success

# numResponses: 2
# numEntries: 1

Klug · #18 (**permalink**) 12-22-2007, 01:14 AM

Quote:

Originally Posted by jholder

Move the stuff in /opt/zimbra/ssl to a temp directory, and rerun the commands.

That fixed it 8)

We moved everything elsewhere except ca.csr (we tried without the old file and it did not work), steps a to d and it works.

There might be a problem with zmcertmgr : the /opt/zimbra/ssl/zimbra/ca/ca.pem file showed the correct hour (when I modified it) but what was inside is wrong :

Code:

# openssl x509 -in /opt/zimbra/ssl/zimbra/ca/ca.pem -noout -text
Certificate:
    Data:
        Version: 1 (0x0)
        Serial Number: 0 (0x0)
        Signature Algorithm: md5WithRSAEncryption
        Issuer: C=US, ST=N/A, L=N/A, O=Zimbra Collaboration Suite
        Validity
            Not Before: Sep 19 14:30:12 2006 GMT
            Not After : Sep 19 14:30:12 2007 GMT
  .....

Thank you so much for your help.

Should I open a bug ?

quanah · #19 (**permalink**) 12-22-2007, 12:42 PM

No, we are aware of the issue and there's already a bug on it. Glad it is working now!

--Quanah

jholder · #20 (**permalink**) 12-23-2007, 10:05 PM

Just to tie the loose ends up:
It appears that if you have an expired certificate, it can cause postfix to stop running. This will be fixed in 5.0.1

See bug: Bug 23253 - an expired CA cert will block mail delivery after upgrading to 5.0.0

Zimbra

Downloads

Product Information

Toolbox

Why Join?