Split-dns & multi-domain question

[AMatten]

Hi all.

Installing the OSS edition to try it out. I have a server behind a router, and have followed the split-dns wiki here. I'm familiar with DNS, just not bind. Here's the first question:

In setting up bind with the FQDN of the server, the install of zimbra makes the first domain 'mail.example.com', so it ends up being 'admin@mail.example.com' instead of 'admin@example.com'. Since the MX & A are correct, it never asks me if I want to change the domain name during the install. Should I just leave this as is, and create a new domain called 'example.com'? Or should I setup bind with the entry being 'incorrect' and reflecting the domain and not the FQDN? No other machines will be using this DNS server. If I leave the 'mail.example.com' domain and create a new one, will I have to add an entry to bind for the new domain as well?

Also, in the above-referenced wiki, in step #2, 4 lines from the bottom of the 'code' window it sets the zone as "server.domain.com" where every where else it refers to 'server.example.com'. Is this a typo, or am I misunderstanding something?

Thanks for any help.

[AMatten]

Well, I went ahead and installed in a VM, with 'fudging' the DNS. Everything seems to work ok, I can send and receive to my gmail account, pop3 & smtp seem to be working as well.

I'm going to go ahead and try adding a second domain, see if it works, and report back what I find.

Oh yeah, centos 4.4, zcs-4.5.0_ga_612.rhel4. Going to get the most recent version for my real build.

I also assumed the server.domain.com was supposed to be server.example.com.

[MidSpeck]

Quote:

Originally Posted by AMatten

In setting up bind with the FQDN of the server, the install of zimbra makes the first domain 'mail.example.com', so it ends up being 'admin@mail.example.com' instead of 'admin@example.com'. Since the MX & A are correct, it never asks me if I want to change the domain name during the install. Should I just leave this as is, and create a new domain called 'example.com'? Or should I setup bind with the entry being 'incorrect' and reflecting the domain and not the FQDN? No other machines will be using this DNS server. If I leave the 'mail.example.com' domain and create a new one, will I have to add an entry to bind for the new domain as well?

I have a mail server where the FQDN is like: zimbra.domain.com.
But I wanted to have it take care of mail for all users@domain.com. When I initally set up Zimbra, I told it to create the message store domain in LDAP as domain.com. Which worked just fine because my DNS was set up right. I would imagine that you could add a new domain after the fact as well without too many issues.

I'm interested to know how it went for you and also how you deal with multiple hostnames and the SSL certificates. Mine is currently giving me a warning (certificate is for zimbra.domain.com instead of mail.domain.com). But that's another topic for another time.

[AMatten]

Hey MidSpeck, thanks for the reply.

Everything seems to be working ok, even the 2nd domain, without having to make any other additions to bind.

I am also getting the ssl warning about the sig & host being different. I had just assumed that since it's self-signed (I think) that's what was causing the problem. I actually read it this time, haha, and it is about the name differences. I only use the ssl connection for the admin page, and since it's the OSS version, all administration will be done from the original domain anyways. The 2nd domain does work to get to the admin page, but with the ssl cert warning as well. Since this is just for my own enjoyment and learning, I wasn't too worried about it. It would be nice to be able to filter the user list by domain too, since the OSS version doesn't support domain-level admin.

I do recall reading something about having to modify the cert creation script to have them work warning-free in some setups, probably has to do with the 'hack' that split-dns is in the first place.

I'm not real familiar with LDAP, I might look into that. Since this was just a stand-alone play-around project for me anyways, I was just wanting to get it up and running to see if I like it. Which I do, kudos to the Zimbra team.

One thing I did find odd, and haven't researched yet, was that browsing to http://mail.example2.com to try my test user on that domain. Logging in without the domain tagged on to the end of the username tried to log into the original domain, which has a identically named user. I need to find out if there's a way to force requiring the entire e-mail address to login I guess. It did work if I logged in with user@example2.com.

Thanks again for the reply.

[AMatten]

Added a virtual host for example2.com, logging in without the domain now works. It did break the admin login, trying mail.example2.com:7071/zimbraAdmin, obviously and expected.