Results 1 to 7 of 7

Thread: Problem installing ZCS 8.0.2 - ldap connection

  1. #1
    gerardsd is offline Junior Member
    Join Date
    Jan 2013
    Posts
    6
    Rep Power
    2

    Default Problem installing ZCS 8.0.2 - ldap connection

    Hi everyone,

    I am trying to install ZCS 8.0.2 on a SLES 11 VM. This is my very first experience with zimbra.
    We have an existing openLDAP domain, so I want to connect Zimbra with our external domain.

    I am stucked in the first step of the configuration wizard - the ldap admin password cannot get verified.

    Code:
       1) Hostname:                                zimbra.DOMAIN-ac.de
       2) Ldap master host:                        DOMAIN2a.DOMAIN-ac.de
       3) Ldap port:                               389
    ** 4) Ldap Admin password:                     Not Verified
       5) LDAP Base DN:                            cn=manager,dc=DOMAIN-ac,dc=de
       6) Secure interprocess communications:      yes
       7) TimeZone:                                Europe/Berlin
       8) IP Mode:                                 ipv4
    
    (domain name changed)
    Message in /tmp/zmsetup.log:

    Code:
    Mon Jan 28 07:43:10 2013 Checking ldap on DOMAIN2a.DOMAIN-ac.de:389
    Mon Jan 28 07:43:10 2013 Unable to bind to ldap://DOMAIN2a.DOMAIN-ac.de:389 with user uid=zimbra,cn=admins,cn=zimbra:
    Mon Jan 28 07:43:10 2013 Couldn't bind to DOMAIN2a.DOMAIN-ac.de as uid=zimbra,cn=admins,cn=zimbra
    Mon Jan 28 07:43:10 2013 mta configuration not complete
    Mon Jan 28 07:43:10 2013 Checking ldap on DOMAIN2a.DOMAIN-ac.de:389
    Mon Jan 28 07:43:10 2013 Unable to bind to ldap://DOMAIN2a.DOMAIN-ac.de:389 with user uid=zmpostfix,cn=appaccts,cn=manager,dc=DOMAIN-ac,dc=de:
    Mon Jan 28 07:43:10 2013 Couldn't bind to DOMAIN2a.DOMAIN-ac.de as uid=zmpostfix,cn=appaccts,cn=manager,dc=DOMAIN-ac,dc=de
    Mon Jan 28 07:43:10 2013 Checking ldap on DOMAIN2a.DOMAIN-ac.de:389
    Mon Jan 28 07:43:10 2013 Unable to bind to ldap://DOMAIN2a.DOMAIN-ac.de:389 with user uid=zmamavis,cn=appaccts,cn=manager,dc=DOMAIN-ac,dc=de:
    Mon Jan 28 07:43:10 2013 Couldn't bind to DOMAIN2a.DOMAIN-ac.de as uid=zmamavis,cn=appaccts,cn=manager,dc=DOMAIN-ac,dc=de
    I can't find anything in the documentation in regards to creating LDAP accounts on the existing domain.
    Zimbra automatically adds to my search base "cn=manager,dc=DOMAIN-ac,dc=de" the zimbra user?!

    Why? Can I change that?
    If not, isn't that mentioned in the installation guide that these users are needed?

    Thanks a lot for your help!
    Rg

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    Quote Originally Posted by gerardsd View Post
    I can't find anything in the documentation in regards to creating LDAP accounts on the existing domain.
    Zimbra automatically adds to my search base "cn=manager,dc=DOMAIN-ac,dc=de" the zimbra user?!
    Are you implying that you haven't installed the Zimbra LDAP server? If that's the case you need it, ZCS uses LDAP for more that just the user account details.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    gerardsd is offline Junior Member
    Join Date
    Jan 2013
    Posts
    6
    Rep Power
    2

    Default

    I do not have the Zimbra LDAP installed, thats right, because I want to use my existing LDAP.
    So I have to create the users zimbra, zmpostfix and zmamavis in my LDAP prior installation?

    Actually I want to use a different account for the LDAP connection...

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    Quote Originally Posted by gerardsd View Post
    I do not have the Zimbra LDAP installed, thats right, because I want to use my existing LDAP.
    As I've already said (and it's covered many times in these forums), you need to install Zimbra LDAP.

    Quote Originally Posted by gerardsd View Post
    So I have to create the users zimbra, zmpostfix and zmamavis in my LDAP prior installation?
    No, that has nothing to do with installing Zimbra.

    Quote Originally Posted by gerardsd View Post
    Actually I want to use a different account for the LDAP connection...
    I don't understand what you mean by that statement.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    quanah is offline Zimbra Employee
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,262
    Rep Power
    10

    Default

    It is required to install Zimbra's LDAP server. You can later configure your ZCS instance to use your existing OpenLDAP instance for external authentication, but Zimbra still needs its own OpenLDAP installation for the data it tracks internally.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  6. #6
    gerardsd is offline Junior Member
    Join Date
    Jan 2013
    Posts
    6
    Rep Power
    2

    Default

    Sorry for the delay and many thanks for your answers.
    I've tried to install it with Zimbra-LDAP, but now I am facing the next problem:

    Code:
    Error while installation:
    Tue Feb  5 10:51:04 2013 *** Running as zimbra user: /opt/zimbra/bin/ldap start
    /opt/zimbra/bin/ldap: line 50: kill: (15443) - No such process
    /opt/zimbra/bin/ldap: line 50: kill: (17124) - No such process
    /opt/zimbra/bin/ldap: line 50: kill: (17219) - No such process
    /opt/zimbra/bin/ldap: line 50: kill: (17272) - No such process
    /opt/zimbra/bin/ldap: line 50: kill: (17278) - No such process
    /opt/zimbra/bin/ldap: line 50: kill: (17319) - No such process
    /opt/zimbra/bin/ldap: line 50: kill: (17390) - No such process
    Failed to start slapd.  Attempting debug start to determine error.
    
    Tue Feb  5 10:51:42 2013 failed with exit code: 256.
    Tue Feb  5 10:52:58 2013 Setting defaults from ldap...
    Here's some imformation:

    Code:
     
    cat /etc/hosts
    VMGROUPWARE-TEST:/var/tmp/zcs_8.0.2 # cat /etc/hosts
    # IP-Address  Full-Qualified-Hostname  Short-Hostname
    #
    127.0.0.1       localhost
    172.29.17.93    VMGROUPWARE-TEST.test.DOAMIN.COM VMGROUPWARE-TEST
    Code:
    cat /etc/resolv.conf
    VMGROUPWARE-TEST:/var/tmp/zcs_8.0.2 # cat /etc/resolv.conf
    search test.DOAMIN.COM
    #nameserver 172.29.1.15
    nameserver 172.29.1.14
    Code:
    dig yourdomain mx
    VMGROUPWARE-TEST:/var/tmp/zcs_8.0.2 # dig test.DOAMIN.COM MX
    
    ; <<>> DiG 9.6-ESV-R7-P1 <<>> test.DOAMIN.COM MX
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29337
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
    
    ;; QUESTION SECTION:
    ;test.DOAMIN.COM.                        IN      MX
    
    ;; ANSWER SECTION:
    test.DOAMIN.COM.         86400   IN      MX      99 vmgroupware-test.test.DOAMIN.COM.
    
    ;; AUTHORITY SECTION:
    DOAMIN.COM.              86400   IN      NS      NS1.DOAMIN.COM.
    DOAMIN.COM.              86400   IN      NS      NS2.DOAMIN.COM.
    
    ;; ADDITIONAL SECTION:
    vmgroupware-test.test.DOAMIN.COM. 86400 IN A     172.29.17.93
    
    ;; Query time: 0 msec
    ;; SERVER: 172.29.1.14#53(172.29.1.14)
    ;; WHEN: Tue Feb  5 11:08:17 2013
    ;; MSG SIZE  rcvd: 117
    Code:
    dig yourdomain any
    VMGROUPWARE-TEST:/var/tmp/zcs_8.0.2 # dig test.DOAMIN.COM any
    
    ; <<>> DiG 9.6-ESV-R7-P1 <<>> test.DOAMIN.COM any
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60683
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
    
    ;; QUESTION SECTION:
    ;test.DOAMIN.COM.                        IN      ANY
    
    ;; ANSWER SECTION:
    test.DOAMIN.COM.         86400   IN      MX      99 vmgroupware-test.test.DOAMIN.COM.
    
    ;; AUTHORITY SECTION:
    DOAMIN.COM.              86400   IN      NS      NS2.DOAMIN.COM.
    DOAMIN.COM.              86400   IN      NS      NS1.DOAMIN.COM.
    
    ;; ADDITIONAL SECTION:
    vmgroupware-test.test.DOAMIN.COM. 86400 IN A     172.29.17.93
    
    ;; Query time: 0 msec
    ;; SERVER: 172.29.1.14#53(172.29.1.14)
    ;; WHEN: Tue Feb  5 11:08:43 2013
    ;; MSG SIZE  rcvd: 117
    Code:
    host `hostname` <- note backticks and not single quotes
    VMGROUPWARE-TEST:/var/tmp/zcs_8.0.2 # host `hostname`
    VMGROUPWARE-TEST.test.DOAMIN.COM has address 172.29.17.93
    Is the only way to solve this the Split-DNS solution?

    Many thanks for your help,
    Kind regards

  7. #7
    gerardsd is offline Junior Member
    Join Date
    Jan 2013
    Posts
    6
    Rep Power
    2

    Default

    After reinstallation of SLES11 everything is working fine. So this is solved.

    Thanks a lot for your help,
    rg

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Problem installing LDAP replica (7.0.0)
    By CSVantage in forum Installation
    Replies: 3
    Last Post: 02-25-2011, 12:08 PM
  2. [SOLVED] Problem with LDAP connection
    By diosney in forum Administrators
    Replies: 4
    Last Post: 11-04-2010, 06:03 AM
  3. [SOLVED] Problem with LDAP connection
    By diosney in forum Migration
    Replies: 3
    Last Post: 11-04-2010, 01:46 AM
  4. Problem with ldap external connection
    By paabloop in forum Administrators
    Replies: 6
    Last Post: 09-24-2010, 01:55 PM
  5. Problem with ldap external connection
    By paabloop in forum General Questions
    Replies: 3
    Last Post: 09-21-2010, 12:16 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •