Results 11 to 14 of 14

Thread: [SOLVED] Migration 6.04 32bit to 64bit step-by-step and cannot receive mails

Threaded View

  1. #1
    Join Date
    Mar 2010
    Posts
    14
    Rep Power
    5

    Post [SOLVED] Migration 6.04 32bit to 64bit step-by-step and cannot receive mails

    I am going to explain here my migration, with normal migration steps, ssh port setup and certificates setup. After that I will explain some configuration that I need on my particular situation.

    And, well, the result of all of this is that I can receive external emails in the first minutes or so and then I cannot longer receive emails.

    Senders get this error:

    Code:
    554 554 <user@domain.com>: Relay access denied (state 14).
    So, please help me solving this error. I am ready to offer you any configuration or command output that you want.

    Thank you.

    Hopefully this step-by-step 32bit to 64bit migration will be useful for someone.


    I - MIGRATION

    My migration is based on this document: Network Edition: Moving from 32-bit to 64-bit Server - Zimbra :: Wiki
    (I tried other four howtos on blogs and forums and none of them worked for me).


    Source pc I have a 6.04 32-bit Debian 5 Zimbra installation.
    Destination pc is going to be 6.04 64-bit Debian 5 Zimbra installation.

    1) I have made the ldap dump (/opt/zimbra/libexec/zmslapcat /backup) which it is found in the destination pc at /tmp/ldap.bak.

    2) zmcontrol stop as zimbra user

    3) Backup /opt/zimbra


    I have done a tar.gz of the /opt/zimbra directory contents in the source pc.
    Code:
    cd /opt
    tar czf /tmp/zimbra_migration.tar.gz zimbra
    This tar.gz from the source pc has been untarred in /tmp/zimbra in the destination pc.
    Code:
    cd /tmp
    tar xzf /home/user/zimbra_migration.tar.gz
    4) ZCSLicense.xml copy - Skipped.

    5) I install 6.04 64 bit Debian 5 in destination pc with the same passwords, packages, spam and ham training accounts and settings than in the source pc.

    Code:
    mkdir /tmp/604installation
    cd /tmp/604installation
    wget "http://files2.zimbra.com/downloads/6.0.4_GA/zcs-6.0.4_GA_2038.DEBIAN5_64.20091214195434.tgz"
    tar xzf zcs-6.0.4_GA_2038.DEBIAN5_64.20091214195434.tgz
    cd zcs-6.0.4_GA_2038.DEBIAN5_64.20091214195434
    ./install.sh

    6) I stop ZCS services in the destination pc.

    Code:
    zmcontrol stop
    7) At destination pc I am going to restore ldap data.
    7.1) Delete hdb data.
    Code:
    rm -rf /opt/zimbra/data/ldap/hdb/*
    7.2) Ldap with replicas (Skipped).
    7.3)
    Code:
    mkdir -p /opt/zimbra/data/ldap/hdb/db /opt/zimbra/data/ldap/hdb/logs
    7.4) Ldap with replicas (Skipped).
    7.5)
    Code:
    cp /tmp/zimbra/data/ldap/hdb/db/DB_CONFIG /opt/zimbra/data/ldap/hdb/db/DB_CONFIG
    7.6)
    Code:
    chown -R zimbra:zimbra /opt/zimbra/data/ldap
    (As root user and come back as zimbra user)
    7.7)
    Code:
    /opt/zimbra/openldap/sbin/slapadd -q -b "" -F /opt/zimbra/data/ldap/config -cv -l /tmp/ldap.bak
    8)
    Code:
    nano /opt/zimbra/conf/localconfig.xml
    and I update all the passwords to match localconfig.xml from the old installation.

    9)
    Code:
    rm -rf /opt/zimbra/db/data/*
    cp -r /tmp/zimbra/db/data/* /opt/zimbra/db/data/
    10) Copy store and index directories.

    Code:
    cp -r /tmp/zimbra/store/* /opt/zimbra/store/
    cp -r /tmp/zimbra/index/* /opt/zimbra/index/
    11) Commercial certificates copy. Skipped.

    12)
    Code:
    rm -rf /opt/zimbra/redolog/*
    13) (As root)
    Code:
    /opt/zimbra/libexec/zmfixperms
    14) Start ZCS
    Code:
    zmcontrol start
    15) Backup. Skipped.
    16) Firewall. Skipped.

    II- Minimal caveats fix

    After starting ZCS I get a: zmmailboxdctl is not running when running zmcontrol status.

    1) Let's solve any ssh port (mine is not standard 22) problem.
    Code:
    zmprov -l ms fake.domain.com zimbraRemoteManagementPort 2425
    Code:
    cd /opt/zimbra/bin/
    ./zmsshkeygen
    ./zmupdateauthkeys
    And run as root:
    Code:
    /etc/init.d/ssh force-reload
    2) Let's solve certificate problem. Remember that I have skipped the certificate migration step. (Run commands as root)
    Code:
    mv /opt/zimbra/mailboxd/etc/keystore \
    /opt/zimbra/mailboxd/etc/keystore_REMOVED
    
    /opt/zimbra/bin/zmcertmgr createca -new
    
    /opt/zimbra/bin/zmcertmgr createcrt -new
    
    
    /opt/zimbra/bin/zmcertmgr deploycrt self
    
    /opt/zimbra/java/bin/keytool -import -alias root \
    -keystore /opt/zimbra/java/jre/lib/security/cacerts \
    -storepass changeit -file /opt/zimbra/conf/ca/ca.pem
    Now we can do:

    Code:
    zmcontrol stop
    zmcontrol start

    III - Some needed setup (for my particular situation)
    https://mail.domain.com:7071/zimbraAdmin/

    * General setup. MTA. Network. Retransmission MTA for external delivery. (I remove it).
    * General setup. MTA. Network. MTA server names in Internet: (I remove it).
    * General setup. MTA. Network. Internal SMTP hostname: I remove it.
    * General setup. MTA. Network. Protocol checks. I uncheck every one of them because I want to receive every mail.
    * General setup. MTA. Authentication. I uncheck Only TLS authentication (I have learnt that if it is checked I cannot receive any external emails, please correct me if I am worng).
    * Servers. fake.domain.com. MTA. Network. MTA server names in Internet: (I remove it).
    * Servers. fake.domain.com. MTA. MTATrustNetworks. I edit it so that the new external ip is set as trust. 11.22.33.44/32.

    * Domains. domain.com . Virtual servers. Update with the new virtual server.

    IV - Zimbra restart
    (As zimbra user)
    Code:
    zmcontrol stop
    zmcontrol start
    Last edited by adrian15; 04-02-2010 at 04:52 AM. Reason: Removing my mail

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •