| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
01-01-2008, 09:57 AM
| | |  Problem with Ldap Replica on Etch - Zimbra OSS 5.0 GA
Since I have 2 site so prepare 2 server for single domain.
Fist server I install everything except zimbra-proxy and second server I install everything except zimbra-logger zimbra-proxy with zimbra-ldap disable.
I follow the instruction from documentation and wiki and the first server went fine. The second server I didn't install zimbra-logger as document state ,all installation from install.sh also went fine .
main server status is running normally Code: mail1:~# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
Host FQDN-MASTER
antispam Running
antivirus Running
ldap Running
logger Running
mailbox Running
mta Running
snmp Running
spell Running
stats Running
mail1:~#
I ran zmupdateauthkeys on both server and it can fetch both server key succesfully.
But after I ran Code: mail2:~# sudo -u zimbra /opt/zimbra/libexec/zmldapenablereplica
Looking for LDAP installation...succeeded
Verifying ldap on ldap://FQDN-REPLICA:389...succeeded
Creating LDAP config in /opt/zimbra/conf/slapd.conf.../opt/zimbra/openldap/sbin/slappasswd: option requires an argument -- s
Usage: slappasswd [options]
-h hash password scheme
-s secret new password
-c format crypt(3) salt format
-u generate RFC2307 values (default)
-v increase verbosity
-T file read file for new password
succeeded
Enabling LDAP service on FQDN-REPLICA...succeeded
Setting ldap_url on FQDN-REPLICA.../opt/zimbra/libexec/zmldapenablereplica: line 211: zmlocalconfig: command not found
done
Starting LDAP on FQDN-REPLICA...done Then see status and start the server Code: mail2:~# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
Host FQDN-REPLICA
antispam Stopped
zmmtaconfigctl is not running
zmamavisdctl is not running
antivirus Stopped
zmmtaconfigctl is not running
zmamavisdctl is not running
zmclamdctl is not running
ldap Stopped
mailbox Stopped
zmmtaconfigctl is not running
mysql.server is not running
zmmailboxdctl is not running
mta Stopped
zmmtaconfigctl is not running
postfix is not running
saslauthd is not running
zmsaslauthdctl is not running
snmp Stopped
swatch is not running
spell Stopped
zmapachectl is not running
stats Stopped
mail2:~# sudo -u zimbra /opt/zimbra/bin/zmcontrol start
Host FQDN-REPLICA
Starting ldap...Done.
FAILED
Failed to start slapd. Attempting debug start to determine error. Code: mail2:~# sudo -u zimbra /opt/zimbra/bin/zmlocalconfig | grep ldap
ldap_amavis_password = *
ldap_cache_account_maxage = 15
ldap_cache_account_maxsize = 20000
ldap_cache_cos_maxage = 15
ldap_cache_cos_maxsize = 100
ldap_cache_domain_maxage = 15
ldap_cache_domain_maxsize = 100
ldap_cache_server_maxage = 15
ldap_cache_server_maxsize = 100
ldap_cache_timezone_maxsize = 100
ldap_cache_zimlet_maxage = 15
ldap_cache_zimlet_maxsize = 100
ldap_connect_pool_debug = false
ldap_connect_pool_initsize = 1
ldap_connect_pool_master = false
ldap_connect_pool_maxsize = 50
ldap_connect_pool_prefsize = 0
ldap_connect_pool_timeout = 120000
ldap_connect_timeout = 30000
ldap_host = FQDN-MASTER
ldap_is_master = false
ldap_log_level = 32768
ldap_master_url = FQDN-MASTER:389
ldap_port = 389
ldap_postfix_password = *
ldap_replication_password = *
ldap_require_tls = false
ldap_root_password = *
ldap_starttls_supported = 1
ldap_url = ldap://FQDN-REPLICA:389 ldap://FQDN- MASTER:389
postfix_sender_canonical_maps = ldap:${zimbra_home}/conf/ldap-scm.cf
postfix_transport_maps = ldap:${zimbra_home}/conf/ldap-transport.cf
postfix_virtual_alias_domains = ldap:${zimbra_home}/conf/ldap-vad.cf
postfix_virtual_alias_maps = ldap:${zimbra_home}/conf/ldap-vam.cf
postfix_virtual_mailbox_domains = ldap:${zimbra_home}/conf/ldap-vmd.cf
postfix_virtual_mailbox_maps = ldap:${zimbra_home}/conf/ldap-vmm.cf
zimbra_class_provisioning = com.zimbra.cs.account.ldap.LdapProvisioning
zimbra_ldap_password = *
zimbra_ldap_user = zimbra
zimbra_ldap_userdn = uid=zimbra,cn=admins,cn=zimbra
zimbra_zmprov_default_to_ldap = false when I try to debug Code: mail2:~# sudo /opt/zimbra/libexec/zmslapd -l LOCAL0 -4 -u zimbra -h ldap://localhost:389 -f /opt/zimbra/conf/slapd.conf -d 7
@(#) $OpenLDAP: slapd 2.3.39 (Dec 1 2007 22:06:14) $
root@build-debian-etch:/home/build/p4/main/ThirdParty/openldap/openldap-2.3.39.6z/servers/slapd
daemon_init: ldap://localhost:389
daemon_init: listen on ldap://localhost:389
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap://localhost:389)
daemon: listener initialized ldap://localhost:389
daemon_init: 1 listeners opened
slapd init: initiated server.
slap_sasl_init: initialized!
bdb_back_initialize: initialize BDB backend
bdb_back_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize: <>
<<< dnNormalize: <>
>>> dnNormalize:
=> ldap_bv2dn(cn=Subschema,0)
<= ldap_bv2dn(cn=Subschema)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=subschema)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(cn=zimbra,0)
<= ldap_bv2dn(cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra,0)
<= ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=zmpostfix,cn=appaccts,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra,0)
<= ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=zmamavis,cn=appaccts,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra,0)
<= ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=zmamavis,cn=appaccts,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra,0)
<= ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=zmamavis,cn=appaccts,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra,0)
<= ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=zmpostfix,cn=appaccts,cn=zimbra)=0
<<< dnNormalize:
put_filter: "(!(zimbraHideInGal=TRUE))"
put_filter: NOT
put_filter_list "(zimbraHideInGal=TRUE)"
put_filter: "(zimbraHideInGal=TRUE)"
put_filter: simple
put_simple_filter: "zimbraHideInGal=TRUE"
ber_scanf fmt ({mm}) ber:
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra,0)
<= ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=zmpostfix,cn=appaccts,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra,0)
<= ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=zmpostfix,cn=appaccts,cn=zimbra)=0
<<< dnNormalize:
>>> dnNormalize:
=> ldap_bv2dn(cn=admins,cn=zimbra,0)
<= ldap_bv2dn(cn=admins,cn=zimbra)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admins,cn=zimbra)=0
<<< dnNormalize:
slapd destroy: freeing system resources.
slapd stopped.
connections_destroy: nothing to destroy. Any suggestion?  |
01-01-2008, 08:41 PM
| | |
Please help
Just want the thread go up to the top |
01-02-2008, 09:47 AM
| | Zimbra Employee | |
Posts: 604
| |
You probably ran into this bug. Bug 21633 - ldap only replica broken - missing certs
Steps need to manually enable a replica after installing it disabled are:
1) install ldap disabled
2) create certificates, using the command "/opt/zimbra/bin/zmcertmgr install "
3) enable ldap replica, using /opt/zimbra/libexec/zmldapenablereplica |
01-02-2008, 11:00 AM
| | |
I do another test on vmware ,first server(mail1) install and operate normally no any error from install.sh. All setting are the same as the real server that I first tried.
Below is the result of mail2 with zimbra ldap disable ...still good. Code: Main menu
1) Common Configuration:
2) zimbra-ldap: Disabled
3) zimbra-store: Enabled
4) zimbra-mta: Enabled
5) zimbra-snmp: Enabled
6) zimbra-spell: Enabled
7) Default Class of Service Configuration:
r) Start servers after configuration yes
s) Save config to file
x) Expand menu
q) Quit
*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes]
Save config in file: [/opt/zimbra/config.5250]
Saving config in /opt/zimbra/config.5250...done.
The system will be modified - continue? [No] Y
Operations logged to /tmp/zmsetup.01032008-001004.log
Setting local config values...done.
Updating ldap_root_password and zimbra_ldap_password...done.
Setting up CA...done.
Creating SSL certificate...done.
Deploying CA to /opt/zimbra/conf/ca ...done.
Installing SSL certificate...done.
Creating server entry for mail2.asb.local...done.
Setting spell check URL...done.
Setting service ports on mail2.asb.local...done.
Adding mail2.asb.local to zimbraMailHostPool in default COS...done.
