Ajcody-Multi-Server-Installation-Notes: Difference between revisions
Line 777: | Line 777: | ||
======Finalize Setup Of First Mailstore Components====== | ======Finalize Setup Of First Mailstore Components====== | ||
---- | |||
You now see the installation finalize all the component configuration. | You now see the installation finalize all the component configuration. |
Revision as of 04:03, 13 September 2010
Multi-Server Installation Notes
Actual Multi-Server Installation Notes Homepage
Please see: Ajcody-Multi-Server-Installation-Notes
Related RFE's
Initial Planning Information
Proxy Hostname Pre-Setup
I'll be using DNS/BIND round-robin to have a proxy hostname that will use the various ZCS servers running the proxy services. This is the hostname that end-users will use for http and pop/imap. None of the actual servers will use be set to have this hostname. I'm using rr in the hostname so it's easy to recall it's a round-robin address. See HOWTO - Configure Load Balancing for more information in regards to BIND setup.
Example of BIND zone file entry:
rr608.zimbra.DOMAIN.com. IN MX 10 rr608.zimbra.DOMAIN.com. rr608 IN A 192.168.0.41 rr608 IN A 192.168.0.42 mail41 IN A 192.168.0.41 mail42 IN A 192.168.0.42 mail43 IN A 192.168.0.43 mail44 IN A 192.168.0.44 rrms608 IN A 192.168.0.43 rrms608 IN A 192.168.0.44
I'll be configuring the following ZCS services for the various hostnames and in this order:
- mail41
- LDAP master, MTA, SNMP, Proxy [nginx]
- mail43
- Mailstore, Logger, Apache , Spell, Convertd, SNMP, Memcache
- mail44
- Mailstore , Archive & Discovery , Apache , Spell, Convertd, SNMP, Memcache
- mail42
- LDAP slave, MTA, SNMP, Proxy [nginx]
What we'll be able to use this round-robin hostname, rr608.zimbra.DOMAIN.com , for throughout our setup.
- The proxy.node.service.hostname variable.
- The zimbraPublicServiceHostname variable.
- The default domainname for your email domain.
- SMTP host for the mailstore setup.
What we'll be able to use this round-robin hostname, rrms608.zimbra.DOMAIN.com , for throughout our setup.
- MTA Auth hosts
- The MTA Auth host is a mailstore the mta quires for user authentication purposes.
Installation Of LDAP Master Also With MTA Or MTA And Proxy Components
Install Of LDAP Master
The multi-server installation guide will mention:
- Important: Install the servers in the following order
- LDAP server
- Zimbra mailbox servers
- Zimbra MTA servers
- Note: Zimbra-proxy is normally installed on the MTA server or you can install it on its own server.
One thing you'll notice is the mta is last, but for many customers they might want the ldap server also to be the mta or the mta+proxy. You'll see this in the installer if you attempt to include the mta component with your first ldap server.
LDAP Master Server Package Selection
Select the packages to install Install zimbra-ldap [Y] Install zimbra-logger [Y] n Install zimbra-mta [Y] y Install zimbra-snmp [Y] Install zimbra-store [Y] n Install zimbra-apache [Y] n Install zimbra-spell [Y] n Install zimbra-convertd [N] n Install zimbra-memcached [N] n Install zimbra-proxy [N] y Checking required space for zimbra-core Installing: zimbra-core zimbra-ldap zimbra-mta zimbra-snmp zimbra-proxy ### cut ### Installing packages zimbra-core......zimbra-core-6.0.8_GA_2661.RHEL5_64-20100824100342.x86_64.rpm...done zimbra-ldap......zimbra-ldap-6.0.8_GA_2661.RHEL5_64-20100824100342.x86_64.rpm...done zimbra-mta......zimbra-mta-6.0.8_GA_2661.RHEL5_64-20100824100342.x86_64.rpm...done zimbra-snmp......zimbra-snmp-6.0.8_GA_2661.RHEL5_64-20100824100342.x86_64.rpm...done zimbra-proxy......zimbra-proxy-6.0.8_GA_2661.RHEL5_64-20100824100342.x86_64.rpm...done Operations logged to /tmp/zmsetup.09122010-125617.log Installing LDAP configuration database...done. ### cut ### Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled 3) zimbra-mta: Enabled ******* +MTA Auth host: UNSET +Enable Spamassassin: yes +Enable Clam AV: yes +Notification address for AV alerts: admin@rr608.zimbra.DOMAIN.com +Bind password for postfix ldap user: set +Bind password for amavis ldap user: set 4) zimbra-snmp: Enabled 5) zimbra-proxy: Enabled 6) Enable default backup schedule: yes r) Start servers after configuration yes s) Save config to file x) Expand menu q) Quit Address unconfigured (**) items (? - help)
LDAP Master Server Configuration Menu Choices
You'll want to set the following:
- 1) Common Configuration
- 4) Ldap Admin password
- 2) zimbra-ldap
- 2) Create Domain: yes
- 3) Domain to create: mail41.zimbra.DOMAIN.com
- I changed this to be : rr608.zimbra.DOMAIN.com
- 4) Ldap root password: set
- 5) Ldap replication password: set
- 6) Ldap postfix password: set
- 7) Ldap amavis password: set
- 8) Ldap nginx password: set
- You should have all the passwords noted somewhere for the other server installations.
- 3) zimbra-mta
- 1) Status: Enabled
- 2) MTA Auth host: UNSET
- Notice the "MTA Auth host:" defaults to UNSET. The MTA Auth host is to be a mailstore that the mta will send user pop/imap authentication requests to. You'll also notice later down in the installation guide under the "Installing Zimbra LDAP Master Server" this statement:
- 2. Type Y and press Enter to install the zimbra-ldap package.
- The MTA, Store and Logger packages should be marked N.
- We are ignoring this statement in our exercise here since we also want have our LDAP Master to run the MTA component. You will later see an error message because we've done this when the installation goes to setup the MTA - documented below under Error_During_MTA_Installation
- In my example here, I put in : rrms608.zimbra.DOMAIN.com : which will round-robin pop/imap authentication requests to all of my mailstores rather than just one mailstore.
- Notice the "MTA Auth host:" defaults to UNSET. The MTA Auth host is to be a mailstore that the mta will send user pop/imap authentication requests to. You'll also notice later down in the installation guide under the "Installing Zimbra LDAP Master Server" this statement:
- 3) Enable Spamassassin: yes
- 4) Enable Clam AV: yes
- 5) Notification address for AV alerts: admin@rr608.zimbra.DOMAIN.com
- 6) Bind password for postfix ldap user: set
- 7) Bind password for amavis ldap user: set
- 5) zimbra-proxy
- 1) Status: Enabled
- 2) Enable POP/IMAP Proxy: TRUE
- 3) IMAP server port: 7143
- 4) IMAP server SSL port: 7993
- 5) IMAP proxy port: 143
- 6) IMAP SSL proxy port: 993
- 7) POP server port: 7110
- 8) POP server SSL port: 7995
- 9) POP proxy port: 110
- 10) POP SSL proxy port: 995
- 11) Bind password for nginx ldap user: set
- 12) Enable HTTP[S] Proxy: FALSE
- Change this to TRUE and it will automatically setup other variables as well.
- 13) Web server HTTP port: 80
- 14) Web server HTTPS port: 443
- 15) HTTP proxy port: 8080
- 16) HTTPS proxy port: 8443
- 17) Proxy server mode: http
- Leave this variable to http , do not change it.
- Change this to TRUE and it will automatically setup other variables as well.
Error During MTA Installation
Notice the "MTA Auth host:" being UNSET. The MTA Auth host is to be a mailstore that the mta will send auth requests to. You'll also notice later down in the installation guide under the "Installing Zimbra LDAP Master Server" this statement:
2. Type Y and press Enter to install the zimbra-ldap package. The MTA, Store and Logger packages should be marked N.
You can set the mailstore hostname though, even before it has been setup. You'll see an error message like this later though.
WARNING You are configuring this host as an MTA server, but the specified mailstore used for authentication has not been configured to run the mailbox service yet. This will cause smtp authentication to fail. To correct this - after installing a mailstore server, reset the zimbraMtaAuthHost attribute for this server: /opt/zimbra/bin/zmprov -m -l ms mail41.zimbra.DOMAIN.com zimbraMtaAuthHost rrms608.zimbra.DOMAIN.com Once done, start the MTA: zmmtactl start Press return to continue Setting MTA auth host...failed.
Error During Proxy Installation
If you also included Proxy during the install of your LDAP master, you'll see this later during the installation after it does the MTA message above.
WARNING You are configuring this host as a proxy server, but there is currently no mailstore to proxy. This will cause proxy startup to fail. Once you have installed a store server, start the proxy service: zmproxyctl start Press return to continue WARNING You are configuring this host as a proxy server, but there is currently no memcached service for proxy. The proxy service will not work correctly. Once you have installed a memcached server, restart the proxy service: zmproxyctl restart Press return to continue Initializing mta config...done.
Status Once Finished With Installer On Ldap Master Plus MTA And Proxy
Just to show the status of the server once the installation is over.
$ zmcontrol restart Host mail41.zimbra.DOMAIN.com Stopping stats...Done. Stopping mta...Done. Stopping spell...Done. Stopping snmp...Done. Stopping archiving...Done. Stopping antivirus...Done. Stopping antispam...Done. Stopping imapproxy...Done. Stopping memcached...Done. Stopping mailbox...Done. Stopping logger...Done. Stopping ldap...Done. Host mail41.zimbra.DOMAIN.com Starting ldap...Done. Starting imapproxy...Failed. /opt/zimbra/conf/nginx.conf is missing. Starting nginx...failed. /opt/zimbra/conf/nginx.conf is missing. Starting antispam...Done. Starting antivirus...Done. Starting snmp...Done. Starting mta...Failed. Starting zmmtaconfig...zmmtaconfig is already running. Starting saslauthd...saslauthd[13910] :set_auth_mech : failed to initialize mechanism zimbra failed. zmsaslauthdctl failed to start Starting stats...Done. $ zmcontrol status Host mail41.zimbra.DOMAIN.com antispam Running antivirus Running imapproxy Stopped zmnginxctl is not running ldap Running mta Stopped zmsaslauthdctl is not running snmp Running stats Running
Now The First Mailstore Install
Now we'll setup the first mailstore, the same mailstore that uses the hostname that you used on the LDAP master for the MTA Auth host variable.
First Mailstore Server Package Selection
Packing selection, my example also assumes proxy was included on the LDAP master.
Select the packages to install Install zimbra-ldap [Y] n Install zimbra-logger [Y] y Install zimbra-mta [Y] n Install zimbra-snmp [Y] y Install zimbra-store [Y] y Install zimbra-apache [Y] y Install zimbra-spell [Y] y Install zimbra-convertd [Y] y Install zimbra-memcached [N] y Install zimbra-proxy [N] n Install zimbra-archiving [N] n Checking required space for zimbra-core checking space for zimbra-store Installing: zimbra-core zimbra-logger zimbra-snmp zimbra-store zimbra-apache zimbra-spell zimbra-convertd zimbra-memcached
First Mailstore Server Configuration Menu Choices
And then you'll end up with the configuration menu, shown below. We'll first want to setup the ldap options.
1) Common Configuration: +Hostname: mail43.zimbra.DOMAIN.com ******* +Ldap master host: UNSET +Ldap port: 389 ******* +Ldap Admin password: UNSET +LDAP Base DN: cn=zimbra +Secure interprocess communications: yes +TimeZone: America/Chicago 2) zimbra-store: Enabled +Create Admin User: yes +Admin user to create: admin@mail43.zimbra.DOMAIN.com ******* +Admin Password UNSET +Enable automated spam training: yes +Spam training user: spam.piktnhwfc2@mail43.zimbra.DOMAIN.com +Non-spam(Ham) training user: ham.z7qq8w1mb@mail43.zimbra.DOMAIN.com +Global Documents Account: wiki@mail43.zimbra.DOMAIN.com ******* +SMTP host: UNSET +Web server HTTP port: 80 +Web server HTTPS port: 443 +Web server mode: http +IMAP server port: 143 +IMAP server SSL port: 993 +POP server port: 110 +POP server SSL port: 995 +Use spell check server: yes +Spell server URL: http://mail43.zimbra.DOMAIN.com:7780/aspell.php +Configure for use with mail proxy: FALSE +Configure for use with web proxy: FALSE +Enable version update checks: TRUE +Enable version update notifications: TRUE +Version update notification email: admin@mail43.zimbra.DOMAIN.com +Version update source email: admin@mail43.zimbra.DOMAIN.com ******* +License filename: UNSET 3) zimbra-snmp: Enabled 4) zimbra-logger: Enabled 5) zimbra-spell: Enabled 6) zimbra-convertd: Enabled 7) Default Class of Service Configuration: 8) Enable default backup schedule: yes r) Start servers after configuration yes s) Save config to file x) Expand menu q) Quit Address unconfigured (**) items (? - help)
Select 1, for the Common Configuration options.
- 1) Common Configuration
- 1) Hostname: mail43.zimbra.DOMAIN.com
- **2) Ldap master host: UNSET
- Set this to your LDAP Master's hostname - mail41.zimbra.DOMAIN.com in our example here.
- 3) Ldap port: 389
- ** 4) Ldap Admin password: UNSET
- This was the Ldap Admin password that you set during the LDAP Master installation.
- 5) LDAP Base DN: cn=zimbra
- 6) Secure interprocess communications: yes
- 7) TimeZone: America/Chicago
Ending up with something that looks like:
Common configuration 1) Hostname: mail43.zimbra.DOMAIN.com 2) Ldap master host: mail41.zimbra.DOMAIN.com 3) Ldap port: 389 4) Ldap Admin password: set 5) LDAP Base DN: cn=zimbra 6) Secure interprocess communications: yes 7) TimeZone: America/Chicago Select, or 'r' for previous menu [r] r
Hit , R , to go back to the main configuration screen. Once the installer has the information for the ldap master and the ldap admin password is will pull down the configuration options that are relevant from the ldap master. Now we'll configure the "2) zimbra-store" options. Variables we'll need to change or confirm that it is what you want under the 2) zimbra-store: section:
- +Admin Password UNSET
- This is the admin user password that you use, for example, to log into the web admin console.
- +Web server mode: http
- Please enter the web server mode (http,https,both,mixed,redirect) [http]
- Note - In the admin guide under the Proxy section, you'll see it states that only HTTP is supported . It says, "zimbraMailMode to http. This is the only supported mode." The zimbraMailMode, which is set to HTTP on the mailstores, is different than zimbraReverseProxyMailMode - which is set to BOTH on the proxy hosts.
- Reference is Latest Admin Guide under Working with Zimbra Proxy > Configuring ZCS HTTP Proxy.
- +SMTP host: UNSET
- In our example here, we'll use our round-robin hostname that will resolve to our two ldap+mta+proxy servers. Normally, you would put the hostname of the one server or a server that has the mta package installed.
- I didn't get an error while setting this in the configuration panel though the mta service was still not running on the ldap master - see above.
- +Configure for use with mail proxy: FALSE
- I set to TRUE. This is either TRUE or FALSE , related to memcache I believe. We are lacking doc's that use the phrase in the installer.
- +Configure for use with web proxy: FALSE
- I set to TRUE. This is either TRUE or FALSE , related to memcache I believe. We are lacking doc's that use the phrase in the installer.
- +License filename: UNSET
My final setup for the 2) zimbra-store section was:
Store configuration 1) Status: Enabled 2) Create Admin User: yes 3) Admin user to create: admin@rr608.zimbra.DOMAIN.com 4) Admin Password set 5) Enable automated spam training: yes 6) Spam training user: spam.vrz5nb5c7u@rr608.zimbra.DOMAIN.com 7) Non-spam(Ham) training user: ham.nyel0ae_@rr608.zimbra.DOMAIN.com 8) Global Documents Account: wiki@rr608.zimbra.DOMAIN.com 9) SMTP host: rr608.zimbra.DOMAIN.com 10) Web server HTTP port: 80 11) Web server HTTPS port: 443 12) HTTP proxy port: 8080 13) HTTPS proxy port: 8443 14) Web server mode: http 15) IMAP server port: 143 16) IMAP server SSL port: 993 17) IMAP proxy port: 7143 18) IMAP SSL proxy port: 7993 19) POP server port: 110 20) POP server SSL port: 995 21) POP proxy port: 7110 22) POP SSL proxy port: 7995 23) Use spell check server: yes 24) Spell server URL: http://mail43.zimbra.DOMAIN.com:7780/aspell.php 25) Configure for use with mail proxy: TRUE 26) Configure for use with web proxy: TRUE 27) Enable version update checks: TRUE 28) Enable version update notifications: TRUE 29) Version update notification email: admin@rr608.zimbra.DOMAIN.com 30) Version update source email: admin@rr608.zimbra.DOMAIN.com
You should now be ready to apply the configuration and continue to the next parts of the installation.
Finalize Setup Of Second Mailstore Components
You now see the installation finalize all the component configuration.
One thing to note is I saw this message in the CLI log output:
Setting zimbraSmtpHostname for mail43.zimbra.DOMAIN.com...done. Configuring SNMP...done.
Though we had the following variable set:
9) SMTP host: rr608.zimbra.DOMAIN.com
But, after the install finished I then doubled checked the variable settings on the mailstore.
# su - zimbra [zimbra@mail44 ~]$ zmprov gs `zmhostname`|grep -i smtp zimbraSmtpHostname: rr608.zimbra.DOMAIN.com zimbraSmtpPort: 25 zimbraSmtpSendPartial: FALSE zimbraSmtpTimeout: 60
Checking Status Of Both Servers
Once the mailstore server is done with the installation, both servers should be functioning fully. A status check on the LDAP master will show no error now.
On the LDAP master:
[zimbra@mail41 ~]$ zmcontrol status Host mail41.zimbra.DOMAIN.com antispam Running antivirus Running imapproxy Running ldap Running mta Running snmp Running stats Running [zimbra@mail41 ~]$ zmprov -l gas mail41.zimbra.DOMAIN.com mail43.zimbra.DOMAIN.com
On the mailstore you just installed, service should show running as well.
[zimbra@mail43 ~]$ zmcontrol status Host mail43.zimbra.DOMAIN.com convertd Running logger Running mailbox Running memcached Running snmp Running spell Running stats Running
One should even be able to create an account from the CLI on the LDAP master now.
On the LDAP master:
$ zmprov -l ca ajcody@rr608.zimbra.DOMAIN.com My_Password displayName 'Adam Cody' givenName Adam sn Cody c73829c2-3321-4e6c-bc7a-6c8eb29c4e3c
You should now be able to login to the ZWC client using this client. The url that should work is http://[Round-Robin Alias Hostname.DOMAIN - http://rr608.zimbra.DOMAIN.com using our example here. Note though, if you already included other proxy servers in DNS/BIND for the round-robin entry you might need to test using the ip address of your LDAP Master instead. Your client might of pulled the other ip address of the other server you have yet to set up. If you didn't setup a round-robin hostname, then http://[LDAP Master Hostname.DOMAIN should work.
A direct call to the mailstore, like this: http://[Mailstore Hostname].DOMAIN should fail. If the opposite is true, then you most likely changed zimbraMailMode from the default of http to something else. See the below section about fixing this.
Remember, on the proxy node [LDAP Master], you can check the following logs to see what is happening with your proxy setup.
- /opt/zimbra/log/nginx.log
- /opt/zimbra/log/nginx.access.log
Proxy Isn't Working For HTTP Clients - Login Issues
During the installation configuration section, under the 2) zimbra-store: section, you most likely changed Web server mode to something other than http. Here's my notes about that variable and later fixing it.
- +Web server mode: http
- Please enter the web server mode (http,https,both,mixed,redirect) [http]
- Note - In the admin guide under the Proxy section, you'll see that it states only HTTP is supported . It says, "zimbraMailMode to http. This is the only supported mode." The zimbraMailMode, which is set to HTTP on the mailstores, is different than zimbraReverseProxyMailMode - which is set to BOTH on the proxy hosts.
- Reference is Latest Admin Guide under Working with Zimbra Proxy > Configuring ZCS HTTP Proxy.
- If you messed this up, to fix under ZCS 6+ after the installation was done on both servers.
- On the Mailstore do:
/opt/zimbra/libexec/zmproxyconfig -e -w -H mailbox.node.service.hostname
- Example:
/opt/zimbra/libexec/zmproxyconfig -e -w -H mail43.zimbra.DOMAIN.com
zmcontrol restart
- and for each domain you currently have configured, do:
zmprov modifyDomain <domain.com> zimbraPublicServiceHostname <hostname.domain.com>
- Example:
zmprov modifyDomain rr608.zimbra.DOMAIN.com zimbraPublicServiceHostname rr608.zimbra.DOMAIN.com
- On LDAP master with mta and proxy installed:
/opt/zimbra/libexec/zmproxyconfig -e -w -H proxy.node.service.hostname
- Example:
/opt/zimbra/libexec/zmproxyconfig -e -w -H mail41.zimbra.DOMAIN.com
zmcontrol restart
- On the Mailstore do:
- Note : After I resolved the proxy configuration testing ZWC accessed showed that I had to use the round-robin hostname I have and that using the ip address of my LDAP master wouldn't work. The ZWC client would give the following if I used the LDAP master ip address in the url:
- 500 Internal Server Error - nginx
- See CLI_zmtlsctl_to_set_Web_Server_Mode for more about the zimbraMailMode
Proxy Isn't Working For HTTP Clients - Email Sending Issues
If you try to send an email with the ZWC client, you might get an error about mail.TRY_AGAIN . This, again, is probably because you have setup the round-robin option in DNS/BIND for your SMTP/MTA variables. Your mailstore probably queried an ip address for the hostname, rr608.zimbra.DOMAIN.com using our example, that hasn't has Zimbra installed yet. For example, here's what my mailstore - mail43 - showed when I couldn't send.
$ host rr608.zimbra.DOMAIN.com rr608.zimbra.DOMAIN.com has address 192.168.0.42 rr608.zimbra.DOMAIN.com has address 192.168.0.41 rr608.zimbra.DOMAIN.com mail is handled by 10 rr608.zimbra.DOMAIN.com.
192.168.0.42 is for mail42 in my example here and I still haven't installed Zimbra on it yet.
Other error messages you might see - example from mailbox.log on mailstore user was created on:
com.zimbra.common.service.ServiceException: system failure: Unable to get SMTP session for [com.zimbra.cs.account.ldap.LdapAccount ajcody@rr608.zimbra.DOMAIN.com] ExceptionId:btpool0-12://rr608.zimbra.homeunix.com/service/soap/SendMsgRequest:1284347327964:0d190c6e6fa9bec4 Code:service.FAILURE at com.zimbra.common.service.ServiceException.FAILURE(ServiceException.java:248) [cut] at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:413) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:451) Caused by: javax.mail.MessagingException: No SMTP hosts available for domain rr608.zimbra.DOMAIN.com [cut]
This issue should disappear once all your MTA servers that are in your round-robin hostname [rr608.zimbra.DOMAIN.com in our example] have ZCS installed, configured, and are running.
The Second Mailstore Installation
Second Mailstore Server Package Selection
Select the packages to install Install zimbra-ldap [Y] n Install zimbra-logger [Y] n Install zimbra-mta [Y] n Install zimbra-snmp [Y] y Install zimbra-store [Y] y Install zimbra-apache [Y] y Install zimbra-spell [Y] y Install zimbra-convertd [Y] y Install zimbra-memcached [N] y Install zimbra-proxy [N] n Install zimbra-archiving [N] y Checking required space for zimbra-core checking space for zimbra-store Installing: zimbra-core zimbra-snmp zimbra-store zimbra-apache zimbra-spell zimbra-convertd zimbra-memcached zimbra-archiving
Second Mailstore Server Configuration Menu Choices
And then you'll end up with the configuration menu, shown below. We'll first want to setup the ldap options.
1) Common Configuration: +Hostname: mail44.zimbra.DOMAIN.com ******* +Ldap master host: UNSET +Ldap port: 389 ******* +Ldap Admin password: UNSET +LDAP Base DN: cn=zimbra +Secure interprocess communications: yes +TimeZone: America/Chicago 2) zimbra-store: Enabled +Create Admin User: yes +Admin user to create: admin@mail44.zimbra.DOMAIN.com ******* +Admin Password UNSET +Enable automated spam training: yes +Spam training user: spam.piktnhwfc2@mail44.zimbra.DOMAIN.com +Non-spam(Ham) training user: ham.z7qq8w1mb@mail44.zimbra.DOMAIN.com +Global Documents Account: wiki@mail44.zimbra.DOMAIN.com ******* +SMTP host: UNSET +Web server HTTP port: 80 +Web server HTTPS port: 443 +Web server mode: http +IMAP server port: 143 +IMAP server SSL port: 993 +POP server port: 110 +POP server SSL port: 995 +Use spell check server: yes +Spell server URL: http://mail44.zimbra.DOMAIN.com:7780/aspell.php +Configure for use with mail proxy: FALSE +Configure for use with web proxy: FALSE +Enable version update checks: TRUE +Enable version update notifications: TRUE +Version update notification email: admin@mail44.zimbra.DOMAIN.com +Version update source email: admin@mail44.zimbra.DOMAIN.com ******* +License filename: UNSET 3) zimbra-snmp: Enabled 4) zimbra-logger: Enabled 5) zimbra-spell: Enabled 6) zimbra-convertd: Enabled 7) Default Class of Service Configuration: 8) Enable default backup schedule: yes r) Start servers after configuration yes s) Save config to file x) Expand menu q) Quit Address unconfigured (**) items (? - help)
Select 1, for the Common Configuration options.
- 1) Common Configuration
- 1) Hostname: mail44.zimbra.DOMAIN.com
- **2) Ldap master host: UNSET
- Set this to your LDAP Master's hostname - mail41.zimbra.DOMAIN.com in our example here.
- 3) Ldap port: 389
- ** 4) Ldap Admin password: UNSET
- This was the Ldap Admin password that you set during the LDAP Master installation.
- 5) LDAP Base DN: cn=zimbra
- 6) Secure interprocess communications: yes
- 7) TimeZone: America/Chicago
Ending up with something that looks like:
Common configuration 1) Hostname: mail44.zimbra.DOMAIN.com 2) Ldap master host: mail41.zimbra.DOMAIN.com 3) Ldap port: 389 4) Ldap Admin password: set 5) LDAP Base DN: cn=zimbra 6) Secure interprocess communications: yes 7) TimeZone: America/Chicago Select, or 'r' for previous menu [r] r
Hit , R , to go back to the main configuration screen. Once the installer has the information for the ldap master and the ldap admin password is will pull down the configuration options that are relevant from the ldap master. Now we'll configure the "2) zimbra-store" options. Variables we'll need to change or confirm that it is what you want under the 2) zimbra-store: section:
- +Admin Password UNSET
- This is the admin user password that you use, for example, to log into the web admin console.
- +Web server mode: http
- Please enter the web server mode (http,https,both,mixed,redirect) [http]
- Note - In the admin guide under the Proxy section, you'll see it states that only HTTP is supported . It says, "zimbraMailMode to http. This is the only supported mode." The zimbraMailMode, which is set to HTTP on the mailstores, is different than zimbraReverseProxyMailMode - which is set to BOTH on the proxy hosts.
- Reference is Latest Admin Guide under Working with Zimbra Proxy > Configuring ZCS HTTP Proxy.
- +SMTP host: UNSET
- In our example here, we'll use our round-robin hostname that will resolve to our two ldap+mta+proxy servers. Normally, you would put the hostname of the one server or a server that has the mta package installed.
- I didn't get an error while setting this in the configuration panel though the mta service was still not running on the ldap master - see above.
- +Configure for use with mail proxy: FALSE
- I set to TRUE. This is either TRUE or FALSE , related to memcache I believe. We are lacking doc's that use the phrase in the installer.
- +Configure for use with web proxy: FALSE
- I set to TRUE. This is either TRUE or FALSE , related to memcache I believe. We are lacking doc's that use the phrase in the installer.
- +License filename: UNSET
My final setup for the 2) zimbra-store section was:
Store configuration 1) Status: Enabled 2) Create Admin User: no 3) Enable automated spam training: yes 4) SMTP host: rr608.zimbra.DOMAIN.com 5) Web server HTTP port: 80 6) Web server HTTPS port: 443 7) HTTP proxy port: 8080 8) HTTPS proxy port: 8443 9) Web server mode: http 10) IMAP server port: 143 11) IMAP server SSL port: 993 12) IMAP proxy port: 7143 13) IMAP SSL proxy port: 7993 14) POP server port: 110 15) POP server SSL port: 995 16) POP proxy port: 7110 17) POP SSL proxy port: 7995 18) Use spell check server: yes 19) Spell server URL: http://mail44.zimbra.DOMAIN.com:7780/aspell.php 20) Configure for use with mail proxy: TRUE 21) Configure for use with web proxy: TRUE 22) Enable version update checks: TRUE 23) Enable version update notifications: TRUE
You should now be ready to apply the configuration and continue to the next parts of the installation.
Finalize Setup Of First Mailstore Components
You now see the installation finalize all the component configuration.
One thing to note is I saw this message in the CLI log output:
Setting zimbraSmtpHostname for mail44.zimbra.DOMAIN.com...done. Configuring SNMP...done.
Though we had the following variable set:
9) SMTP host: rr608.zimbra.DOMAIN.com
But, after the install finished I then doubled checked the variable settings on the mailstore.
# su - zimbra [zimbra@mail43 ~]$ zmprov gs `zmhostname`|grep -i smtp zimbraSmtpHostname: rr608.zimbra.DOMAIN.com zimbraSmtpPort: 25 zimbraSmtpSendPartial: FALSE zimbraSmtpTimeout: 60
The Second LDAP-MTA-PROXY Installation
Enable Replication On LDAP Master Before Continuing
[zimbra@mail41 ~]$ /opt/zimbra/libexec/zmldapenablereplica Enabling sync provider on master...succeeded
Second LDAP-MTA-PROXY Server Package Selection
Select the packages to install Install zimbra-ldap [Y] Y Install zimbra-logger [Y] n Install zimbra-mta [Y] y Install zimbra-snmp [Y] y Install zimbra-store [Y] n Install zimbra-apache [Y] n Install zimbra-spell [Y] n Install zimbra-convertd [N] n Install zimbra-memcached [N] n Install zimbra-proxy [N] y Checking required space for zimbra-core Installing: zimbra-core zimbra-ldap zimbra-mta zimbra-snmp zimbra-proxy
Second LDAP-MTA-PROXY Server Configuration Menu Choices
You'll want to set the following:
- 1) Common Configuration
- 1) Hostname: mail42.zimbra.DOMAIN.com
- This will stay as is since it's asking for the local servers name.
- 2) Ldap master host: mail42.zimbra.DOMAIN.com
- This will get CHANGED to the LDAP MASTER
- Ldap master host: mail41.zimbra.DOMAIN.com
- This will get CHANGED to the LDAP MASTER
- 4) Ldap Admin password: set
- Check that the password is set correctly -- as it was set on the LDAP Master.
- I had to set my to the correct password - it was using a random generated one.
- 1) Hostname: mail42.zimbra.DOMAIN.com
- 2) zimbra-ldap
- 2) Create Domain: yes
- Change this to be NO.
- 4) Ldap root password: set
- Check that the password is set correctly -- as it was set on the LDAP Master.
- I had to set my to the correct password - it was using a random generated one.
- 5) Ldap replication password: set
- Check that the password is set correctly -- as it was set on the LDAP Master.
- I had to set my to the correct password - it was using a random generated one.
- 6) Ldap postfix password: set
- Check that the password is set correctly -- as it was set on the LDAP Master.
- I had to set my to the correct password - it was using a random generated one.
- 7) Ldap amavis password: set
- Check that the password is set correctly -- as it was set on the LDAP Master.
- I had to set my to the correct password - it was using a random generated one.
- 8) Ldap nginx password: set
- Check that the password is set correctly -- as it was set on the LDAP Master.
- I had to set my to the correct password - it was using a random generated one.
- 2) Create Domain: yes
- You should have all the passwords noted somewhere for the other server installations.
- 3) zimbra-mta
- 1) Status: Enabled
- 2) MTA Auth host: UNSET
- Notice the "MTA Auth host:" defaults to UNSET. The MTA Auth host is to be a mailstore that the mta will send user pop/imap authentication requests to. You'll also notice later down in the installation guide under the "Installing Zimbra LDAP Master Server" this statement:
- 2. Type Y and press Enter to install the zimbra-ldap package.
- The MTA, Store and Logger packages should be marked N.
- We are ignoring this statement in our exercise here since we also want have our LDAP Master to run the MTA component. You will later see an error message because we've done this when the installation goes to setup the MTA - documented below under Error_During_MTA_Installation
- In my example here, I put in : rrms608.zimbra.DOMAIN.com : which will round-robin pop/imap authentication requests to all of my mailstores rather than just one mailstore.
- Notice the "MTA Auth host:" defaults to UNSET. The MTA Auth host is to be a mailstore that the mta will send user pop/imap authentication requests to. You'll also notice later down in the installation guide under the "Installing Zimbra LDAP Master Server" this statement:
- 3) Enable Spamassassin: yes
- 4) Enable Clam AV: yes
- 5) Notification address for AV alerts: admin@mail42.zimbra.DOMAIN.com
- Change this to be admin@rr608.zimbra.DOMAIN.com .
- 6) Bind password for postfix ldap user: set
- Check that the password is set correctly -- as it was set on the LDAP Master.
- 7) Bind password for amavis ldap user: set
- Check that the password is set correctly -- as it was set on the LDAP Master.
- 5) zimbra-proxy
- 1) Status: Enabled
- 2) Enable POP/IMAP Proxy: TRUE
- 3) IMAP server port: 7143
- 4) IMAP server SSL port: 7993
- 5) IMAP proxy port: 143
- 6) IMAP SSL proxy port: 993
- 7) POP server port: 7110
- 8) POP server SSL port: 7995
- 9) POP proxy port: 110
- 10) POP SSL proxy port: 995
- 11) Bind password for nginx ldap user: set
- 12) Enable HTTP[S] Proxy: FALSE
- Change this to TRUE and it will automatically setup other variables as well.
- 13) Web server HTTP port: 80
- 14) Web server HTTPS port: 443
- 15) HTTP proxy port: 8080
- 16) HTTPS proxy port: 8443
- 17) Proxy server mode: http
- Leave this variable to http , do not change it.
- Change this to TRUE and it will automatically setup other variables as well.
Finalize Setup Of Second LDAP-MTA-PROXY Components
Including the output of the log events as shown as the installation finishes here.
*** CONFIGURATION COMPLETE - press 'a' to apply Select from menu, or press 'a' to apply config (? - help) a Save configuration data to a file? [Yes] yes Save config in file: [/opt/zimbra/config.8156] Saving config in /opt/zimbra/config.8156...done. The system will be modified - continue? [No] yes Operations logged to /tmp/zmsetup.09122010-222512.log Setting local config values...done. Updating ldap_root_password and zimbra_ldap_password...done. Setting up CA...done. Deploying CA to /opt/zimbra/conf/ca ...done. Creating SSL certificate...done. Installing MTA SSL certificates...done. Creating server entry for mail42.zimbra.DOMAIN.com...done. Updating ldap_root_password and zimbra_ldap_password...done. Enabling ldap replication...done. Stopping ldap...done. Running bdb db_recover...done. Running zmldapapplyldif...done. Checking ldap status....already running. Setting ldap root password...done. Setting ldap admin password...done. Setting replication password...done. Setting Postfix password...done. Setting amavis password...done. Setting nginx password...done. Saving CA in ldap ...done. Saving SSL Certificate in ldap ...done. WARNING You are configuring this host as an MTA server, but the specified mailstore used for authentication has not been configured to run the mailbox service yet. This will cause smtp authentication to fail. To correct this - after installing a mailstore server, reset the zimbraMtaAuthHost attribute for this server: /opt/zimbra/bin/zmprov -m -l ms mail42.zimbra.DOMAIN.com zimbraMtaAuthHost rrms608.zimbra.DOMAIN.com Once done, start the MTA: zmmtactl start Press return to continue Setting MTA auth host...failed. Initializing mta config...done. Setting services on mail42.zimbra.DOMAIN.com...done. Configuring SNMP...done. Setting up syslog.conf...done. Setting default backup schedule...Done Starting servers...done. Setting up zimbra crontab...done. Moving /tmp/zmsetup.09122010-222512.log to /opt/zimbra/log Configuration complete - press return to exit