Page 1 of 2

Hey ZCSFor

Posted: Wed Oct 05, 2005 2:22 am
by 7323graffiti
Hey ZCSForumTH,
Would you please write down exactly what you have done with your setup? I'm very interested in it, especially how to set Apache/mod_jk as the frontend of ZimbraWebclient and how to integrate Zimbra with existing packages.
TIA,
-g

Hey ZCSFor

Posted: Wed Oct 05, 2005 6:44 pm
by ZCSForumTH
Hey graffiti,
I have to admit that my installation process was a bit of a hack job :eek: , not a scripted process by any means of the imagination. But I'll try to put together a list of things I did and post it here.
I can tell you what I did for Apache/mod_jk, this was the most straight forward piece of the puzzle for me. If you already have mod_jk running with your Apache install all you need to do is add the following lines to your mod_jk config and these servlet calls will be sent over AJP to your tomcat:
[QUOTE]

JkMount /zimbra/mail worker1

JkMount /zimbra/auth/ worker1

JkMount /zimbra/js/*.jgz worker1

JkMount /zimbra/ worker1

JkMount /service/* worker1[/QUOTE]

You can replace "worker1" with whatever tomcat workers you have setup. You might be able to get rid of the mapping for the ".jgz" files with some configuration of mod_deflate or mod_mime_magic that will set the content types correctly so the browser will handle the compressed files. However I have not tried this yet.
You will also have to add aliases for the directories in Zimbra that you want to expose through Apache

[QUOTE]Alias /zimbra/img/ /opt/zimbra/jakarta-tomcat-5.5.7/webapps/zimbra/img/

Alias /zimbra/js/ /opt/zimbra/jakarta-tomcat-5.5.7/webapps/zimbra/js/

Alias /zimbra/public/ /opt/zimbra/jakarta-tomcat-5.5.7/webapps/zimbra/public/

Alias /zimbra/skins/ /opt/zimbra/jakarta-tomcat-5.5.7/webapps/zimbra/skins/

Alias /zimbra/test/ /opt/zimbra/jakarta-tomcat-5.5.7/webapps/zimbra/test/

Alias /zimbra/zimlets/ /opt/zimbra/jakarta-tomcat-5.5.7/webapps/zimbra/zimlets/[/QUOTE]

You may have to chage the file permissions on the filesystem to allow apache to read these directories. Not sure if all these directories are required.
I think you also need to chage the httpPort and httpsPort entries in the .../tomcat/webapps/zimbra/WEB-INF/web.xml to 80 and 443 respectively.
restart apache and tomcat and you sould be good to go.
I'll post more info when I have put it together. Maybe this should be moved to another thread, it does not directly relate to the original thread.
- Tom

Hey ZCSFor

Posted: Thu Oct 06, 2005 7:12 pm
by ZCSForumTH
Hey graffiti,
Here is some more info about the my install. First I created a zimbra group and user. Then I logged in as the zimbra user and did the build as documented in the devel blog (
http://www.zimbra.com/blog/archives/2005/08/developing_with.html)
>$ tar xvzf /path/to/your/downloads/zcs-src.tgz

$ cd ~/zcs-src/ZimbraBuild

$ make dev-install

So basically this creates all the binaries and war files for Zimbra. I was not using postfix with my current SuSE installation so I just used the one that Zimbra provided. postfix does have a dependency on libdb-4.2.so that I did not have installed (SuSE has libdb-4.3). You can either install db42 through YaST or use the one sitting in /opt/zimbra/lib. I just used the one provide by Zimbra. Then you can just do the postfix stuff for the dev install
Run these commands as root to initialize postfix:

# groupadd postdrop

# groupadd postfix

# useradd -d /opt/zimbra/postfix -g postfix postfix

# /opt/zimbra/postfix/sbin/postfix set-permissions

# chmod 775 /opt/zimbra/postfix/conf


Next thing to setup was MySQL, the version that comes with SuSE 9.3 is the same as the one shipped with Zimbra. So there shouldn't be any incompatibilities to worry about. I tried two options for integrating Zimbra with my installed MySQL. You can do some creative sym linking:

cd /opt/zimbra/db

ln -s /var/lib/mysql data

ln -s data/mysql.sock .

ln -s data/mysql.pid .


or you can actually change the localconfig variables in Zimbra to point to your default SuSE mysql install:

zmlocalconfig -c /opt/zimbra/conf/localconfig.xml -f -e mysql_data_directory=/var/lib/mysql

zmlocalconfig -c /opt/zimbra/conf/localconfig.xml -f -e mysql_pidfile=${mysql_data_directory}/mysql.pid

zmlocalconfig -c /opt/zimbra/conf/localconfig.xml -f -e mysql_socket=${mysql_data_directory}/mysql.pid


They both should work equally well but changing the Zimbra config variables is probably more correct.

Now you can create the MySql database for Zimbra as the zimbra user:

/usr/bin/mysql -u root -p 
/usr/bin/mysql -u root -p


Set the Zimbra mysql password to the defaults for the dev-install

zmlocalconfig -c /opt/zimbra/conf/localconfig.xml -f -e mysql_root_password=yourmysqlrootpassword

zmmypasswd zimbra


That should do it for integrating the Zimbra database with your existing MySQL setup.
If anyone sees any errors in this, please feel free to correct it. I'm writing this from what I recall doing so I'm sure I missed something. I could continue with what I did for LDAP if you are still interested.
- TH

Hey ZCSFor

Posted: Tue Oct 18, 2005 12:50 am
by 7323graffiti
Hey ZCSForumTH,
Thx for your info. The idea of integrating mysql is great! :). How about ldap?

Hey ZCSFor

Posted: Wed Oct 19, 2005 6:03 pm
by timjenne
I have everything installed, things go well on my new Suse Enterprise Server 9 server. But when I attempt to start Zimbra I get the following blob of errors. :(
zimbra@CAL01:/> /opt/zimbra/bin/zimbra start

Password:

Calling startup (CAL01.qisadvisors.com)
perl /opt/zimbra/bin/zmmon &
Can't load '/opt/zimbra/zimbramon/lib/i386-linux-thread-multi//auto/DBI/DBI.so' for module DBI: /opt/zimbra/zimbramon/lib/i386-linux-thread-multi//auto/DBI/DBI.so: cannot open shared object file: No such file or directory at /usr/lib/perl5/5.8.3/x86_64-linux-thread-multi/DynaLoader.pm line 229.

at /opt/zimbra/zimbramon/lib/i386-linux-thread-multi//DBI.pm line 254

BEGIN failed--compilation aborted at /opt/zimbra/zimbramon/lib/i386-linux-thread-multi//DBI.pm line 254.

Compilation failed in require at /opt/zimbra/zimbramon/lib/Zimbra/Mon/Admin.pm line 37.

BEGIN failed--compilation aborted at /opt/zimbra/zimbramon/lib/Zimbra/Mon/Admin.pm line 37.

Compilation failed in require at /opt/zimbra/zimbramon/lib/Zimbra/Mon/StatusMon.pm line 35.

BEGIN failed--compilation aborted at /opt/zimbra/zimbramon/lib/Zimbra/Mon/StatusMon.pm line 35.

Compilation failed in require at /opt/zimbra/bin/zmmon line 41.

BEGIN failed--compilation aborted at /opt/zimbra/bin/zmmon line 41.

Soap call failed: 500 Can't connect to localhost:7777 (connect: Connection refused) at /opt/zimbra/bin/zmcontrol line 230
I also get several complaints when I attempt to load ldap. :mad:
/opt/zimbra/openldap/libexec/slapd: error while loading shared libraries: libssl.so.4: cannot open shared object file: No such file or directory
I have been attempting to work my way through the advice provided to others but an very stuck
Tim Jenne

QIS Advisors

Hey ZCSFor

Posted: Wed Oct 19, 2005 7:17 pm
by 14319KevinH
Yeah this is a bit tougher. You'll need to hunt down the missing files and link o them or install them. Same for the ldap issues. This is since the paths in SuSE are a bit different than the build we have.

Hey ZCSFor

Posted: Wed Oct 19, 2005 7:25 pm
by marcmac
As far as the perl libraries go (DBI.so, etc), you'll want to rebuild them on your system - easiest is to use CPAN:
perl -MCPAN -e 'install '
Make sure you've got the mysql client libs installed and findable (.h files, too) or the DBI and DBD libs won't work right (which is what you're running into).

Hey ZCSFor

Posted: Fri Oct 21, 2005 2:31 am
by ZCSForumTH
Hey graffiti,
Integrating zimbra's ldap tree with your existing ldap could be tricky if you already have a large ldap hierarchy setup. Zimbra creates all the mail domains in the tree starting from the root which could cause some problems. I don't think there is way to change the baseDN that Zimbra uses. My baseDN did not conflict with the entries zimbra wants to add so it did not cause me that much trouble.
SuSE 9.3 uses a slightly older version of openldap than that which ships with zimbra (2.2.23 vs.2.2.26) but I did not experience any problems. First thing to do is copy the zimbra schemas to where your ldap config schemas are stored.
% cp /opt/zimbra/openldap-2.2.26/etc/openldap/schema/zimbra.schema /etc/openldap/schema/
I then created a file that defined the zimbra ldap store and saved it as:

/etc/openldap/zimbra_ldap.conf



#

# Zimbra ldap database definitions

#

database bdb

suffix ""

rootdn "uid=zimbra,cn=admins,cn=zimbra"

# Cleartext passwords, especially for the rootdn, should

# be avoid. See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

rootpw <<<<>>>>

# number of entries to keep in memory

cachesize 10000

# check point whenever 64k data bytes written or

# 5 minutes has elapsed whichever occurs first

checkpoint 64 5

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory "/opt/zimbra/openldap-data"

# Indices to maintain

index objectClass eq

index zimbraId eq

index zimbraMailAddress eq

index zimbraMailDeliveryAddress eq,sub

index zimbraMailAlias eq,sub

index zimbraDomainName eq,sub

index uid pres,eq

# white pages

index mail pres,eq,sub

index cn pres,eq,sub

index displayName pres,eq,sub

index sn pres,eq,sub

index gn pres,eq,sub
access to dn.base="cn=zimbra" by dn.children="cn=admins,cn=zimbra" write
# don't let anyone but admins access these attrs

access to attr=zimbraGalLdapBindPassword,zimbraGalLdapBindDn,zimbraAuthTokenKey,zimbraPasswordHistory,zimbraIsAdminAccount

by dn.children="cn=admins,cn=zimbra" write
# don't let user's change their own passwords, since we want

# to enforce password policy
access to attr=userPassword

by anonymous auth

by dn.children="cn=admins,cn=zimbra" write
access to *

by dn.children="cn=admins,cn=zimbra" write

by * read
###############################################

you should generate a secure hashed password using slappasswd and set that in the "rootpw" line in the zimbra_ldap.conf file.
Then you can edit your /etc/openldap/slapd.conf and add the zimra schema to your schema includes and at the end of the file include the zimbra_ldap.conf you created previously.:



include /etc/openldap/schema/zimbra.schema

...

...

...

include /etc/openldap/zimbra_ldap.conf

Create the directory for your zimbra ldap database and then restart your ldap server:

% mkdir -p /opt/zimbra/openldap-data
% su - root

# /etc/init.d/ldap restart
Before you import the ldap tree, first you have to edit the /opt/zimbra/conf/zimbra.ldif file. You need to search for the line containing "userPassword" and set it to a hashed password as generated by slappasswd. You may want to copy the file and edit the copy instead of changing the original. Now you can import the ldif file and set the password up in your local config file


/opt/zimbra/openldap/bin/ldapmodify -a -c -w YOURPASSWORD -D "uid=zimbra,cn=admins,cn=zimbra" -x -f /opt/zimbra/conf/zimbra.ldif

/opt/zimbra/openldap/bin/ldapmodify -a -c -w YOURPASSWORD -D "uid=zimbra,cn=admins,cn=zimbra" -x -f /opt/zimbra/openldap/etc/openldap/zimbra_mimehandlers.ldif
/opt/zimbra/bin/zmlocalconfig -f -e zimbra_ldap_password=YOURPASSWORD

/opt/zimbra/bin/zmlocalconfig -f -e ldap_root_password=YOURPASSWORD

That should do it. I also had to create my initial server and domain using zmprov. Depending on how you did your install you may not have to do this part. Let me know how it goes.
- TH

Hey ZCSFor

Posted: Sat Oct 29, 2005 6:16 pm
by PotatoBob
Ok I followed the mod_jk tut somwhat and I am having problems


with mod_proxy i was able to at least get to the login, but with mod_jk i can only get to the login if i type
Either">http://domain.com/zimbra?debug=1
Either
way I get

An unknown application error has occurred. Please correct any errors and retry. If the problem persists, please contact your System Aministrator. (INVALID_PDU)
I assume that you did not get this error? Did I miss somthing? (I am not using zmiptables as it doesnt work for me anyways, my iptables for somereason ignores the forwards...) so I have everything set to these ports

postfix 25

tomcat connectory port 7070 proxyport 7070 redirectport 443

ldap 7389

Hey ZCSFor

Posted: Tue Nov 01, 2005 9:25 pm
by ZCSForumTH
Hey PotatoBob,
If you used the JkMounts that were posted in this thread, your URL to access Zimbra through Apache would be:
If">http://domain.com/zimbra/
If
the login page comes up then the Apache --> mod_jk --> tomcat link is working. Does Zimbra work properly when you access it directly through tomcat:
Is">http://domain.com:7070/
Is
there any extra info in the zimbra.log? Maybe crank up your log level in the log4j.properties and see if it gives you more detailed error information.
- TH