Installing skins...
bare
hotrod
sand
waves
lemongrass
beach
bones
steel
sky
lavender
done.
Setting zimbraFeatureIMEnabled=FALSE...done.
Setting zimbraFeatureTasksEnabled=TRUE...done.
Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
Setting zimbraFeatureNotebookEnabled=TRUE...done.
Setting MTA auth host...done.
Creating user admin@asb.local...done.
Creating postmaster alias...done.
Creating user wiki@asb.local...done.
Creating user spam.gax5khzf@asb.local...done.
Creating user ham.wihhcmwk@asb.local...done.
Setting spam training accounts...done.
Initializing store sql database...done.
Setting zimbraSmtpHostname for mail2.asb.local...done.
Initializing mta config...done.
Configuring SNMP...done.
Setting services on mail2.asb.local...done.
Setting up zimbra crontab...done.
Setting up syslog.conf...done.
You have the option of notifying Zimbra of your installation.
This helps us to track the uptake of the Zimbra Collaboration Suite.
The only information that will be transmitted is:
The VERSION of zcs installed (5.0.0_GA_1869_DEBIAN4.0)
The ADMIN EMAIL ADDRESS created (admin@asb.local)
Notify Zimbra of your installation? [Yes] no
Notification skipped
Starting servers...done.
Checking for deprecated zimlets...done.
Installing zimlets...
com_zimbra_phone
com_zimbra_url
com_zimbra_search
com_zimbra_date
com_zimbra_email
com_zimbra_local
com_zimbra_cert_manager
done.
Initializing Documents...done.
Restarting mailboxd...done.
Moving /tmp/zmsetup.01032008-001004.log to /opt/zimbra/log
Configuration complete - press return to exit
Then I try as documentation suggest Code: mail2:/# sudo -u zimbra /opt/zimbra/bin/zmupdateauthkeys
updating mail1.asb.local
Fetching key for mail1.asb.local
updating mail2.asb.local
Fetching key for mail2.asb.local
Updating /opt/zimbra/.ssh/authorized_keys After I found from last time I ran zmldapenablereplicait has 2 errors
First.../opt/zimbra/openldap/sbin/slappasswd: option requires an argument
Second ......./opt/zimbra/libexec/: line 211: zmlocalconfig
So I modified the zmldapenablereplica to be
fix the zmlocalconfig path and hard code ldap root password. Code: #!/bin/bash
#
# ***** BEGIN LICENSE BLOCK *****
#
# Zimbra Collaboration Suite Server
# Copyright (C) 2005, 2006, 2007 Zimbra, Inc.
#
# The contents of this file are subject to the Yahoo! Public License
# Version 1.0 ("License"); you may not use this file except in
# compliance with the License. You may obtain a copy of the License at
# http://www.zimbra.com/license.
#
# Software distributed under the License is distributed on an "AS IS"
# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
#
# ***** END LICENSE BLOCK *****
#
source `dirname $0`/../bin/zmshutil || exit 1
if [ "x$1" != "x" ]; then
echo "Usage: $0"
echo " Use $0 to set up this server as an ldap replica"
exit 1
fi
zmsetvars -f\
zimbra_home \
zimbra_server_hostname \
ldap_master_url \
ldap_port \
ldap_root_password \
zimbra_ldap_password \
zimbra_ldap_userdn \
ldap_replication_password
ldap_master_host=`echo ${ldap_master_url} | sed -e 's|ldaps*://\([^:]*\):*.*|\1|'`
verifyLdapInstalled() {
echo -n "Looking for LDAP installation..."
if [ ! -d ${zimbra_home}/openldap/etc ]; then
echo "FAILED"
echo "ERROR: openldap does not appear to be installed - exiting"
exit 1
fi
echo "succeeded"
}
verifyLdap() {
echo -n "Verifying ldap on ${ldap_master_url}..."
LDS="${zimbra_home}/bin/ldapsearch";
ARGS="-x -H ${ldap_master_url} -D ${zimbra_ldap_userdn} -w ${zimbra_ldap_password}"
OUTPUT=`$LDS $ARGS 2>&1`
if [ $? -ne 0 ]; then
echo "FAILED"
echo "ERROR: Unable to verify ldap connection on ${ldap_master_url} - exiting"
echo "$LDS $ARGS"
echo $OUTPUT
exit 1
fi
echo "succeeded"
}
enableSyncProv() {
echo -n "Enabling sync provider..."
sed -i.pre-replica -e '/syncprov/ s/#//g' -e '/accesslog/ s/###//g' ${zimbra_home}/conf/slapd.conf.in
mkdir -p ${zimbra_home}/openldap-data/accesslog/db
mkdir -p ${zimbra_home}/openldap-data/accesslog/logs
cp -p -f ${zimbra_home}/openldap/etc/openldap/master-accesslog.conf ${zimbra_home}/conf/
cp -p -f ${zimbra_home}/openldap/etc/openldap/master-accesslog-overlay.conf ${zimbra_home}/conf/
echo "succeeded"
}
createLdapConfig() {
echo -n "Creating LDAP config in ${zimbra_home}/conf/slapd.conf..."
root_sha=`${zimbra_home}/openldap/sbin/slappasswd -s myldaprootpassword`
sed -e "s|^rootpw.*|rootpw ${root_sha}|" \
${zimbra_home}/openldap/etc/openldap/slapd.conf > ${zimbra_home}/conf/slapd.conf.in
sed -e '/overlay syncprov/d' -e '/syncprov-/d' ${zimbra_home}/conf/slapd.conf.in >/tmp/slapd.conf.in.$$
mv -f /tmp/slapd.conf.in.$$ ${zimbra_home}/conf/slapd.conf.in
if [ $? -ne 0 ]; then
echo "FAILED"
echo "ERROR - LDAP config creation failed - exiting"
fi
ldap_replica_rid=100
if [ -f "/opt/zimbra/lib/conf/zimbra-ext.schema" ]; then
sed -e '\|/opt/zimbra/openldap/etc/openldap/schema/zimbra.schema| a\
include "/opt/zimbra/lib/conf/zimbra-ext.schema"' ${zimbra_home}/conf/slapd.conf.in > /tmp/slapd.conf
mv -f /tmp/slapd.conf ${zimbra_home}/conf/slapd.conf.in
fi
if [ $? -ne 0 ]; then
echo "FAILED"
echo "ERROR - LDAP config creation failed - exiting"
fi
num=`expr match "$ldap_url" 'ldaps*'`
if [ "$num" == 5 ]; then
cat >> ${zimbra_home}/conf/slapd.conf.in <> ${zimbra_home}/conf/slapd.conf.in < /dev/null 2>&1
if [ $? -ne 0 ]; then
echo "FAILED"
echo "Remote shutdown failed - exiting"
exit 1
fi
echo "done"
}
stopZimbra() {
echo -n "Shutting down Zimbra Services on ${zimbra_server_hostname}..."
zmcontrol stop > /dev/null 2>&1
echo "done"
}
replicateLdap() {
echo -n "Replicating ldap data from ${ldap_master_host}..."
echo -n "Copying data..."
echo "HOST:${ldap_master_host} slapcat" | ${zimbra_home}/libexec/zmrc ${ldap_master_host} | \
grep -v STARTCMD | grep -v ENDCMD > /tmp/repl.ldif
if [ $? -ne 0 ]; then
echo "FAILED"
echo "Ldap replication failed - exiting"
exit 1
fi
echo -n "Writing data..."
${zimbra_home}/openldap/sbin/slapadd -q -w -b '' -f ${zimbra_home}/conf/slapd.conf -l /tmp/repl.ldif
if [ $? -ne 0 ]; then
echo "FAILED"
echo "Ldap replication failed - exiting"
exit 1
fi
#/bin/rm -f /tmp/repl.ldif
echo "succeeded"
}
updateLdapHost() {
echo -n "Setting ldap_url on ${zimbra_server_hostname}...";
if [ ${ldap_port} = 636 ]; then
proto="ldaps"
else
proto="ldap"
fi
${zimbra_home}/bin/zmlocalconfig -e ldap_url="${proto}://${zimbra_server_hostname}:${ldap_port} ${ldap_master_url}"
echo "done"
}
startRemoteZimbra() {
echo -n "Starting remote Zimbra Services on ${ldap_master_host}..."
echo "HOST:${ldap_master_host} startup" | ${zimbra_home}/libexec/zmrc ${ldap_master_host} \
> /dev/null 2>&1
if [ $? -ne 0 ]; then
echo "FAILED"
echo "Remote startup failed - exiting"
exit 1
fi
echo "done"
}
startLdap() {
echo -n "Starting LDAP on ${zimbra_server_hostname}..."
${zimbra_home}/bin/ldap start > /dev/null 2>&1
echo "done"
}
stopLdap() {
echo -n "Stopping LDAP on ${zimbra_server_hostname}..."
${zimbra_home}/bin/ldap stop > /dev/null 2>&1
echo "done"
}
if [ $ldap_master_host = $zimbra_server_hostname ]; then
enableSyncProv
stopLdap
startLdap
exit 0
fi
verifyLdapInstalled
verifyLdap
createLdapConfig
enableLdapService
#stopZimbra
#stopRemoteZimbra
#replicateLdap
updateLdapHost
#startRemoteZimbra
zmsetvars -f ldap_url
startLdap and this is the result Code: mail2:/# sudo -u zimbra /opt/zimbra/libexec/zmldapenablereplica
Looking for LDAP installation...succeeded
Verifying ldap on ldap://mail1.asb.local:389...succeeded
Creating LDAP config in /opt/zimbra/conf/slapd.conf...succeeded
Enabling LDAP service on mail2.asb.local......succeeded
Setting ldap_url on mail2.asb.local...done
Starting LDAP on mail2.asb.local...done
mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
Host mail2.asb.local
antispam Running
antivirus Running
mailbox Running
mta Running
snmp Running
spell Running
stats Running
mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol stop
Host mail2.asb.local
Stopping stats...Done
Stopping mta...Done
Stopping spell...Done
Stopping snmp...Done
Stopping archiving...Done
Stopping antivirus...Done
Stopping antispam...Done
Stopping imapproxy...Done
Stopping mailbox...Done
Stopping logger...Done
Stopping ldap...Done
mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol start
Host mail2.asb.local
Starting ldap...Done.
Starting mailbox...Done.
Starting antispam...Done.
Starting antivirus...Done.
Starting snmp...Done.
Starting spell...Done.
Starting mta...Done.
Starting stats...Done.
mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
Host mail2.asb.local
antispam Stopped
zmmtaconfigctl is not running
amavisd running pid: 14893
antivirus Stopped
zmmtaconfigctl is not running
amavisd running pid: 14893
ldap Running
mailbox Stopped
zmmtaconfigctl is not running
mta Stopped
zmmtaconfigctl is not running
saslauthd is running with pid 15134
snmp Running
spell Running
stats Stopped I also tried zmcertmgr as you suggest but no luck either.
Thanks for your kindly help. Any suggestion? |
01-02-2008, 11:06 AM
| | |
I do another test on vmware ,first server(mail1) install and operate normally no any error from install.sh. All setting are the same as the real server that I first tried.
Below is the result of mail2 with zimbra ldap disable ...still good. Code: Main menu
1) Common Configuration:
2) zimbra-ldap: Disabled
3) zimbra-store: Enabled
4) zimbra-mta: Enabled
5) zimbra-snmp: Enabled
6) zimbra-spell: Enabled
7) Default Class of Service Configuration:
r) Start servers after configuration yes
s) Save config to file
x) Expand menu
q) Quit
*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes]
Save config in file: [/opt/zimbra/config.5250]
Saving config in /opt/zimbra/config.5250...done.
The system will be modified - continue? [No] Y
Operations logged to /tmp/zmsetup.01032008-001004.log
Setting local config values...done.
Updating ldap_root_password and zimbra_ldap_password...done.
Setting up CA...done.
Creating SSL certificate...done.
Deploying CA to /opt/zimbra/conf/ca ...done.
Installing SSL certificate...done.
Creating server entry for mail2.asb.local...done.
Setting spell check URL...done.
Setting service ports on mail2.asb.local...done.
Adding mail2.asb.local to zimbraMailHostPool in default COS...done.
Installing skins...
bare
hotrod
sand
waves
lemongrass
beach
bones
steel
sky
lavender
done.
Setting zimbraFeatureIMEnabled=FALSE...done.
Setting zimbraFeatureTasksEnabled=TRUE...done.
Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
Setting zimbraFeatureNotebookEnabled=TRUE...done.
Setting MTA auth host...done.
Creating user admin@asb.local...done.
Creating postmaster alias...done.
Creating user wiki@asb.local...done.
Creating user spam.gax5khzf@asb.local...done.
Creating user ham.wihhcmwk@asb.local...done.
Setting spam training accounts...done.
Initializing store sql database...done.
Setting zimbraSmtpHostname for mail2.asb.local...done.
Initializing mta config...done.
Configuring SNMP...done.
Setting services on mail2.asb.local...done.
Setting up zimbra crontab...done.
Setting up syslog.conf...done.
You have the option of notifying Zimbra of your installation.
This helps us to track the uptake of the Zimbra Collaboration Suite.
The only information that will be transmitted is:
The VERSION of zcs installed (5.0.0_GA_1869_DEBIAN4.0)
The ADMIN EMAIL ADDRESS created (admin@asb.local)
Notify Zimbra of your installation? [Yes] no
Notification skipped
Starting servers...done.
Checking for deprecated zimlets...done.
Installing zimlets...
com_zimbra_phone
com_zimbra_url
com_zimbra_search
com_zimbra_date
com_zimbra_email
com_zimbra_local
com_zimbra_cert_manager
done.
Initializing Documents...done.
Restarting mailboxd...done.
Moving /tmp/zmsetup.01032008-001004.log to /opt/zimbra/log
Configuration complete - press return to exit
Then I try as documentation suggest Code: mail2:/# sudo -u zimbra /opt/zimbra/bin/zmupdateauthkeys
updating mail1.asb.local
Fetching key for mail1.asb.local
updating mail2.asb.local
Fetching key for mail2.asb.local
Updating /opt/zimbra/.ssh/authorized_keys |
01-02-2008, 11:07 AM
| | |
After I found from last time I ran zmldapenablereplicait has 2 errors
First.../opt/zimbra/openldap/sbin/slappasswd: option requires an argument
Second ......./opt/zimbra/libexec/: line 211: zmlocalconfig
So I modified the zmldapenablereplica to be
fix the zmlocalconfig path and hard code ldap root password. Code: #!/bin/bash
#
# ***** BEGIN LICENSE BLOCK *****
#
# Zimbra Collaboration Suite Server
# Copyright (C) 2005, 2006, 2007 Zimbra, Inc.
#
# The contents of this file are subject to the Yahoo! Public License
# Version 1.0 ("License"); you may not use this file except in
# compliance with the License. You may obtain a copy of the License at
# http://www.zimbra.com/license.
#
# Software distributed under the License is distributed on an "AS IS"
# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
#
# ***** END LICENSE BLOCK *****
#
source `dirname $0`/../bin/zmshutil || exit 1
if [ "x$1" != "x" ]; then
echo "Usage: $0"
echo " Use $0 to set up this server as an ldap replica"
exit 1
fi
zmsetvars -f\
zimbra_home \
zimbra_server_hostname \
ldap_master_url \
ldap_port \
ldap_root_password \
zimbra_ldap_password \
zimbra_ldap_userdn \
ldap_replication_password
ldap_master_host=`echo ${ldap_master_url} | sed -e 's|ldaps*://\([^:]*\):*.*|\1|'`
verifyLdapInstalled() {
echo -n "Looking for LDAP installation..."
if [ ! -d ${zimbra_home}/openldap/etc ]; then
echo "FAILED"
echo "ERROR: openldap does not appear to be installed - exiting"
exit 1
fi
echo "succeeded"
}
verifyLdap() {
echo -n "Verifying ldap on ${ldap_master_url}..."
LDS="${zimbra_home}/bin/ldapsearch";
ARGS="-x -H ${ldap_master_url} -D ${zimbra_ldap_userdn} -w ${zimbra_ldap_password}"
OUTPUT=`$LDS $ARGS 2>&1`
if [ $? -ne 0 ]; then
echo "FAILED"
echo "ERROR: Unable to verify ldap connection on ${ldap_master_url} - exiting"
echo "$LDS $ARGS"
echo $OUTPUT
exit 1
fi
echo "succeeded"
}
enableSyncProv() {
echo -n "Enabling sync provider..."
sed -i.pre-replica -e '/syncprov/ s/#//g' -e '/accesslog/ s/###//g' ${zimbra_home}/conf/slapd.conf.in
mkdir -p ${zimbra_home}/openldap-data/accesslog/db
mkdir -p ${zimbra_home}/openldap-data/accesslog/logs
cp -p -f ${zimbra_home}/openldap/etc/openldap/master-accesslog.conf ${zimbra_home}/conf/
cp -p -f ${zimbra_home}/openldap/etc/openldap/master-accesslog-overlay.conf ${zimbra_home}/conf/
echo "succeeded"
}
createLdapConfig() {
echo -n "Creating LDAP config in ${zimbra_home}/conf/slapd.conf..."
root_sha=`${zimbra_home}/openldap/sbin/slappasswd -s myldaprootpassword`
sed -e "s|^rootpw.*|rootpw ${root_sha}|" \
${zimbra_home}/openldap/etc/openldap/slapd.conf > ${zimbra_home}/conf/slapd.conf.in
sed -e '/overlay syncprov/d' -e '/syncprov-/d' ${zimbra_home}/conf/slapd.conf.in >/tmp/slapd.conf.in.$$
mv -f /tmp/slapd.conf.in.$$ ${zimbra_home}/conf/slapd.conf.in
if [ $? -ne 0 ]; then
echo "FAILED"
echo "ERROR - LDAP config creation failed - exiting"
fi
ldap_replica_rid=100
if [ -f "/opt/zimbra/lib/conf/zimbra-ext.schema" ]; then
sed -e '\|/opt/zimbra/openldap/etc/openldap/schema/zimbra.schema| a\
include "/opt/zimbra/lib/conf/zimbra-ext.schema"' ${zimbra_home}/conf/slapd.conf.in > /tmp/slapd.conf
mv -f /tmp/slapd.conf ${zimbra_home}/conf/slapd.conf.in
fi
if [ $? -ne 0 ]; then
echo "FAILED"
echo "ERROR - LDAP config creation failed - exiting"
fi
num=`expr match "$ldap_url" 'ldaps*'`
if [ "$num" == 5 ]; then
cat >> ${zimbra_home}/conf/slapd.conf.in <> ${zimbra_home}/conf/slapd.conf.in < /dev/null 2>&1
if [ $? -ne 0 ]; then
echo "FAILED"
echo "Remote shutdown failed - exiting"
exit 1
fi
echo "done"
}
stopZimbra() {
echo -n "Shutting down Zimbra Services on ${zimbra_server_hostname}..."
zmcontrol stop > /dev/null 2>&1
echo "done"
}
replicateLdap() {
echo -n "Replicating ldap data from ${ldap_master_host}..."
echo -n "Copying data..."
echo "HOST:${ldap_master_host} slapcat" | ${zimbra_home}/libexec/zmrc ${ldap_master_host} | \
grep -v STARTCMD | grep -v ENDCMD > /tmp/repl.ldif
if [ $? -ne 0 ]; then
echo "FAILED"
echo "Ldap replication failed - exiting"
exit 1
fi
echo -n "Writing data..."
${zimbra_home}/openldap/sbin/slapadd -q -w -b '' -f ${zimbra_home}/conf/slapd.conf -l /tmp/repl.ldif
if [ $? -ne 0 ]; then
echo "FAILED"
echo "Ldap replication failed - exiting"
exit 1
fi
#/bin/rm -f /tmp/repl.ldif
echo "succeeded"
}
updateLdapHost() {
echo -n "Setting ldap_url on ${zimbra_server_hostname}...";
if [ ${ldap_port} = 636 ]; then
proto="ldaps"
else
proto="ldap"
fi
${zimbra_home}/bin/zmlocalconfig -e ldap_url="${proto}://${zimbra_server_hostname}:${ldap_port} ${ldap_master_url}"
echo "done"
}
startRemoteZimbra() {
echo -n "Starting remote Zimbra Services on ${ldap_master_host}..."
echo "HOST:${ldap_master_host} startup" | ${zimbra_home}/libexec/zmrc ${ldap_master_host} \
> /dev/null 2>&1
if [ $? -ne 0 ]; then
echo "FAILED"
echo "Remote startup failed - exiting"
exit 1
fi
echo "done"
}
startLdap() {
echo -n "Starting LDAP on ${zimbra_server_hostname}..."
${zimbra_home}/bin/ldap start > /dev/null 2>&1
echo "done"
}
stopLdap() {
echo -n "Stopping LDAP on ${zimbra_server_hostname}..."
${zimbra_home}/bin/ldap stop > /dev/null 2>&1
echo "done"
}
if [ $ldap_master_host = $zimbra_server_hostname ]; then
enableSyncProv
stopLdap
startLdap
exit 0
fi
verifyLdapInstalled
verifyLdap
createLdapConfig
enableLdapService
#stopZimbra
#stopRemoteZimbra
#replicateLdap
updateLdapHost
#startRemoteZimbra
zmsetvars -f ldap_url
startLdap and this is the result Code: mail2:/# sudo -u zimbra /opt/zimbra/libexec/zmldapenablereplica
Looking for LDAP installation...succeeded
Verifying ldap on ldap://mail1.asb.local:389...succeeded
Creating LDAP config in /opt/zimbra/conf/slapd.conf...succeeded
Enabling LDAP service on mail2.asb.local......succeeded
Setting ldap_url on mail2.asb.local...done
Starting LDAP on mail2.asb.local...done
mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
Host mail2.asb.local
antispam Running
antivirus Running
mailbox Running
mta Running
snmp Running
spell Running
stats Running
mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol stop
Host mail2.asb.local
Stopping stats...Done
Stopping mta...Done
Stopping spell...Done
Stopping snmp...Done
Stopping archiving...Done
Stopping antivirus...Done
Stopping antispam...Done
Stopping imapproxy...Done
Stopping mailbox...Done
Stopping logger...Done
Stopping ldap...Done
mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol start
Host mail2.asb.local
Starting ldap...Done.
Starting mailbox...Done.
Starting antispam...Done.
Starting antivirus...Done.
Starting snmp...Done.
Starting spell...Done.
Starting mta...Done.
Starting stats...Done.
mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
Host mail2.asb.local
antispam Stopped
zmmtaconfigctl is not running
amavisd running pid: 14893
antivirus Stopped
zmmtaconfigctl is not running
amavisd running pid: 14893
ldap Running
mailbox Stopped
zmmtaconfigctl is not running
mta Stopped
zmmtaconfigctl is not running
saslauthd is running with pid 15134
snmp Running
spell Running
stats Stopped I also tried zmcertmgr as you suggest but no luck either.
Thanks for your kindly help. Any suggestion? |
01-02-2008, 11:28 AM
| | Zimbra Employee | |
Posts: 580
| |
I've pulled in the fix for zmlocalconfig being called via the full path.
It looks like the first time around, you managed to not set the ldap root password (not quite sure how that happened), which is why zmldapenablereplica was throwing an error there.
Try starting slapd with -d -1 instead of -d 7 to get full debug output.
--Quanah
__________________
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
|
01-02-2008, 12:10 PM
| | Zimbra Employee | |
Posts: 604
| |
Another recommendation if you are planning on using ldap as a replica then just install ldap with the service enabled, it'll avoid this problem altogether. |
01-02-2008, 09:18 PM
| | |
Quote:
Originally Posted by brian  Another recommendation if you are planning on using ldap as a replica then just install ldap with the service enabled, it'll avoid this problem altogether. | Hi Brian,thanks again for you help, I'm not sure I fully understand your suggestion so If I want to set up 2 mail server for 2 site with users mailbox at both site. Email from the internet will come to the server with lower mx record and then LMTP to another server. Outgoing mail will go directry from each site.
and I have 2 machine then mail1 should be install normally and then set all ldap related password (admin,root,replication,postfix,amavis) Code:
Install zimbra-ldap [Y]
Install zimbra-logger [Y]
Install zimbra-mta [Y]
Install zimbra-snmp [Y]
Install zimbra-store [Y]
Install zimbra-apache [Y]
Install zimbra-spell [Y]
Install zimbra-proxy [N]
) mail2
Install with No zimbra-logger then set enable zimbra-ldap with creat domain "NO"
and then set all ldap related password as the same as the first server.
And then change the master ldap host Code: Install zimbra-ldap [Y]
Install zimbra-logger [N]
Install zimbra-mta [Y]
Install zimbra-snmp [Y]
Install zimbra-store [Y]
Install zimbra-apache [Y]
Install zimbra-spell [Y]
Install zimbra-proxy [N]
1) Status: Enabled
2) Create Domain: NO
3) Ldap Root password: set
4) Ldap Replication password: set
5) Ldap Postfix password: set
6) Ldap Amavis password: set
1) Hostname: mail2.asb.local
2) Ldap master host: mail1.asb.local
3) Ldap port: 389
4) Ldap Admin password: set
5) TimeZone: (GMT+07.00) Bangkok / Hanoi / Jakarta Do I have to do zmupdateauthkeys and zmldapenablereplica for both machine as the documentation or it will do automatically. This may be very simple question but I cannot find the the forum and wiki and feel very lost here. |
01-02-2008, 11:24 PM
| | |
Just follow new documentation here http://www.zimbra.com/docs/os/latest...erver_install/
And the installation went smoothly I should have read this before ask the question  . ...Anyway,Thanks for your kindly help.
Anyway I set all the ldap related password for mail1 server admin,root,replication,postfix,amavis
and then for mail2 the same as mail1 and it works.
is it required? I read in the documentation and it seem that for replica only need just admin password to be filled in. | | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
