Results 1 to 4 of 4

Thread: [SOLVED] zmsetup issue ldap 28160

  1. #1
    jbond1967 is offline Junior Member
    Join Date
    Nov 2009
    Posts
    6
    Rep Power
    5

    Default [SOLVED] zmsetup issue ldap 28160

    I'm having an issue with the zmsetup.pl script. I did a search on my error and found ldap initialization failed, which says I need to check my mx record and my /etc/hosts file (done).

    I'm still getting errors.

    The error in the script:

    DNS ERROR resolving MX for mail.myserver.com
    It is suggested that the domain name have an MX record configured in DNS

    If I force the script to go on, I get the following error in the log

    IO::Socket::INET: connect: timeout at /opt/zimbra/libexec/zmldapinit line 136.
    Tue Nov 3 12:10:51 2009 failed. (28160)

    now, my mx record is correct: dig mail.myserver.com returns (sanitized for my privacy, of course):

    [INDENT]; QUESTION SECTION:
    ;mail.myserver.com. IN A

    ;; ANSWER SECTION:
    mail.myserver.com. XXXX IN A XX.XX.XX.XX

    ;; AUTHORITY SECTION:
    myserver.com. XXXXX IN NS xx.worldnic.com.
    myserver.com. XXXXX IN NS xx.worldnic.com.


    and my etc/hosts file contains the two following lines
    127.0.0.1 localhost.localdomain
    XX.XX.XX.XX mail.myserver.com mail

    I'm at a loss. Suggestions,

    Thanks

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,566
    Rep Power
    57

    Default

    You have not shown any evidence that your MX record is correct or even exists. Post the output of the following commands (run on the zimbra server):

    Code:
    cat /etc/hosts
    cat /etc/resolv.conf
    dig yourdomain.com any
    dig yourdomain.com mx
    host `hostname`  <-- use that exact command with backticks not single quotes
    Please note that the domain name in the dig commands should be yourdomain.com and not mail.yourdomain.com (that's the FQDN of your server) and that's probably why the install is failing.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    jbond1967 is offline Junior Member
    Join Date
    Nov 2009
    Posts
    6
    Rep Power
    5

    Default

    It looks like you're right, I ran the dig and got the wrong ip address for the A record. It is probably the source of the problem. I changed the base address to match the server address. I will wait for the address to propagate and try again.

    If that doesn't work, I will post the results to all the commands you requested. Else I will document the mistakes I made and what was done to solve them and mark the post solved.

    Thanks,
    Joe

  4. #4
    jbond1967 is offline Junior Member
    Join Date
    Nov 2009
    Posts
    6
    Rep Power
    5

    Default

    I decided to try a different approach (well, I was told to test the install behind the firewall). The firewall is 10.1.10.1 (LAN side) and DNS also runs on it. The mail is 10.1.10.4, and cvt.local is the internal domain. I placed an MX record on the DNS server. Now, the LDAP error is gone, but much of the installation following fails.

    The installation log is *huge* and won't fit in this post, but I'm seeing hundreds of errors relating to LDAP.

    Examples:
    Code:
    Wed Nov  4 12:37:56 2009 This is the ldap master and ldap hasn't been configured yet.
    
    Wed Nov  4 12:38:45 2009 ERROR: service.FAILURE (system failure: unable to lookup server by name: mail.checkmypharm.com message: [LDAP: error code 49 - Invalid Credentials]) (cause: javax.naming.AuthenticationException [LDAP: error code 49 - Invalid Credentials])
    
    etc.
    so, here are the results of the command outputs you requested (run from the mail server)

    Code:
    [root@mail /]# cat /etc/hosts
    127.0.0.1       localhost localhost.localdomain
    10.1.10.4       mail.checkmypharm.com mail
    Code:
    cat /etc/resolv.conf
    domain          cvt.local
    search          cvt.local
    nameserver      10.1.10.1
    and since you will probably ask, the firewall resolv.conf

    Code:
    firewall.cvt.local{root}[78]: cat /etc/resolv.conf
    domain cvt.local
    search cvt.local
    nameserver 10.1.10.1
    nameserver 66.7.224.17
    nameserver 66.7.224.18
    nameserver 4.2.2.1
    Code:
    [root@mail /]# dig checkmypharm.com any
    
    ; <<>> DiG 9.6.1-P1-RedHat-9.6.1-6.P1.fc11 <<>> checkmypharm.com any
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44644
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 2
    
    ;; QUESTION SECTION:
    ;checkmypharm.com.              IN      ANY
    
    ;; ANSWER SECTION:
    checkmypharm.com.       86400   IN      SOA     firewall.cvt.local. root.checkmypharm.com. 2009110402 10800 900 604800 86400
    checkmypharm.com.       86400   IN      NS      firewall.cvt.local.
    checkmypharm.com.       86400   IN      MX      0 mail.checkmypharm.com.
    checkmypharm.com.       86400   IN      A       10.1.10.4
    
    ;; ADDITIONAL SECTION:
    firewall.cvt.local.     86400   IN      A       10.1.10.1
    mail.checkmypharm.com.  86400   IN      A       10.1.10.4
    
    ;; Query time: 1 msec
    ;; SERVER: 10.1.10.1#53(10.1.10.1)
    ;; WHEN: Wed Nov  4 13:07:15 2009
    ;; MSG SIZE  rcvd: 176
    Code:
    [root@mail /]# dig checkmypharm.com mx
    
    ; <<>> DiG 9.6.1-P1-RedHat-9.6.1-6.P1.fc11 <<>> checkmypharm.com mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61431
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
    
    ;; QUESTION SECTION:
    ;checkmypharm.com.              IN      MX
    
    ;; ANSWER SECTION:
    checkmypharm.com.       86400   IN      MX      0 mail.checkmypharm.com.
    
    ;; AUTHORITY SECTION:
    checkmypharm.com.       86400   IN      NS      firewall.cvt.local.
    
    ;; ADDITIONAL SECTION:
    mail.checkmypharm.com.  86400   IN      A       10.1.10.4
    firewall.cvt.local.     86400   IN      A       10.1.10.1
    
    ;; Query time: 1 msec
    ;; SERVER: 10.1.10.1#53(10.1.10.1)
    ;; WHEN: Wed Nov  4 13:08:07 2009
    ;; MSG SIZE  rcvd: 119
    So far I *think* there is not a problem... however, the next result looks problematic to me:

    Code:
    [root@mail /]# host `hostname`
    mail.cvt.local has address 10.1.10.4
    I've spent several days on this, and am starting to think this project is beyond me. Unless the solution is clearly solvable by me based on the feedback I get here, I plan on advocating the hiring of a Zimbra consultant, letting me get back to my other duties.

    Thanks for your help,

    Joe

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 23
    Last Post: 01-24-2013, 03:44 PM
  2. LDAP Filter issue and GAL
    By G-Money in forum Administrators
    Replies: 2
    Last Post: 06-24-2010, 12:13 PM
  3. Replies: 8
    Last Post: 08-07-2008, 05:18 AM
  4. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM
  5. External LDAP Authentication Issue
    By xtreme-one in forum Installation
    Replies: 10
    Last Post: 02-16-2007, 07:52 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •