Zimbra

caio80 · #1 (**permalink**) 02-19-2010, 08:35 AM

Hi folks, quite a bit since my last post...

Anyways, these days I'm moving our ZCS X86_64 5.0.14 to vSphere, by means of rsync. New VM's gonna ship RHEL 5.4 latest patches, while production server is stuck to 5.2
Anyways I've tried today during lunch break to stop zimbra, rsync-ing it all and rebootstrapping in its new virtual machine. Looks fine, so I'll definitely move it on tuesday.
Being in the mood I also tried to upgrade to 6.0.5. Seems fine as well, but by checking the logs I can see something went wrong...

This shows up many times in the installation log file:

Code:

Fri Feb 19 16:16:34 2010 Getting available components
Fri Feb 19 16:16:38 2010 checking isEnabled zimbra-ldap
Fri Feb 19 16:16:38 2010 zimbra-ldap is enabled
Fri Feb 19 16:16:38 2010 checking isEnabled zimbra-store
Fri Feb 19 16:16:38 2010 zimbra-store is enabled
Fri Feb 19 16:16:38 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:38 2010 Verified ldap running at ldap://zimbra.mydomain.it:389
Fri Feb 19 16:16:38 2010 Setting local config ldap_url to ldap://zimbra.mydomain.it:389
Fri Feb 19 16:16:38 2010 *** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_url='ldap://zimbra.mydomain.it:389' 2> /dev/null
Fri Feb 19 16:16:38 2010 Setting local config ldap_starttls_supported to 1
Fri Feb 19 16:16:38 2010 *** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e ldap_starttls_supported='1' 2> /dev/null
Fri Feb 19 16:16:39 2010 Setting local config zimbra_require_interprocess_security to 1
Fri Feb 19 16:16:39 2010 *** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_require_interprocess_security='1' 2> /dev/null
Fri Feb 19 16:16:39 2010 Verified uid=zimbra,cn=admins,cn=zimbra on zimbra.mydomain.it.
Fri Feb 19 16:16:39 2010 Setting local config zimbra_ldap_password to 
Fri Feb 19 16:16:39 2010 *** Running as zimbra user: /opt/zimbra/bin/zmlocalconfig -f -e zimbra_ldap_password='' 2> /dev/null
Fri Feb 19 16:16:39 2010 nginx configuration not complete
Fri Feb 19 16:16:39 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:39 2010 Unable to bind to ldap://zimbra.mydomain.it:389 with user uid=zmnginx,cn=appaccts,cn=zimbra:
Fri Feb 19 16:16:39 2010 Couldn't bind to zimbra.mydomain.it as uid=zmnginx,cn=appaccts,cn=zimbra
Fri Feb 19 16:16:40 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Verified ldap running at ldap://zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_url=ldap://zimbra.mydomain.it:389.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_starttls_supported=1.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for zimbra_require_interprocess_security=1.
Fri Feb 19 16:16:40 2010 Verified uid=zmpostfix,cn=appaccts,cn=zimbra on zimbra.mydomain.it.
Fri Feb 19 16:16:40 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Verified ldap running at ldap://zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_url=ldap://zimbra.mydomain.it:389.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_starttls_supported=1.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for zimbra_require_interprocess_security=1.
Fri Feb 19 16:16:40 2010 Verified uid=zmamavis,cn=appaccts,cn=zimbra on zimbra.mydomain.it.
Fri Feb 19 16:16:40 2010 Returning cached global config attribute: zimbraSpamIsSpamAccount=spam.xvocfm7_ka@zimbra.mydomain.it
Fri Feb 19 16:16:40 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Verified ldap running at ldap://zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_url=ldap://zimbra.mydomain.it:389.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_starttls_supported=1.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for zimbra_require_interprocess_security=1.
Fri Feb 19 16:16:40 2010 Verified uid=zimbra,cn=admins,cn=zimbra on zimbra.mydomain.it.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for zimbra_ldap_password=.
Fri Feb 19 16:16:40 2010 nginx configuration not complete
Fri Feb 19 16:16:40 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Unable to bind to ldap://zimbra.mydomain.it:389 with user uid=zmnginx,cn=appaccts,cn=zimbra:
Fri Feb 19 16:16:40 2010 Couldn't bind to zimbra.mydomain.it as uid=zmnginx,cn=appaccts,cn=zimbra
Fri Feb 19 16:16:40 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Verified ldap running at ldap://zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_url=ldap://zimbra.mydomain.it:389.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_starttls_supported=1.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for zimbra_require_interprocess_security=1.
Fri Feb 19 16:16:40 2010 Verified uid=zmpostfix,cn=appaccts,cn=zimbra on zimbra.mydomain.it.
Fri Feb 19 16:16:40 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Verified ldap running at ldap://zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_url=ldap://zimbra.mydomain.it:389.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_starttls_supported=1.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for zimbra_require_interprocess_security=1.
Fri Feb 19 16:16:40 2010 Verified uid=zmamavis,cn=appaccts,cn=zimbra on zimbra.mydomain.it.
Fri Feb 19 16:16:40 2010 Returning cached global config attribute: zimbraSpamIsNotSpamAccount=ham.fyengxx_p@zimbra.mydomain.it
Fri Feb 19 16:16:40 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Verified ldap running at ldap://zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_url=ldap://zimbra.mydomain.it:389.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_starttls_supported=1.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for zimbra_require_interprocess_security=1.
Fri Feb 19 16:16:40 2010 Verified uid=zimbra,cn=admins,cn=zimbra on zimbra.mydomain.it.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for zimbra_ldap_password=.
Fri Feb 19 16:16:40 2010 nginx configuration not complete
Fri Feb 19 16:16:40 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Unable to bind to ldap://zimbra.mydomain.it:389 with user uid=zmnginx,cn=appaccts,cn=zimbra:
Fri Feb 19 16:16:40 2010 Couldn't bind to zimbra.mydomain.it as uid=zmnginx,cn=appaccts,cn=zimbra
Fri Feb 19 16:16:40 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Verified ldap running at ldap://zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_url=ldap://zimbra.mydomain.it:389.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_starttls_supported=1.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for zimbra_require_interprocess_security=1.
Fri Feb 19 16:16:40 2010 Verified uid=zmpostfix,cn=appaccts,cn=zimbra on zimbra.mydomain.it.
Fri Feb 19 16:16:40 2010 Checking ldap on zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Verified ldap running at ldap://zimbra.mydomain.it:389
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_url=ldap://zimbra.mydomain.it:389.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for ldap_starttls_supported=1.
Fri Feb 19 16:16:40 2010 Skipping update of unchanged value for zimbra_require_interprocess_security=1.
Fri Feb 19 16:16:40 2010 Verified uid=zmamavis,cn=appaccts,cn=zimbra on zimbra.mydomain.it.
Fri Feb 19 16:16:40 2010 Returning cached global config attribute: zimbraNotebookAccount=wiki@zimbra.mydomain.it

while this 4-5 times:

Code:

Fri Feb 19 16:27:37 2010 checking isEnabled zimbra-ldap
Fri Feb 19 16:27:37 2010 zimbra-ldap is enabled
Fri Feb 19 16:27:37 2010 Setting replication password...
Fri Feb 19 16:27:37 2010 *** Running as zimbra user: /opt/zimbra/bin/zmldappasswd
TLS: SSL connect attempt failed with unknown errorerror:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01

What do you guys think about it?

Just to make sure I don't take a leap of faith, we're talking about the mail server here...

please keep in mind that I had to add this to rc.local:

Code:

iptables -t nat -A PREROUTING --source 192.100.100.0/24 -p tcp --dport 389 -j REDIRECT --to 8389

the reason behind this is to let another instance of openldap (rhel official bundle) to coexist on port 8389 with zimbra ldap (which resides on std port 389). I just want my users to query the rhel one, and not the zimbra one. You don't wanna know why, trust me... :-( Anyways, never had a problem in almost 2 years, so...

Thanks in advance!

caio80 · #2 (**permalink**) 04-26-2010, 06:30 AM

FYI:

Just tried an OSS version upgrade (5.0.11->6.0.6), same errors...

caio80 · #3 (**permalink**) 04-26-2010, 07:22 AM

Solved the last problem by recreating certs:

http://wiki.zimbra.com/wiki/SSL_Certificate_Problems

Still wondering about the first one though....

Zimbra

Downloads

Product Information

Toolbox

Why Join?