[SOLVED] OpenSUSE 10.3 - Multiple MX Record Issues

[r8escjohn]

Hello All,
Am attempting to install ZCS 5.01_GA on OpenSUSE 10.3 (text mode only install) am getting LDAP Install issues (see below). Have followed bigmudcake's directions to the letter. (Thanks bunch for the directions! ). Before I get into all of the wonderful details of my multiple install and de-installs- a question. Is it even possible to install a Zimbra box in a domain that already has a production Mail server, even if I have defined the Zimbra box with a MX record above original box? Or, does the Zimbra box need to be THE ONLY mail server defined in the domain for LDAP to setup correctly? I'm thinking that may be where I am hitting a big brick wall and wanted to check that out as why the LDAP install always bombs. Also, I have disabled the SUSE Firewall and Novell App Armor with no luck. I am intending to replace our existing mail solution with Zimbra over time and keep our existing mail server in production and slowly migrate, at least that is that plan.

Main LDAP Install Error that I constantly get-

Code:

zimbra-ldap is enabled
Initializing ldap...
*** Running as zimbra user: /opt/zimbra/libexec/zmldapinit
IO::Socket::INET: connect: Connection refused at /opt/zimbra/libexec/zmldapinit line 160.
failed. (28416)


ERROR



Configuration failed

All of the gory details-
'mail' is our production mail server and 'mail1' is the Zimbra box.

Code:

mail1:/ # dig r8esc.k12.in.us MX

; <<>> DiG 9.4.1-P1 <<>> r8esc.k12.in.us MX
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19800
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 5

;; QUESTION SECTION:
;r8esc.k12.in.us.               IN      MX

;; ANSWER SECTION:
r8esc.k12.in.us.        68400   IN      MX      10 mail.r8esc.k12.in.us.
r8esc.k12.in.us.        68400   IN      MX      50 mail1.r8esc.k12.in.us.

;; AUTHORITY SECTION:
r8esc.k12.in.us.        68400   IN      NS      neptune.r8esc.k12.in.us.
r8esc.k12.in.us.        68400   IN      NS      washington.ind.net.
r8esc.k12.in.us.        68400   IN      NS      lotus.doe.state.in.us.

;; ADDITIONAL SECTION:
mail.r8esc.k12.in.us.   68400   IN      A       165.138.176.1
mail1.r8esc.k12.in.us.  68400   IN      A       165.138.176.10
lotus.doe.state.in.us.  80935   IN      A       165.139.1.10
neptune.r8esc.k12.in.us. 68400  IN      A       165.138.176.1
washington.ind.net.     170492  IN      A       157.91.1.1

;; Query time: 1 msec
;; SERVER: 165.138.176.1#53(165.138.176.1)
;; WHEN: Tue Jan 22 13:53:39 2008
;; MSG SIZE  rcvd: 240

mail1:/ # hostname
mail1
mail1:/ # more /etc/hosts
#
# hosts         This file describes a number of hostname-to-address
#               mappings for the TCP/IP subsystem.  It is mostly
#               used at boot time, when no name servers are running.
#               On small systems, this file can be used instead of a
#               "named" name server.
# Syntax:
#
# IP-Address  Full-Qualified-Hostname  Short-Hostname
#

127.0.0.1       localhost.localdomain   localhost
165.138.176.10  mail1.r8esc.k12.in.us mail1
hostname        mail1.r8esc.k12.in.us
# special IPv6 addresses
::1             localhost ipv6-localhost ipv6-loopback

fe00::0         ipv6-localnet

ff00::0         ipv6-mcastprefix
ff02::1         ipv6-allnodes
ff02::2         ipv6-allrouters
ff02::3         ipv6-allhosts
127.0.0.2       mail1.r8esc.k12.in.us mail1
# 127.0.0.2       mail1.r8esc.k12.in.us mail1

Zimbra.log-

Code:

Jan 22 13:31:48 mail1 slapd[20739]: @(#) $OpenLDAP: slapd 2.3.40 (Jan  5 2008 16:27:27) $ 	build@build-suse102:/home/build/p4/main/ThirdParty/openldap/openldap-2.3.40.6z/servers/slapd
Jan 22 13:31:48 mail1 slapd[20739]: main: TLS init def ctx failed: -1
Jan 22 13:31:48 mail1 slapd[20739]: slapd stopped.
Jan 22 13:31:48 mail1 slapd[20739]: connections_destroy: nothing to destroy.
Jan 22 13:31:53 mail1 slapd[20741]: @(#) $OpenLDAP: slapd 2.3.40 (Jan  5 2008 16:27:27) $ 	build@build-suse102:/home/build/p4/main/ThirdParty/openldap/openldap-2.3.40.6z/servers/slapd
Jan 22 13:31:53 mail1 slapd[20741]: main: TLS init def ctx failed: -1
Jan 22 13:31:53 mail1 slapd[20741]: slapd stopped.
Jan 22 13:31:53 mail1 slapd[20741]: connections_destroy: nothing to destroy.
Jan 22 13:31:58 mail1 slapd[20743]: @(#) $OpenLDAP: slapd 2.3.40 (Jan  5 2008 16:27:27) $ 	build@build-suse102:/home/build/p4/main/ThirdParty/openldap/openldap-2.3.40.6z/servers/slapd
Jan 22 13:31:58 mail1 slapd[20743]: main: TLS init def ctx failed: -1
Jan 22 13:31:58 mail1 slapd[20743]: slapd stopped.
Jan 22 13:31:58 mail1 slapd[20743]: connections_destroy: nothing to destroy.
Jan 22 13:32:03 mail1 slapd[20745]: @(#) $OpenLDAP: slapd 2.3.40 (Jan  5 2008 16:27:27) $ 	build@build-suse102:/home/build/p4/main/ThirdParty/openldap/openldap-2.3.40.6z/servers/slapd
Jan 22 13:32:04 mail1 slapd[20745]: main: TLS init def ctx failed: -1
Jan 22 13:32:04 mail1 slapd[20745]: slapd stopped.
Jan 22 13:32:04 mail1 slapd[20745]: connections_destroy: nothing to destroy.
Jan 22 13:32:09 mail1 slapd[20747]: @(#) $OpenLDAP: slapd 2.3.40 (Jan  5 2008 16:27:27) $ 	build@build-suse102:/home/build/p4/main/ThirdParty/openldap/openldap-2.3.40.6z/servers/slapd
Jan 22 13:32:09 mail1 slapd[20747]: main: TLS init def ctx failed: -1
Jan 22 13:32:09 mail1 slapd[20747]: slapd stopped.
Jan 22 13:32:09 mail1 slapd[20747]: connections_destroy: nothing to destroy.
Jan 22 13:32:14 mail1 slapd[20749]: @(#) $OpenLDAP: slapd 2.3.40 (Jan  5 2008 16:27:27) $ 	build@build-suse102:/home/build/p4/main/ThirdParty/openldap/openldap-2.3.40.6z/servers/slapd
Jan 22 13:32:14 mail1 slapd[20749]: main: TLS init def ctx failed: -1
Jan 22 13:32:14 mail1 slapd[20749]: slapd stopped.
Jan 22 13:32:14 mail1 slapd[20749]: connections_destroy: nothing to destroy.
Jan 22 13:32:19 mail1 slapd[20751]: @(#) $OpenLDAP: slapd 2.3.40 (Jan  5 2008 16:27:27) $ 	build@build-suse102:/home/build/p4/main/ThirdParty/openldap/openldap-2.3.40.6z/servers/slapd
Jan 22 13:32:19 mail1 slapd[20751]: main: TLS init def ctx failed: -1
Jan 22 13:32:19 mail1 slapd[20751]: slapd stopped.
Jan 22 13:32:19 mail1 slapd[20751]: connections_destroy: nothing to destroy.
Jan 22 13:32:24 mail1 slapd[20753]: @(#) $OpenLDAP: slapd 2.3.40 (Jan  5 2008 16:27:27) $ 	build@build-suse102:/home/build/p4/main/ThirdParty/openldap/openldap-2.3.40.6z/servers/slapd
Jan 22 13:32:24 mail1 slapd[20753]: main: TLS init def ctx failed: -1
Jan 22 13:32:24 mail1 slapd[20753]: slapd stopped.
Jan 22 13:32:24 mail1 slapd[20753]: connections_destroy: nothing to destroy.

Full Zimbra Install Log

Code:

Operations logged to /tmp/zmsetup.01222008-132937.log
Getting installed packages
checking isEnabled zimbra-core
zimbra-core not in enabled cache
enabled packages 
Newinstall enabling all installed packages
Enabling zimbra-core
Enabling zimbra-ldap
Enabling zimbra-store
Enabling zimbra-mta
Enabling zimbra-snmp
Enabling zimbra-logger
Enabling zimbra-apache
Enabling zimbra-spell
Setting defaults...
Setting local config zimbra_java_home to /opt/zimbra/java
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_java_home='/opt/zimbra/java' 2> /dev/null
checking isEnabled zimbra-cluster
zimbra-cluster not in enabled cache
enabled packages zimbra-logger zimbra-store zimbra-mta zimbra-core zimbra-apache zimbra-snmp zimbra-ldap zimbra-spell
Newinstall enabling all installed packages
Enabling zimbra-core
Enabling zimbra-ldap
Enabling zimbra-store
Enabling zimbra-mta
Enabling zimbra-snmp
Enabling zimbra-logger
Enabling zimbra-apache
Enabling zimbra-spell
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled


DNS ERROR resolving MX for mail1.r8esc.k12.in.us
It is suggested that the domain name have an MX record configured in DNS


DNS ERROR resolving MX for mail1.r8esc.k12.in.us
It is suggested that the domain name have an MX record configured in DNS
done.
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-spell
zimbra-spell is enabled
Checking for port conflicts
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-logger
zimbra-logger is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
Global config attribute retrieved from ldap: zimbraSpamIsSpamAccount=
Global config attribute retrieved from ldap: zimbraSpamIsNotSpamAccount=
Global config attribute retrieved from ldap: zimbraNotebookAccount=
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-archiving
zimbra-archiving not in enabled cache
enabled packages zimbra-logger zimbra-store zimbra-mta zimbra-core zimbra-apache zimbra-cluster zimbra-snmp zimbra-ldap zimbra-spell
Newinstall enabling all installed packages
Enabling zimbra-core
Enabling zimbra-ldap
Enabling zimbra-store
Enabling zimbra-mta
Enabling zimbra-snmp
Enabling zimbra-logger
Enabling zimbra-apache
Enabling zimbra-spell
checking isComponentAvailable archiving
Component archiving is not available.
checking isEnabled zimbra-snmp
zimbra-snmp is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
DEBUG: Checking for timezones in /opt/zimbra/conf/timezones.ics
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-archiving
zimbra-archiving is not enabled
checking isComponentAvailable archiving
Component archiving is not available.
checking isEnabled zimbra-snmp
zimbra-snmp is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-archiving
zimbra-archiving is not enabled
checking isComponentAvailable archiving
Component archiving is not available.
checking isEnabled zimbra-snmp
zimbra-snmp is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-archiving
zimbra-archiving is not enabled
checking isComponentAvailable archiving
Component archiving is not available.
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-archiving
zimbra-archiving is not enabled
checking isComponentAvailable archiving
Component archiving is not available.
checking isEnabled zimbra-snmp
zimbra-snmp is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
checking isEnabled zimbra-store
zimbra-store is enabled
checking isEnabled zimbra-mta
zimbra-mta is enabled
checking isEnabled zimbra-archiving
zimbra-archiving is not enabled
checking isComponentAvailable archiving
Component archiving is not available.
checking isEnabled zimbra-snmp
zimbra-snmp is enabled
Saving config in /opt/zimbra/config.18977...
done.
Operations logged to /tmp/zmsetup.01222008-132937.log
Setting local config values...
Setting local config zimbra_server_hostname to mail1.r8esc.k12.in.us
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_server_hostname='mail1.r8esc.k12.in.us' 2> /dev/null
Setting local config ldap_master_url to ldap://mail1.r8esc.k12.in.us:389
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_master_url='ldap://mail1.r8esc.k12.in.us:389' 2> /dev/null
Setting local config ldap_url to ldap://mail1.r8esc.k12.in.us:389
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_url='ldap://mail1.r8esc.k12.in.us:389' 2> /dev/null
Setting local config ldap_starttls_supported to 1
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_starttls_supported='1' 2> /dev/null
Setting local config ldap_port to 389
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_port='389' 2> /dev/null
Setting local config ldap_host to mail1.r8esc.k12.in.us
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_host='mail1.r8esc.k12.in.us' 2> /dev/null
Setting local config zimbra_uid to 1001
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_uid='1001' 2> /dev/null
Setting local config zimbra_gid to 1000
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_gid='1000' 2> /dev/null
Setting local config zimbra_user to zimbra
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_user='zimbra' 2> /dev/null
Setting local config av_notify_user to admin@mail1.r8esc.k12.in.us
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e av_notify_user='admin@mail1.r8esc.k12.in.us' 2> /dev/null
Setting local config ssl_allow_untrusted_certs to TRUE
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ssl_allow_untrusted_certs='TRUE' 2> /dev/null
Setting local config mysql_memory_percent to 30
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e mysql_memory_percent='30' 2> /dev/null
Setting local config mailboxd_java_heap_memory_percent to 40
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e mailboxd_java_heap_memory_percent='40' 2> /dev/null
Setting local config mailboxd_directory to /opt/zimbra/mailboxd
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e mailboxd_directory='/opt/zimbra/mailboxd' 2> /dev/null
Setting local config mailboxd_keystore to /opt/zimbra/mailboxd/etc/keystore
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e mailboxd_keystore='/opt/zimbra/mailboxd/etc/keystore' 2> /dev/null
Setting local config mailboxd_server to jetty
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e mailboxd_server='jetty' 2> /dev/null
Setting local config mailboxd_truststore to /opt/zimbra/java/jre/lib/security/cacerts
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e mailboxd_truststore='/opt/zimbra/java/jre/lib/security/cacerts' 2> /dev/null
Setting local config mailboxd_truststore_password to changeit
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e mailboxd_truststore_password='changeit' 2> /dev/null
Setting local config mailboxd_keystore_password to MhcL6uOII
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e mailboxd_keystore_password='MhcL6uOII' 2> /dev/null
Setting local config zimbra_ldap_userdn to uid=zimbra,cn=admins,cn=zimbra
*** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_ldap_userdn='uid=zimbra,cn=admins,cn=zimbra' 2> /dev/null
done.
Setting up CA...
*** Running as root user: /opt/zimbra/bin/zmcertmgr createca -new
done.
Creating SSL certificate...
*** Running as root user: /opt/zimbra/bin/zmcertmgr deploycrt self -new
*** Running as root user: /opt/zimbra/bin/zmcertmgr deploycrt self -new
*** Running as root user: /opt/zimbra/bin/zmcertmgr deploycrt self -new
done.
checking isEnabled zimbra-ldap
zimbra-ldap is enabled
Initializing ldap...
*** Running as zimbra user: /opt/zimbra/libexec/zmldapinit
IO::Socket::INET: connect: Connection refused at /opt/zimbra/libexec/zmldapinit line 160.
failed. (28416)


ERROR



Configuration failed

Please address the error and re-run /opt/zimbra/libexec/zmsetup.pl to
complete the configuration.

Errors have been logged to /tmp/zmsetup.01222008-132937.log

Ifconfig setup

Code:

eth0      Link encap:Ethernet  HWaddr 00:0C:29:84:11:AF
          inet addr:165.138.176.10  Bcast:165.138.176.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe84:11af/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13857 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13316 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:6575832 (6.2 Mb)  TX bytes:2863762 (2.7 Mb)
          Interrupt:17 Base address:0x1400

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:52 errors:0 dropped:0 overruns:0 frame:0
          TX packets:52 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3488 (3.4 Kb)  TX bytes:3488 (3.4 Kb)

If I forgot to post some vital piece of info, please let me know.
Thanks for any and all help anyone can provide!

[bigmudcake]

Hi,

I am glad the instructions worked well.

I have found that Zimbra is very dependant on a correctly setup DNS system, and rightly so.

Without blowing my own trumpet too much :-) I current have both my existing sendmail/IMAP system (running on Rethat 6.2 would you believe) and a Zimbra mail server serving successfully together on the same domain. This allows me to migrate from old to new system at my own time and speed. The trick is, to have a DNS correctly setup, all your IP addresses and subnets correctly routable and in tune with what the DNS server expects.

My old sendmail server has its own DNS server which it always refers to.

My new server also has its own DNS server which it also refers to.

Do not mix the two up, otherwise strange things happen.

Anyway, on the forums here I do see alot of questions regarding DNS setup and wondering why more info is not given. Well, each OS has their own ways of setting up a DNS server, and its not the role of Zimbra to ensure a correct DNS server is setup.

Now for setting up a DNS server on openSUSE, using YAST is your friend, it greatly automates the process. Have a look through the openSUSE website and the general linux HOWTO's on how to setup a DNS server correctly.

But when your getting a "connection refused", it usually means that the server is setup on an IP address that is different than what the DNS is trying to direct traffic to, or the server is not running at all.

Anyway, I am sorry I dont have more time to explain now, I will eventually document and publish my multiple migration system setup here soon.

Cheers
bigmudcake

[r8escjohn]

I just now finished up with loading a clean install of OpenSUSE 10.2 and low and behold install of Zimbra ZCS 5.0 went without a single hitch.....
I'm a happy camper now!

[mmorse]

Quote:

Originally Posted by r8escjohn

I just now finished up with loading a clean install of OpenSUSE 10.2 and low and behold install of Zimbra ZCS 5.0 went without a single hitch.....
I'm a happy camper now!

Welcome to forums & the Zimbra experience!

[dwmtractor]

Quote:

Originally Posted by bigmudcake

I have found that Zimbra is very dependant on a correctly setup DNS system, and rightly so.:
(snip)

Anyway, on the forums here I do see alot of questions regarding DNS setup and wondering why more info is not given. Well, each OS has their own ways of setting up a DNS server, and its not the role of Zimbra to ensure a correct DNS server is setup.

You are absolutely right that DNS is indispensable to a properly working Zimbra server. I'm a little puzzled by your comment that more info isn't available. Here are several articles that may help:

DNS - Zimbra :: Wiki
Split DNS - Zimbra :: Wiki
http://www.zimbra.com/blog/archives/...ogether_1.html
Ubuntu 6.06 Server (Dapper Drake) Beginner's Install Guide - Zimbra :: Wiki

While this last one is about Ubuntu installation it's one of the few places bind9 is discussed instead of regular bind.

In addition, there is a ton of stuff in forum threads that may also help you out. Just use the search term "DNS" in the Zimbra Forums search window and you will get lots of hits, some of which may be relevant to you.

Welcome to the Zimbra world!

Dan