Results 1 to 5 of 5

Thread: setting up mailbox server with AD + proxy

  1. #1
    danber is offline Junior Member
    Join Date
    Jan 2012
    Location
    Italy
    Posts
    7
    Rep Power
    3

    Default setting up mailbox server with AD + proxy

    Hi all, I am trying to setup a new zimbra environment (open source for the moment) with two server installation (both on ubuntu 10.04).
    The first server is in internal network and is a mailbox for an internal domain. I did install on it all components except proxy with internal auth. After this, using admin console, I did change the auth to Active Directory. So far, so good: accounts are receiving messages and I can use webmail or imap with thunderbird.
    On the next step I did install a second server on the public network with proxy and I am trying to use this server to proxy imap to the internal server, so now I can see both servers in the admin gui of the internal server and I can also work with emails using the external http (I believe this means that the protocol between the two servers is ok and also authentication).
    My problem arise when I configure my account on thunderbird to use the external server instead of the internal: I always got authentication error.
    In nginx.log I got:
    2012/01/03 17:32:13 [info] 26068#0: *7 upstream sent invalid response: "2 NO mechanism not supported: PLAIN" while reading response from upstream, client: 172.18.21.102, server: 0.0.0.0:993, login: "daniele", upstream: 172.18.10.145:143 (172.18.21.102:43961-159.213.51.154:993) <=> (159.213.51.154:44256-172.18.10.145:143)
    Following this I issued the command: zmprov ms $(zmhostname) zimbraReverseProxyImapSaslPlainEnabled TRUE
    on both servers but nothing changed.
    Any clue?
    Thank you
    Daniele Bernazzi

  2. #2
    inqueue is offline Zimbra Employee
    Join Date
    Mar 2006
    Location
    Greenwood, IN
    Posts
    90
    Rep Power
    9

    Default

    Make sure you run libexec/zmproxyconfig on the backend mailstores. If this has been done, be sure to set zimbraImapCleartextLoginEnabled on the mailstores to TRUE.

    zmprov gs `zmhostname` zimbraImapCleartextLoginEnabled
    zmprov ms `zmhostname` zimbraImapCleartextLoginEnabled TRUE

  3. #3
    danber is offline Junior Member
    Join Date
    Jan 2012
    Location
    Italy
    Posts
    7
    Rep Power
    3

    Default

    Great: it works!
    The problem was about the locking coming from the flag "This server is a reverse proxy lookup target": setting it disable the possibility to change zimbraImapCleartextLoginEnabled but it leave it unchanged (it does not force it to a specific value!), so the solution was to uncheck the flag, change the other option and recheck the flag.
    BTW I have another marginal question (if you know the answer) where are the ip ports 7143 and 7993 used? they are not opened in listening on both servers and so I am puzzled about them. I believed 143 and 993 are open for the client and 7143 and 7993 are the corresponding port that should be open on the mailbox server for the use by the proxy server, but I guess this is not true. So, how it works?
    Thank you a lot.
    Daniele

  4. #4
    inqueue is offline Zimbra Employee
    Join Date
    Mar 2006
    Location
    Greenwood, IN
    Posts
    90
    Rep Power
    9

    Default

    Ports 7143 and 7993 are the designated listener ports for the mailstore when proxy and mailboxd are running on the same host to avoid port conflicts. In a multi-node setup, you will see those ports configured in the server object in LDAP regardless of which services are running on the actual host.

    zimbraImapBindPort: 7143
    zimbraImapSSLBindPort: 7993

    and

    zimbraPop3SSLBindPort: 7995
    zimbraPop3BindPort: 7110

    The values above are used only by mailboxd. These values are ignored by the proxy service even though they will be configured.

  5. #5
    danber is offline Junior Member
    Join Date
    Jan 2012
    Location
    Italy
    Posts
    7
    Rep Power
    3

    Default [SOLVED] setting up mailbox server with AD + proxy

    thank you
    Daniele

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Zimbra cannot access via Web Interface
    By troya in forum Administrators
    Replies: 8
    Last Post: 03-21-2012, 11:54 PM
  2. Replies: 6
    Last Post: 10-20-2011, 06:12 AM
  3. [SOLVED] Multi Server - DNS - Imapproxy
    By innercy in forum Installation
    Replies: 1
    Last Post: 12-29-2007, 10:21 PM
  4. segfault installing mailbox server
    By maumar in forum Administrators
    Replies: 2
    Last Post: 08-22-2007, 05:42 AM
  5. Error 256 on Installation
    By RuinExplorer in forum Installation
    Replies: 5
    Last Post: 10-19-2006, 09:19 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •