I've got an issue with a new install of NE6.
LDAP server - srv1
LDAP replicate - srv2
Mailbox server - srv3
mx server - srv4
proxy server - srv5
So new install had some issues with proxy configuration but that is all good now. Everything else appears good.
Now when I try and open a newly created mailbox the following happens:
open web page which redirects to https as I set it up (I have setup domain nest for a new domain and the virtual hostname of the proxy I am hitting)
get prompted for username/password all good.
put in correct credentials
then get the 500 gateway error from nginx
Now did the usual looking around for the error and most people had issues with DNS or timeouts etc..
I started looking at the logs on the proxy (nginx.log) and the single mailbox server (mailbox.log) and noticed something odd, there is the following error:
I've change the IP and DNS entries to the list above
[error] 1382#0: *6 zmauth: route handler srv3:7072 sent route srv1:8080, client: x.x.x.x, server: mail, request: "GET / HTTP/1.1", host: "domain.x"
2010/10/23 13:04:03 [error] 1382#0: *6 connect() failed (111: Connection refused) while connecting to upstream, client: x.x.x.x, server: mail, request: "GET / HTTP/1.1", upstream: "http://srv1:8080/", host: "domain.x"
So I'm looking at it and thinking thats my primary LDAP server that the proxy lookup target mailbox server is sending the proxy server to???
So dropped out of this setup and onto my old setup:
single ldap server
2 mailbox servers
single mx server
single prosy server
and looked at those logs and noticed that either of the mailbox server (both are reverse proxy lookup servers) and they both send the user to the correct mailbox server not the LDAP server on port 8080.
Both setups sit in an extranet and are split with mx and proxy on outer firewall and the mailbox and ldap servers on the inner firewall. both are on the same firewall rules as my old system, they run on the same IP range and the rules setup on the firewalls are for the subnet not individual IP's
The firewall logs show no errors so its not the firewall doing something stupid and the current system is working fine. There must be something wrong with the config on the new system I'm wanting to migrate to.
I'm running the latest version of NE6 with the latest patching on all servers.
I'm guessing its something in the Zimbra config, maybe on the mailbox server that for some reason thinks my primary LDAP server is a mailbox server which it is not.
Now I followed the installation documentation for adding a replica LDAP server and added to all servers, I ran the extra functions on the mailbox servers for postfix again as per the installation guide.
DNS dig and nsllokups are all good. every server is able to correctly work out names and mx records so its not DNS related.
Anyone got any idea?