Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Problem with Ldap Replica on Etch - Zimbra OSS 5.0 GA

  1. #1
    Join Date
    May 2007
    Posts
    14
    Rep Power
    8

    Default Problem with Ldap Replica on Etch - Zimbra OSS 5.0 GA

    Since I have 2 site so prepare 2 server for single domain.

    Fist server I install everything except zimbra-proxy and second server I install everything except zimbra-logger zimbra-proxy with zimbra-ldap disable.

    I follow the instruction from documentation and wiki and the first server went fine. The second server I didn't install zimbra-logger as document state ,all installation from install.sh also went fine .

    main server status is running normally
    Code:
    mail1:~# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
    Host FQDN-MASTER
            antispam                Running
            antivirus               Running
            ldap                    Running
            logger                  Running
            mailbox                 Running
            mta                     Running
            snmp                    Running
            spell                   Running
            stats                   Running
    mail1:~#

    I ran zmupdateauthkeys on both server and it can fetch both server key succesfully.
    But after I ran
    Code:
    mail2:~# sudo -u zimbra /opt/zimbra/libexec/zmldapenablereplica
    Looking for LDAP installation...succeeded
    Verifying ldap on ldap://FQDN-REPLICA:389...succeeded
    Creating LDAP config in /opt/zimbra/conf/slapd.conf.../opt/zimbra/openldap/sbin/slappasswd: option requires an argument -- s
    Usage: slappasswd [options]
      -h hash       password scheme
      -s secret     new password
      -c format     crypt(3) salt format
      -u            generate RFC2307 values (default)
      -v            increase verbosity
      -T file       read file for new password
    succeeded
    Enabling LDAP service on FQDN-REPLICA...succeeded
    Setting ldap_url on FQDN-REPLICA.../opt/zimbra/libexec/zmldapenablereplica: line 211: zmlocalconfig: command not found
    done
    Starting LDAP on FQDN-REPLICA...done
    Then see status and start the server
    Code:
    mail2:~# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
    Host FQDN-REPLICA
            antispam                Stopped
                    zmmtaconfigctl is not running
                    zmamavisdctl is not running
            antivirus               Stopped
                    zmmtaconfigctl is not running
                    zmamavisdctl is not running
                    zmclamdctl is not running
            ldap                    Stopped
            mailbox                 Stopped
                    zmmtaconfigctl is not running
                    mysql.server is not running
                    zmmailboxdctl is not running
            mta                     Stopped
                    zmmtaconfigctl is not running
                    postfix is not running
                    saslauthd is not running
                    zmsaslauthdctl is not running
            snmp                    Stopped
                    swatch is not running
            spell                   Stopped
                    zmapachectl is not running
            stats                   Stopped
    mail2:~# sudo -u zimbra /opt/zimbra/bin/zmcontrol start
    Host FQDN-REPLICA
            Starting ldap...Done.
    FAILED
    Failed to start slapd.  Attempting debug start to determine error.
    Code:
    mail2:~# sudo -u zimbra /opt/zimbra/bin/zmlocalconfig | grep ldap
    ldap_amavis_password = *
    ldap_cache_account_maxage = 15
    ldap_cache_account_maxsize = 20000
    ldap_cache_cos_maxage = 15
    ldap_cache_cos_maxsize = 100
    ldap_cache_domain_maxage = 15
    ldap_cache_domain_maxsize = 100
    ldap_cache_server_maxage = 15
    ldap_cache_server_maxsize = 100
    ldap_cache_timezone_maxsize = 100
    ldap_cache_zimlet_maxage = 15
    ldap_cache_zimlet_maxsize = 100
    ldap_connect_pool_debug = false
    ldap_connect_pool_initsize = 1
    ldap_connect_pool_master = false
    ldap_connect_pool_maxsize = 50
    ldap_connect_pool_prefsize = 0
    ldap_connect_pool_timeout = 120000
    ldap_connect_timeout = 30000
    ldap_host = FQDN-MASTER
    ldap_is_master = false
    ldap_log_level = 32768
    ldap_master_url = FQDN-MASTER:389
    ldap_port = 389
    ldap_postfix_password = *
    ldap_replication_password = *
    ldap_require_tls = false
    ldap_root_password = *
    ldap_starttls_supported = 1
    ldap_url = ldap://FQDN-REPLICA:389 ldap://FQDN- MASTER:389
    postfix_sender_canonical_maps = ldap:${zimbra_home}/conf/ldap-scm.cf
    postfix_transport_maps = ldap:${zimbra_home}/conf/ldap-transport.cf
    postfix_virtual_alias_domains = ldap:${zimbra_home}/conf/ldap-vad.cf
    postfix_virtual_alias_maps = ldap:${zimbra_home}/conf/ldap-vam.cf
    postfix_virtual_mailbox_domains = ldap:${zimbra_home}/conf/ldap-vmd.cf
    postfix_virtual_mailbox_maps = ldap:${zimbra_home}/conf/ldap-vmm.cf
    zimbra_class_provisioning = com.zimbra.cs.account.ldap.LdapProvisioning
    zimbra_ldap_password = *
    zimbra_ldap_user = zimbra
    zimbra_ldap_userdn = uid=zimbra,cn=admins,cn=zimbra
    zimbra_zmprov_default_to_ldap = false
    when I try to debug
    Code:
    mail2:~# sudo /opt/zimbra/libexec/zmslapd -l LOCAL0 -4 -u zimbra -h ldap://localhost:389 -f /opt/zimbra/conf/slapd.conf -d 7
    @(#) $OpenLDAP: slapd 2.3.39 (Dec  1 2007 22:06:14) $
            root@build-debian-etch:/home/build/p4/main/ThirdParty/openldap/openldap-2.3.39.6z/servers/slapd
    daemon_init: ldap://localhost:389
    daemon_init: listen on ldap://localhost:389
    daemon_init: 1 listeners to open...
    ldap_url_parse_ext(ldap://localhost:389)
    daemon: listener initialized ldap://localhost:389
    daemon_init: 1 listeners opened
    slapd init: initiated server.
    slap_sasl_init: initialized!
    bdb_back_initialize: initialize BDB backend
    bdb_back_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December  3, 2003)
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: <>
    <<< dnNormalize: <>
    >>> dnNormalize: 
    => ldap_bv2dn(cn=Subschema,0)
    <= ldap_bv2dn(cn=Subschema)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=subschema)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(cn=zimbra,0)
    <= ldap_bv2dn(cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra,0)
    <= ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(uid=zmpostfix,cn=appaccts,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra,0)
    <= ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(uid=zmamavis,cn=appaccts,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra,0)
    <= ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(uid=zmamavis,cn=appaccts,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra,0)
    <= ldap_bv2dn(uid=zmamavis,cn=appaccts,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(uid=zmamavis,cn=appaccts,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra,0)
    <= ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(uid=zmpostfix,cn=appaccts,cn=zimbra)=0 
    <<< dnNormalize: 
    put_filter: "(!(zimbraHideInGal=TRUE))"
    put_filter: NOT
    put_filter_list "(zimbraHideInGal=TRUE)"
    put_filter: "(zimbraHideInGal=TRUE)"
    put_filter: simple
    put_simple_filter: "zimbraHideInGal=TRUE"
    ber_scanf fmt ({mm}) ber:
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra,0)
    <= ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(uid=zmpostfix,cn=appaccts,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra,0)
    <= ldap_bv2dn(uid=zmpostfix,cn=appaccts,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(uid=zmpostfix,cn=appaccts,cn=zimbra)=0 
    <<< dnNormalize: 
    >>> dnNormalize: 
    => ldap_bv2dn(cn=admins,cn=zimbra,0)
    <= ldap_bv2dn(cn=admins,cn=zimbra)=0 
    => ldap_dn2bv(272)
    <= ldap_dn2bv(cn=admins,cn=zimbra)=0 
    <<< dnNormalize: 
    slapd destroy: freeing system resources.
    slapd stopped.
    connections_destroy: nothing to destroy.
    Any suggestion?

  2. #2
    Join Date
    May 2007
    Posts
    14
    Rep Power
    8

    Default

    Please help

    Just want the thread go up to the top

  3. #3
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    You probably ran into this bug.
    Bug 21633 - ldap only replica broken - missing certs

    Steps need to manually enable a replica after installing it disabled are:


    1) install ldap disabled
    2) create certificates, using the command "/opt/zimbra/bin/zmcertmgr install
    "
    3) enable ldap replica, using /opt/zimbra/libexec/zmldapenablereplica
    Bugzilla - Wiki - Downloads - Before posting... Search!

  4. #4
    Join Date
    May 2007
    Posts
    14
    Rep Power
    8

    Default

    I do another test on vmware ,first server(mail1) install and operate normally no any error from install.sh. All setting are the same as the real server that I first tried.

    Below is the result of mail2 with zimbra ldap disable ...still good.


    Code:
    Main menu
    
       1) Common Configuration:                                                  
       2) zimbra-ldap:                             Disabled                      
       3) zimbra-store:                            Enabled                       
       4) zimbra-mta:                              Enabled                       
       5) zimbra-snmp:                             Enabled                       
       6) zimbra-spell:                            Enabled                       
       7) Default Class of Service Configuration:                                
       r) Start servers after configuration        yes                           
       s) Save config to file                                                    
       x) Expand menu                                                            
       q) Quit                             
    *** CONFIGURATION COMPLETE - press 'a' to apply
    Select from menu, or press 'a' to apply config (? - help) a
    Save configuration data to a file? [Yes] 
    Save config in file: [/opt/zimbra/config.5250] 
    Saving config in /opt/zimbra/config.5250...done.
    The system will be modified - continue? [No] Y
    Operations logged to /tmp/zmsetup.01032008-001004.log
    Setting local config values...done.
    Updating ldap_root_password and zimbra_ldap_password...done.
    Setting up CA...done.
    Creating SSL certificate...done.
    Deploying CA to /opt/zimbra/conf/ca ...done.
    Installing SSL certificate...done.
    Creating server entry for mail2.asb.local...done.
    Setting spell check URL...done.
    Setting service ports on mail2.asb.local...done.
    Adding mail2.asb.local to zimbraMailHostPool in default COS...done.
    Installing skins... 
            bare
            hotrod
            sand
            waves
            lemongrass
            beach
            bones
            steel
            sky
            lavender
    done.
    Setting zimbraFeatureIMEnabled=FALSE...done.
    Setting zimbraFeatureTasksEnabled=TRUE...done.
    Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
    Setting zimbraFeatureNotebookEnabled=TRUE...done.
    Setting MTA auth host...done.
    Creating user admin@asb.local...done.
    Creating postmaster alias...done.
    Creating user wiki@asb.local...done.
    Creating user spam.gax5khzf@asb.local...done.
    Creating user ham.wihhcmwk@asb.local...done.
    Setting spam training accounts...done.
    Initializing store sql database...done.
    Setting zimbraSmtpHostname for mail2.asb.local...done.
    Initializing mta config...done.
    Configuring SNMP...done.
    Setting services on mail2.asb.local...done.
    Setting up zimbra crontab...done.
    Setting up syslog.conf...done.
    
    You have the option of notifying Zimbra of your installation.
    This helps us to track the uptake of the Zimbra Collaboration Suite.
    The only information that will be transmitted is:
            The VERSION of zcs installed (5.0.0_GA_1869_DEBIAN4.0)
            The ADMIN EMAIL ADDRESS created (admin@asb.local)
    
    Notify Zimbra of your installation? [Yes] no
    Notification skipped
    Starting servers...done.
    Checking for deprecated zimlets...done.
    Installing zimlets... 
            com_zimbra_phone
            com_zimbra_url
            com_zimbra_search
            com_zimbra_date
            com_zimbra_email
            com_zimbra_local
            com_zimbra_cert_manager
    done.
    Initializing Documents...done.
    Restarting mailboxd...done.
    
    
    Moving /tmp/zmsetup.01032008-001004.log to /opt/zimbra/log
    
    
    Configuration complete - press return to exit

    Then I try as documentation suggest
    Code:
    mail2:/# sudo -u zimbra /opt/zimbra/bin/zmupdateauthkeys
    updating mail1.asb.local
    Fetching key for mail1.asb.local
    updating mail2.asb.local
    Fetching key for mail2.asb.local
    Updating /opt/zimbra/.ssh/authorized_keys
    After I found from last time I ran zmldapenablereplicait has 2 errors
    First.../opt/zimbra/openldap/sbin/slappasswd: option requires an argument

    Second ......./opt/zimbra/libexec/: line 211: zmlocalconfig

    So I modified the zmldapenablereplica to be

    fix the zmlocalconfig path and hard code ldap root password.
    Code:
    #!/bin/bash
    # 
    # ***** BEGIN LICENSE BLOCK *****
    # 
    # Zimbra Collaboration Suite Server
    # Copyright (C) 2005, 2006, 2007 Zimbra, Inc.
    # 
    # The contents of this file are subject to the Yahoo! Public License
    # Version 1.0 ("License"); you may not use this file except in
    # compliance with the License.  You may obtain a copy of the License at
    # http://www.zimbra.com/license.
    # 
    # Software distributed under the License is distributed on an "AS IS"
    # basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
    # 
    # ***** END LICENSE BLOCK *****
    # 
    
    source `dirname $0`/../bin/zmshutil || exit 1
    
    if [ "x$1" != "x" ]; then
    	echo "Usage: $0"
    	echo "	Use $0 to set up this server as an ldap replica"
    	exit 1
    fi
    
    zmsetvars -f\
    	zimbra_home \
    	zimbra_server_hostname \
    	ldap_master_url \
    	ldap_port \
    	ldap_root_password \
    	zimbra_ldap_password \
    	zimbra_ldap_userdn \
    	ldap_replication_password
    
    ldap_master_host=`echo ${ldap_master_url} | sed -e 's|ldaps*://\([^:]*\):*.*|\1|'`
    
    verifyLdapInstalled() {
    	echo -n "Looking for LDAP installation..."
    	if [ ! -d ${zimbra_home}/openldap/etc ]; then
    		echo "FAILED"
    		echo "ERROR: openldap does not appear to be installed - exiting"
    		exit 1
    	fi
    	echo "succeeded"
    }
    
    verifyLdap() {
    	echo -n "Verifying ldap on ${ldap_master_url}..."
    	LDS="${zimbra_home}/bin/ldapsearch";
    	ARGS="-x -H ${ldap_master_url} -D ${zimbra_ldap_userdn} -w ${zimbra_ldap_password}"
    	OUTPUT=`$LDS $ARGS 2>&1`
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "ERROR: Unable to verify ldap connection on ${ldap_master_url} - exiting"
        echo "$LDS $ARGS"
        echo $OUTPUT
    		exit 1
    	fi
    	echo "succeeded"
    }
    
    enableSyncProv() {
    	echo -n "Enabling sync provider..."
    	sed -i.pre-replica -e '/syncprov/ s/#//g' -e '/accesslog/ s/###//g' ${zimbra_home}/conf/slapd.conf.in
    	mkdir -p ${zimbra_home}/openldap-data/accesslog/db
    	mkdir -p ${zimbra_home}/openldap-data/accesslog/logs
    	cp -p -f ${zimbra_home}/openldap/etc/openldap/master-accesslog.conf ${zimbra_home}/conf/
    	cp -p -f ${zimbra_home}/openldap/etc/openldap/master-accesslog-overlay.conf ${zimbra_home}/conf/
    	echo "succeeded"
    }
    
    createLdapConfig() {
    	echo -n "Creating LDAP config in ${zimbra_home}/conf/slapd.conf..."
    	root_sha=`${zimbra_home}/openldap/sbin/slappasswd -s myldaprootpassword`
    	sed -e "s|^rootpw.*|rootpw ${root_sha}|" \
    		${zimbra_home}/openldap/etc/openldap/slapd.conf > ${zimbra_home}/conf/slapd.conf.in
    	sed -e '/overlay syncprov/d' -e '/syncprov-/d' ${zimbra_home}/conf/slapd.conf.in >/tmp/slapd.conf.in.$$
    	mv -f /tmp/slapd.conf.in.$$ ${zimbra_home}/conf/slapd.conf.in
    
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "ERROR - LDAP config creation failed - exiting"
    	fi
    
    	ldap_replica_rid=100
    
    	if [ -f "/opt/zimbra/lib/conf/zimbra-ext.schema" ]; then
    		sed -e '\|/opt/zimbra/openldap/etc/openldap/schema/zimbra.schema| a\
    include		"/opt/zimbra/lib/conf/zimbra-ext.schema"' ${zimbra_home}/conf/slapd.conf.in > /tmp/slapd.conf
    		mv -f /tmp/slapd.conf ${zimbra_home}/conf/slapd.conf.in
    	fi
    
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "ERROR - LDAP config creation failed - exiting"
    	fi
    
            num=`expr match "$ldap_url" 'ldaps*'`
            if [ "$num" == 5 ]; then
    	cat >> ${zimbra_home}/conf/slapd.conf.in <> ${zimbra_home}/conf/slapd.conf.in < /dev/null 2>&1
    
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "Remote shutdown failed - exiting"
    		exit 1
    	fi
    	echo "done"
    }
    
    stopZimbra() {
    	echo -n "Shutting down Zimbra Services on ${zimbra_server_hostname}..."
    	zmcontrol stop > /dev/null 2>&1
    	echo "done"
    }
    
    replicateLdap() {
    	echo -n "Replicating ldap data from ${ldap_master_host}..."
    	echo -n "Copying data..."
    	echo "HOST:${ldap_master_host} slapcat" | ${zimbra_home}/libexec/zmrc ${ldap_master_host} | \
    		grep -v STARTCMD | grep -v ENDCMD > /tmp/repl.ldif
    
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "Ldap replication failed - exiting"
    		exit 1
    	fi
    
    	echo -n "Writing data..."
    
    	${zimbra_home}/openldap/sbin/slapadd -q -w -b '' -f ${zimbra_home}/conf/slapd.conf -l /tmp/repl.ldif
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "Ldap replication failed - exiting"
    		exit 1
    	fi
    
    	#/bin/rm -f /tmp/repl.ldif
    	echo "succeeded"
    }
    
    updateLdapHost() {
    	echo -n "Setting ldap_url on ${zimbra_server_hostname}...";
      if [ ${ldap_port} = 636 ]; then
        proto="ldaps"
      else 
        proto="ldap"
      fi
    	${zimbra_home}/bin/zmlocalconfig -e ldap_url="${proto}://${zimbra_server_hostname}:${ldap_port} ${ldap_master_url}"
    	echo "done"
    }
    
    startRemoteZimbra() {
    	echo -n "Starting remote Zimbra Services on ${ldap_master_host}..."
    	echo "HOST:${ldap_master_host} startup" | ${zimbra_home}/libexec/zmrc ${ldap_master_host} \
    		> /dev/null 2>&1
    
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "Remote startup failed - exiting"
    		exit 1
    	fi
    	echo "done"
    }
    
    startLdap() {
    	echo -n "Starting LDAP on ${zimbra_server_hostname}..."
    	${zimbra_home}/bin/ldap start > /dev/null 2>&1
    	echo "done"
    }
    stopLdap() {
    	echo -n "Stopping LDAP on ${zimbra_server_hostname}..."
    	${zimbra_home}/bin/ldap stop > /dev/null 2>&1
    	echo "done"
    }
    
    if [ $ldap_master_host = $zimbra_server_hostname ]; then
    	enableSyncProv
      stopLdap
      startLdap
    	exit 0
    fi
    
    verifyLdapInstalled
    verifyLdap
    createLdapConfig
    enableLdapService
    #stopZimbra
    #stopRemoteZimbra
    #replicateLdap
    updateLdapHost
    #startRemoteZimbra
    zmsetvars -f ldap_url
    startLdap
    and this is the result
    Code:
    mail2:/# sudo -u zimbra /opt/zimbra/libexec/zmldapenablereplica
    Looking for LDAP installation...succeeded
    Verifying ldap on ldap://mail1.asb.local:389...succeeded
    Creating LDAP config in /opt/zimbra/conf/slapd.conf...succeeded
    Enabling LDAP service on mail2.asb.local......succeeded
    Setting ldap_url on mail2.asb.local...done
    Starting LDAP on mail2.asb.local...done
    mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
    Unable to determine enabled services from ldap.
    Enabled services read from cache. Service list may be inaccurate.
    Host mail2.asb.local
            antispam                Running
            antivirus               Running
            mailbox                 Running
            mta                     Running
            snmp                    Running
            spell                   Running
            stats                   Running
    mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol stop
    Host mail2.asb.local
            Stopping stats...Done
            Stopping mta...Done
            Stopping spell...Done
            Stopping snmp...Done
            Stopping archiving...Done
            Stopping antivirus...Done
            Stopping antispam...Done
            Stopping imapproxy...Done
            Stopping mailbox...Done
            Stopping logger...Done
            Stopping ldap...Done
    mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol start
    Host mail2.asb.local
            Starting ldap...Done.
            Starting mailbox...Done.
            Starting antispam...Done.
            Starting antivirus...Done.
            Starting snmp...Done.
            Starting spell...Done.
            Starting mta...Done.
            Starting stats...Done.
    mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
    Unable to determine enabled services from ldap.
    Enabled services read from cache. Service list may be inaccurate.
    Host mail2.asb.local
            antispam                Stopped
                    zmmtaconfigctl is not running
                    amavisd running pid: 14893
            antivirus               Stopped
                    zmmtaconfigctl is not running
                    amavisd running pid: 14893
            ldap                    Running
            mailbox                 Stopped
                    zmmtaconfigctl is not running
            mta                     Stopped
                    zmmtaconfigctl is not running
                    saslauthd is running with pid 15134
            snmp                    Running
            spell                   Running
            stats                   Stopped
    I also tried zmcertmgr as you suggest but no luck either.

    Thanks for your kindly help. Any suggestion?

  5. #5
    Join Date
    May 2007
    Posts
    14
    Rep Power
    8

    Default

    I do another test on vmware ,first server(mail1) install and operate normally no any error from install.sh. All setting are the same as the real server that I first tried.

    Below is the result of mail2 with zimbra ldap disable ...still good.


    Code:
    Main menu
    
       1) Common Configuration:                                                  
       2) zimbra-ldap:                             Disabled                      
       3) zimbra-store:                            Enabled                       
       4) zimbra-mta:                              Enabled                       
       5) zimbra-snmp:                             Enabled                       
       6) zimbra-spell:                            Enabled                       
       7) Default Class of Service Configuration:                                
       r) Start servers after configuration        yes                           
       s) Save config to file                                                    
       x) Expand menu                                                            
       q) Quit                             
    *** CONFIGURATION COMPLETE - press 'a' to apply
    Select from menu, or press 'a' to apply config (? - help) a
    Save configuration data to a file? [Yes] 
    Save config in file: [/opt/zimbra/config.5250] 
    Saving config in /opt/zimbra/config.5250...done.
    The system will be modified - continue? [No] Y
    Operations logged to /tmp/zmsetup.01032008-001004.log
    Setting local config values...done.
    Updating ldap_root_password and zimbra_ldap_password...done.
    Setting up CA...done.
    Creating SSL certificate...done.
    Deploying CA to /opt/zimbra/conf/ca ...done.
    Installing SSL certificate...done.
    Creating server entry for mail2.asb.local...done.
    Setting spell check URL...done.
    Setting service ports on mail2.asb.local...done.
    Adding mail2.asb.local to zimbraMailHostPool in default COS...done.
    Installing skins... 
            bare
            hotrod
            sand
            waves
            lemongrass
            beach
            bones
            steel
            sky
            lavender
    done.
    Setting zimbraFeatureIMEnabled=FALSE...done.
    Setting zimbraFeatureTasksEnabled=TRUE...done.
    Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
    Setting zimbraFeatureNotebookEnabled=TRUE...done.
    Setting MTA auth host...done.
    Creating user admin@asb.local...done.
    Creating postmaster alias...done.
    Creating user wiki@asb.local...done.
    Creating user spam.gax5khzf@asb.local...done.
    Creating user ham.wihhcmwk@asb.local...done.
    Setting spam training accounts...done.
    Initializing store sql database...done.
    Setting zimbraSmtpHostname for mail2.asb.local...done.
    Initializing mta config...done.
    Configuring SNMP...done.
    Setting services on mail2.asb.local...done.
    Setting up zimbra crontab...done.
    Setting up syslog.conf...done.
    
    You have the option of notifying Zimbra of your installation.
    This helps us to track the uptake of the Zimbra Collaboration Suite.
    The only information that will be transmitted is:
            The VERSION of zcs installed (5.0.0_GA_1869_DEBIAN4.0)
            The ADMIN EMAIL ADDRESS created (admin@asb.local)
    
    Notify Zimbra of your installation? [Yes] no
    Notification skipped
    Starting servers...done.
    Checking for deprecated zimlets...done.
    Installing zimlets... 
            com_zimbra_phone
            com_zimbra_url
            com_zimbra_search
            com_zimbra_date
            com_zimbra_email
            com_zimbra_local
            com_zimbra_cert_manager
    done.
    Initializing Documents...done.
    Restarting mailboxd...done.
    
    
    Moving /tmp/zmsetup.01032008-001004.log to /opt/zimbra/log
    
    
    Configuration complete - press return to exit

    Then I try as documentation suggest
    Code:
    mail2:/# sudo -u zimbra /opt/zimbra/bin/zmupdateauthkeys
    updating mail1.asb.local
    Fetching key for mail1.asb.local
    updating mail2.asb.local
    Fetching key for mail2.asb.local
    Updating /opt/zimbra/.ssh/authorized_keys

  6. #6
    Join Date
    May 2007
    Posts
    14
    Rep Power
    8

    Default

    After I found from last time I ran zmldapenablereplicait has 2 errors
    First.../opt/zimbra/openldap/sbin/slappasswd: option requires an argument

    Second ......./opt/zimbra/libexec/: line 211: zmlocalconfig

    So I modified the zmldapenablereplica to be

    fix the zmlocalconfig path and hard code ldap root password.
    Code:
    #!/bin/bash
    # 
    # ***** BEGIN LICENSE BLOCK *****
    # 
    # Zimbra Collaboration Suite Server
    # Copyright (C) 2005, 2006, 2007 Zimbra, Inc.
    # 
    # The contents of this file are subject to the Yahoo! Public License
    # Version 1.0 ("License"); you may not use this file except in
    # compliance with the License.  You may obtain a copy of the License at
    # http://www.zimbra.com/license.
    # 
    # Software distributed under the License is distributed on an "AS IS"
    # basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
    # 
    # ***** END LICENSE BLOCK *****
    # 
    
    source `dirname $0`/../bin/zmshutil || exit 1
    
    if [ "x$1" != "x" ]; then
    	echo "Usage: $0"
    	echo "	Use $0 to set up this server as an ldap replica"
    	exit 1
    fi
    
    zmsetvars -f\
    	zimbra_home \
    	zimbra_server_hostname \
    	ldap_master_url \
    	ldap_port \
    	ldap_root_password \
    	zimbra_ldap_password \
    	zimbra_ldap_userdn \
    	ldap_replication_password
    
    ldap_master_host=`echo ${ldap_master_url} | sed -e 's|ldaps*://\([^:]*\):*.*|\1|'`
    
    verifyLdapInstalled() {
    	echo -n "Looking for LDAP installation..."
    	if [ ! -d ${zimbra_home}/openldap/etc ]; then
    		echo "FAILED"
    		echo "ERROR: openldap does not appear to be installed - exiting"
    		exit 1
    	fi
    	echo "succeeded"
    }
    
    verifyLdap() {
    	echo -n "Verifying ldap on ${ldap_master_url}..."
    	LDS="${zimbra_home}/bin/ldapsearch";
    	ARGS="-x -H ${ldap_master_url} -D ${zimbra_ldap_userdn} -w ${zimbra_ldap_password}"
    	OUTPUT=`$LDS $ARGS 2>&1`
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "ERROR: Unable to verify ldap connection on ${ldap_master_url} - exiting"
        echo "$LDS $ARGS"
        echo $OUTPUT
    		exit 1
    	fi
    	echo "succeeded"
    }
    
    enableSyncProv() {
    	echo -n "Enabling sync provider..."
    	sed -i.pre-replica -e '/syncprov/ s/#//g' -e '/accesslog/ s/###//g' ${zimbra_home}/conf/slapd.conf.in
    	mkdir -p ${zimbra_home}/openldap-data/accesslog/db
    	mkdir -p ${zimbra_home}/openldap-data/accesslog/logs
    	cp -p -f ${zimbra_home}/openldap/etc/openldap/master-accesslog.conf ${zimbra_home}/conf/
    	cp -p -f ${zimbra_home}/openldap/etc/openldap/master-accesslog-overlay.conf ${zimbra_home}/conf/
    	echo "succeeded"
    }
    
    createLdapConfig() {
    	echo -n "Creating LDAP config in ${zimbra_home}/conf/slapd.conf..."
    	root_sha=`${zimbra_home}/openldap/sbin/slappasswd -s myldaprootpassword`
    	sed -e "s|^rootpw.*|rootpw ${root_sha}|" \
    		${zimbra_home}/openldap/etc/openldap/slapd.conf > ${zimbra_home}/conf/slapd.conf.in
    	sed -e '/overlay syncprov/d' -e '/syncprov-/d' ${zimbra_home}/conf/slapd.conf.in >/tmp/slapd.conf.in.$$
    	mv -f /tmp/slapd.conf.in.$$ ${zimbra_home}/conf/slapd.conf.in
    
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "ERROR - LDAP config creation failed - exiting"
    	fi
    
    	ldap_replica_rid=100
    
    	if [ -f "/opt/zimbra/lib/conf/zimbra-ext.schema" ]; then
    		sed -e '\|/opt/zimbra/openldap/etc/openldap/schema/zimbra.schema| a\
    include		"/opt/zimbra/lib/conf/zimbra-ext.schema"' ${zimbra_home}/conf/slapd.conf.in > /tmp/slapd.conf
    		mv -f /tmp/slapd.conf ${zimbra_home}/conf/slapd.conf.in
    	fi
    
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "ERROR - LDAP config creation failed - exiting"
    	fi
    
            num=`expr match "$ldap_url" 'ldaps*'`
            if [ "$num" == 5 ]; then
    	cat >> ${zimbra_home}/conf/slapd.conf.in <> ${zimbra_home}/conf/slapd.conf.in < /dev/null 2>&1
    
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "Remote shutdown failed - exiting"
    		exit 1
    	fi
    	echo "done"
    }
    
    stopZimbra() {
    	echo -n "Shutting down Zimbra Services on ${zimbra_server_hostname}..."
    	zmcontrol stop > /dev/null 2>&1
    	echo "done"
    }
    
    replicateLdap() {
    	echo -n "Replicating ldap data from ${ldap_master_host}..."
    	echo -n "Copying data..."
    	echo "HOST:${ldap_master_host} slapcat" | ${zimbra_home}/libexec/zmrc ${ldap_master_host} | \
    		grep -v STARTCMD | grep -v ENDCMD > /tmp/repl.ldif
    
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "Ldap replication failed - exiting"
    		exit 1
    	fi
    
    	echo -n "Writing data..."
    
    	${zimbra_home}/openldap/sbin/slapadd -q -w -b '' -f ${zimbra_home}/conf/slapd.conf -l /tmp/repl.ldif
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "Ldap replication failed - exiting"
    		exit 1
    	fi
    
    	#/bin/rm -f /tmp/repl.ldif
    	echo "succeeded"
    }
    
    updateLdapHost() {
    	echo -n "Setting ldap_url on ${zimbra_server_hostname}...";
      if [ ${ldap_port} = 636 ]; then
        proto="ldaps"
      else 
        proto="ldap"
      fi
    	${zimbra_home}/bin/zmlocalconfig -e ldap_url="${proto}://${zimbra_server_hostname}:${ldap_port} ${ldap_master_url}"
    	echo "done"
    }
    
    startRemoteZimbra() {
    	echo -n "Starting remote Zimbra Services on ${ldap_master_host}..."
    	echo "HOST:${ldap_master_host} startup" | ${zimbra_home}/libexec/zmrc ${ldap_master_host} \
    		> /dev/null 2>&1
    
    	if [ $? -ne 0 ]; then
    		echo "FAILED"
    		echo "Remote startup failed - exiting"
    		exit 1
    	fi
    	echo "done"
    }
    
    startLdap() {
    	echo -n "Starting LDAP on ${zimbra_server_hostname}..."
    	${zimbra_home}/bin/ldap start > /dev/null 2>&1
    	echo "done"
    }
    stopLdap() {
    	echo -n "Stopping LDAP on ${zimbra_server_hostname}..."
    	${zimbra_home}/bin/ldap stop > /dev/null 2>&1
    	echo "done"
    }
    
    if [ $ldap_master_host = $zimbra_server_hostname ]; then
    	enableSyncProv
      stopLdap
      startLdap
    	exit 0
    fi
    
    verifyLdapInstalled
    verifyLdap
    createLdapConfig
    enableLdapService
    #stopZimbra
    #stopRemoteZimbra
    #replicateLdap
    updateLdapHost
    #startRemoteZimbra
    zmsetvars -f ldap_url
    startLdap
    and this is the result
    Code:
    mail2:/# sudo -u zimbra /opt/zimbra/libexec/zmldapenablereplica
    Looking for LDAP installation...succeeded
    Verifying ldap on ldap://mail1.asb.local:389...succeeded
    Creating LDAP config in /opt/zimbra/conf/slapd.conf...succeeded
    Enabling LDAP service on mail2.asb.local......succeeded
    Setting ldap_url on mail2.asb.local...done
    Starting LDAP on mail2.asb.local...done
    mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
    Unable to determine enabled services from ldap.
    Enabled services read from cache. Service list may be inaccurate.
    Host mail2.asb.local
            antispam                Running
            antivirus               Running
            mailbox                 Running
            mta                     Running
            snmp                    Running
            spell                   Running
            stats                   Running
    mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol stop
    Host mail2.asb.local
            Stopping stats...Done
            Stopping mta...Done
            Stopping spell...Done
            Stopping snmp...Done
            Stopping archiving...Done
            Stopping antivirus...Done
            Stopping antispam...Done
            Stopping imapproxy...Done
            Stopping mailbox...Done
            Stopping logger...Done
            Stopping ldap...Done
    mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol start
    Host mail2.asb.local
            Starting ldap...Done.
            Starting mailbox...Done.
            Starting antispam...Done.
            Starting antivirus...Done.
            Starting snmp...Done.
            Starting spell...Done.
            Starting mta...Done.
            Starting stats...Done.
    mail2:/# sudo -u zimbra /opt/zimbra/bin/zmcontrol status
    Unable to determine enabled services from ldap.
    Enabled services read from cache. Service list may be inaccurate.
    Host mail2.asb.local
            antispam                Stopped
                    zmmtaconfigctl is not running
                    amavisd running pid: 14893
            antivirus               Stopped
                    zmmtaconfigctl is not running
                    amavisd running pid: 14893
            ldap                    Running
            mailbox                 Stopped
                    zmmtaconfigctl is not running
            mta                     Stopped
                    zmmtaconfigctl is not running
                    saslauthd is running with pid 15134
            snmp                    Running
            spell                   Running
            stats                   Stopped
    I also tried zmcertmgr as you suggest but no luck either.

    Thanks for your kindly help. Any suggestion?

  7. #7
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    10

    Default

    I've pulled in the fix for zmlocalconfig being called via the full path.

    It looks like the first time around, you managed to not set the ldap root password (not quite sure how that happened), which is why zmldapenablereplica was throwing an error there.

    Try starting slapd with -d -1 instead of -d 7 to get full debug output.

    --Quanah
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  8. #8
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    Another recommendation if you are planning on using ldap as a replica then just install ldap with the service enabled, it'll avoid this problem altogether.
    Bugzilla - Wiki - Downloads - Before posting... Search!

  9. #9
    Join Date
    May 2007
    Posts
    14
    Rep Power
    8

    Default

    Quote Originally Posted by brian View Post
    Another recommendation if you are planning on using ldap as a replica then just install ldap with the service enabled, it'll avoid this problem altogether.
    Hi Brian,thanks again for you help, I'm not sure I fully understand your suggestion so If I want to set up 2 mail server for 2 site with users mailbox at both site. Email from the internet will come to the server with lower mx record and then LMTP to another server. Outgoing mail will go directry from each site.

    and I have 2 machine then
    mail1 should be install normally and then set all ldap related password (admin,root,replication,postfix,amavis)
    Code:
    
    Install zimbra-ldap [Y] 
    Install zimbra-logger [Y] 
    Install zimbra-mta [Y] 
    Install zimbra-snmp [Y] 
    Install zimbra-store [Y] 
    Install zimbra-apache [Y] 
    Install zimbra-spell [Y] 
    Install zimbra-proxy [N] 
    
    )

    mail2

    Install with No zimbra-logger then set enable zimbra-ldap with creat domain "NO"

    and then set all ldap related password as the same as the first server.
    And then change the master ldap host



    Code:
    Install zimbra-ldap [Y] 
    Install zimbra-logger [N] 
    Install zimbra-mta [Y] 
    Install zimbra-snmp [Y] 
    Install zimbra-store [Y] 
    Install zimbra-apache [Y] 
    Install zimbra-spell [Y] 
    Install zimbra-proxy [N] 
    
    
    
    1) Status:                                  Enabled                       
       2) Create Domain:                           NO
       3) Ldap Root password:                      set                           
       4) Ldap Replication password:               set                           
       5) Ldap Postfix password:                   set                           
       6) Ldap Amavis password:                    set    
    
    
    1) Hostname:                                mail2.asb.local               
       2) Ldap master host:                        mail1.asb.local               
       3) Ldap port:                               389                           
       4) Ldap Admin password:                     set                           
       5) TimeZone:                                (GMT+07.00) Bangkok / Hanoi / Jakarta
    Do I have to do zmupdateauthkeys and zmldapenablereplica for both machine as the documentation or it will do automatically. This may be very simple question but I cannot find the the forum and wiki and feel very lost here.

  10. #10
    Join Date
    May 2007
    Posts
    14
    Rep Power
    8

    Default

    Just follow new documentation here

    http://www.zimbra.com/docs/os/latest...erver_install/

    And the installation went smoothly I should have read this before ask the question . ...Anyway,Thanks for your kindly help.

    Anyway I set all the ldap related password for mail1 server admin,root,replication,postfix,amavis

    and then for mail2 the same as mail1 and it works.

    is it required? I read in the documentation and it seem that for replica only need just admin password to be filled in.

Similar Threads

  1. Replies: 9
    Last Post: 03-01-2008, 08:21 PM
  2. Zimbra shutdowns every n hours.
    By Andrewb in forum Administrators
    Replies: 13
    Last Post: 08-14-2007, 09:55 AM
  3. Can't start Zimbra!
    By zibra in forum Administrators
    Replies: 5
    Last Post: 03-22-2007, 12:34 PM
  4. port 7071 not listening OS X install
    By leeimber in forum Installation
    Replies: 7
    Last Post: 03-21-2006, 10:47 AM
  5. Replies: 1
    Last Post: 11-23-2005, 01:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •