Problem installing ZCS 8.0.2 - ldap connection

[gerardsd]

Hi everyone,

I am trying to install ZCS 8.0.2 on a SLES 11 VM. This is my very first experience with zimbra.
We have an existing openLDAP domain, so I want to connect Zimbra with our external domain.

I am stucked in the first step of the configuration wizard - the ldap admin password cannot get verified.

Code:

   1) Hostname:                                zimbra.DOMAIN-ac.de
   2) Ldap master host:                        DOMAIN2a.DOMAIN-ac.de
   3) Ldap port:                               389
** 4) Ldap Admin password:                     Not Verified
   5) LDAP Base DN:                            cn=manager,dc=DOMAIN-ac,dc=de
   6) Secure interprocess communications:      yes
   7) TimeZone:                                Europe/Berlin
   8) IP Mode:                                 ipv4

(domain name changed)

Message in /tmp/zmsetup.log:

Code:

Mon Jan 28 07:43:10 2013 Checking ldap on DOMAIN2a.DOMAIN-ac.de:389
Mon Jan 28 07:43:10 2013 Unable to bind to ldap://DOMAIN2a.DOMAIN-ac.de:389 with user uid=zimbra,cn=admins,cn=zimbra:
Mon Jan 28 07:43:10 2013 Couldn't bind to DOMAIN2a.DOMAIN-ac.de as uid=zimbra,cn=admins,cn=zimbra
Mon Jan 28 07:43:10 2013 mta configuration not complete
Mon Jan 28 07:43:10 2013 Checking ldap on DOMAIN2a.DOMAIN-ac.de:389
Mon Jan 28 07:43:10 2013 Unable to bind to ldap://DOMAIN2a.DOMAIN-ac.de:389 with user uid=zmpostfix,cn=appaccts,cn=manager,dc=DOMAIN-ac,dc=de:
Mon Jan 28 07:43:10 2013 Couldn't bind to DOMAIN2a.DOMAIN-ac.de as uid=zmpostfix,cn=appaccts,cn=manager,dc=DOMAIN-ac,dc=de
Mon Jan 28 07:43:10 2013 Checking ldap on DOMAIN2a.DOMAIN-ac.de:389
Mon Jan 28 07:43:10 2013 Unable to bind to ldap://DOMAIN2a.DOMAIN-ac.de:389 with user uid=zmamavis,cn=appaccts,cn=manager,dc=DOMAIN-ac,dc=de:
Mon Jan 28 07:43:10 2013 Couldn't bind to DOMAIN2a.DOMAIN-ac.de as uid=zmamavis,cn=appaccts,cn=manager,dc=DOMAIN-ac,dc=de

I can't find anything in the documentation in regards to creating LDAP accounts on the existing domain.
Zimbra automatically adds to my search base "cn=manager,dc=DOMAIN-ac,dc=de" the zimbra user?!

Why? Can I change that?
If not, isn't that mentioned in the installation guide that these users are needed?

Thanks a lot for your help!
Rg

[phoenix]

I can't find anything in the documentation in regards to creating LDAP accounts on the existing domain.
Zimbra automatically adds to my search base "cn=manager,dc=DOMAIN-ac,dc=de" the zimbra user?!

Are you implying that you haven't installed the Zimbra LDAP server? If that's the case you need it, ZCS uses LDAP for more that just the user account details.

[gerardsd]

I do not have the Zimbra LDAP installed, thats right, because I want to use my existing LDAP.
So I have to create the users zimbra, zmpostfix and zmamavis in my LDAP prior installation?

Actually I want to use a different account for the LDAP connection...

[phoenix]

I do not have the Zimbra LDAP installed, thats right, because I want to use my existing LDAP.

As I've already said (and it's covered many times in these forums), you need to install Zimbra LDAP.

So I have to create the users zimbra, zmpostfix and zmamavis in my LDAP prior installation?

No, that has nothing to do with installing Zimbra.

Actually I want to use a different account for the LDAP connection...

I don't understand what you mean by that statement.

[quanah]

It is required to install Zimbra's LDAP server. You can later configure your ZCS instance to use your existing OpenLDAP instance for external authentication, but Zimbra still needs its own OpenLDAP installation for the data it tracks internally.

[gerardsd]

Sorry for the delay and many thanks for your answers.
I've tried to install it with Zimbra-LDAP, but now I am facing the next problem:

Code:

Error while installation:
Tue Feb  5 10:51:04 2013 *** Running as zimbra user: /opt/zimbra/bin/ldap start
/opt/zimbra/bin/ldap: line 50: kill: (15443) - No such process
/opt/zimbra/bin/ldap: line 50: kill: (17124) - No such process
/opt/zimbra/bin/ldap: line 50: kill: (17219) - No such process
/opt/zimbra/bin/ldap: line 50: kill: (17272) - No such process
/opt/zimbra/bin/ldap: line 50: kill: (17278) - No such process
/opt/zimbra/bin/ldap: line 50: kill: (17319) - No such process
/opt/zimbra/bin/ldap: line 50: kill: (17390) - No such process
Failed to start slapd.  Attempting debug start to determine error.

Tue Feb  5 10:51:42 2013 failed with exit code: 256.
Tue Feb  5 10:52:58 2013 Setting defaults from ldap...

Here's some imformation:

Code:

 
cat /etc/hosts
VMGROUPWARE-TEST:/var/tmp/zcs_8.0.2 # cat /etc/hosts
# IP-Address  Full-Qualified-Hostname  Short-Hostname
#
127.0.0.1       localhost
172.29.17.93    VMGROUPWARE-TEST.test.DOAMIN.COM VMGROUPWARE-TEST

Code:

cat /etc/resolv.conf
VMGROUPWARE-TEST:/var/tmp/zcs_8.0.2 # cat /etc/resolv.conf
search test.DOAMIN.COM
#nameserver 172.29.1.15
nameserver 172.29.1.14

Code:

dig yourdomain mx
VMGROUPWARE-TEST:/var/tmp/zcs_8.0.2 # dig test.DOAMIN.COM MX

; <<>> DiG 9.6-ESV-R7-P1 <<>> test.DOAMIN.COM MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29337
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;test.DOAMIN.COM.                        IN      MX

;; ANSWER SECTION:
test.DOAMIN.COM.         86400   IN      MX      99 vmgroupware-test.test.DOAMIN.COM.

;; AUTHORITY SECTION:
DOAMIN.COM.              86400   IN      NS      NS1.DOAMIN.COM.
DOAMIN.COM.              86400   IN      NS      NS2.DOAMIN.COM.

;; ADDITIONAL SECTION:
vmgroupware-test.test.DOAMIN.COM. 86400 IN A     172.29.17.93

;; Query time: 0 msec
;; SERVER: 172.29.1.14#53(172.29.1.14)
;; WHEN: Tue Feb  5 11:08:17 2013
;; MSG SIZE  rcvd: 117

Code:

dig yourdomain any
VMGROUPWARE-TEST:/var/tmp/zcs_8.0.2 # dig test.DOAMIN.COM any

; <<>> DiG 9.6-ESV-R7-P1 <<>> test.DOAMIN.COM any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60683
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;test.DOAMIN.COM.                        IN      ANY

;; ANSWER SECTION:
test.DOAMIN.COM.         86400   IN      MX      99 vmgroupware-test.test.DOAMIN.COM.

;; AUTHORITY SECTION:
DOAMIN.COM.              86400   IN      NS      NS2.DOAMIN.COM.
DOAMIN.COM.              86400   IN      NS      NS1.DOAMIN.COM.

;; ADDITIONAL SECTION:
vmgroupware-test.test.DOAMIN.COM. 86400 IN A     172.29.17.93

;; Query time: 0 msec
;; SERVER: 172.29.1.14#53(172.29.1.14)
;; WHEN: Tue Feb  5 11:08:43 2013
;; MSG SIZE  rcvd: 117

Code:

host `hostname` <- note backticks and not single quotes
VMGROUPWARE-TEST:/var/tmp/zcs_8.0.2 # host `hostname`
VMGROUPWARE-TEST.test.DOAMIN.COM has address 172.29.17.93

Is the only way to solve this the Split-DNS solution?

Many thanks for your help,
Kind regards

[gerardsd]

After reinstallation of SLES11 everything is working fine. So this is solved.

Thanks a lot for your help,
rg