Ajcody-Notes

Revision as of 12:51, 9 July 2008 by Ajcody (talk | contribs)
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

General Notes

Dos/Unix New Lines (License issues)

vi file and then

:set list

Zimbra Variable

Ways to check on different zimbra variables.

su - zimbra
zmlocalconfig -i
zmlocalconfig -d
cd /opt/zimbra/conf/attrs
more zimbra-attrs.xml
cd /opt/zimbra/openldap/etc/openldap/schema/
more zimbra.schema

Zimbra Contact Fields For CSV Import Mapping

Please see /opt/zimbra/conf/zimbra-contact-fields.xml

What's My Server Like

To dump out your server details, these commands are useful.

zmprov gs yourdomainname
zmprov gacf
zmlocalconfig
zmdumpenv

Another good document to review for "odd performance" issues is the large server wiki.

http://wiki.zimbra.com/index.php?title=Performance_Tuning_Guidelines_for_Large_Deployments

Debug via Browser

See http://wiki.zimbra.com/index.php?title=Web_Client_URL_Tricks&redirect=no

What's up with all the logs?

Logging page resources:

http://www.zimbra.com/docs/ne/latest/administration_guide/9_Monitoring.14.1.html

http://wiki.zimbra.com/index.php?title=Server_Monitoring

http://wiki.zimbra.com/index.php?title=Monitoring_Zimbra_Servers

http://wiki.zimbra.com/index.php?title=Log_Files

http://wiki.zimbra.com/index.php?title=Unresponsive_Server_Troubleshooting

Logging Increase

Depending on the ZCS version the below will clear all the per account loggers on zimbra reboot. IMAP is used for these examples.

zmprov aal user@domain.com zimbra.imap debug
zmprov ral user@domain.com zimbra.imap

If you want to do it globally edit /opt/zimbra/conf/log4j.properties.in (add a line at the end that's similar but like log4j.logger.zimbra.imap=DEBUG) and then zmcontrol stop

Restarting Jetty

As zimbra

zmmailboxdctl restart

Get Version From Ajax Client

Put the below in the search field of the Ajax client:

$set:get

What's Compiled With Postfix

Do the following (return is from my test box):

postconf -m
btree
cidr
environ
hash
ldap
mysql
pcre
proxy
regexp
static
unix

Mailing Lists And Mailman

If you are planning to use a distro list of over 60K members, you may be inclined to use a dedicated machine for this purpose. According to bug 19153, you have 2 options: "set up mailing list manager or change the value of virtual_alias_expansion_limit as a customization. We have never tested with > 1000 so this should be done carefully, and will pound LDAP for any messages with lots of recipients." Mailman integration is an option. There is a forum thread on how to integrate zcs and mailman. This would be the preferred fix to your issue, also noted in the bug report. We probably won't see Mailman integration in ZCS at least for another year or so, not until 6.0

Restricting Who Can Send To Mailing List

http://wiki.zimbra.com/index.php?title=RestrictPostfixRecipients

Problems Resolving Virtual Aliases For Members Of Large Distribution Lists

http://bugzilla.zimbra.com/show_bug.cgi?id=19153

Mailman Configuration

http://wiki.zimbra.com/index.php?title=ZCS_Mailman_Integration

http://bugzilla.zimbra.com/show_bug.cgi?id=8968

http://www.zimbra.com/forums/administrators/1380-solved-zimbra-mailman-howto.html

Server Move

Please see:

http://wiki.zimbra.com/index.php?title=Ajcody-Notes-ServerMove

Backup Plans And Cheap HA/DR Secondary Server

Please see:

http://wiki.zimbra.com/index.php?title=Ajcody-Notes-BackupPlans

General CALDAV Issues

Lightning & Thunderbird

Lightning does not support Caldav + Free/Busy

Free/Busy support is only available for the Sun Cal Server.

Maybe we could "fake" this out within our Ldap configuration. Like RFE for Apple OD:

http://bugzilla.zimbra.com/show_bug.cgi?id=26619

Address/username lookup doesn't occur within a new appointment

Unfortunately, I've not figured a way around this at this time.

Zimbra CalDav doesn't allow user to dismiss alarms from lightning

Please see bug from Mozilla:

https://bugzilla.mozilla.org/show_bug.cgi?id=432540

Apple/Mac Issues

AddressBook

Logging-Debug for Addressbook

First shutdown Addressbook app.

Launch terminal app.

defaults write com.apple.addressbook ABShowDebugMenu -bool YES

Turn it off by just reversing it:

defaults write com.apple.addressbook ABShowDebugMenu -bool NO

iCal Issues

Logging-Debug for CalDAV+iCAL

If you are using CalDAV account with ZCS, please help us investigating this problem. On your Mac please do the following and gather some data.

First shutdown iCal app.

Launch terminal app.

You can turn on the debug options in iCal by:

defaults write com.apple.iCal IncludeDebugMenu 1

Turn them off by just reversing it:

defaults write com.apple.iCal IncludeDebugMenu 0

Furthermore, you can log all of the HTTP transaction to the console via:

defaults write com.apple.iCal LogHTTPActivity yes

Turn them off by just reversing it:

defaults write com.apple.iCal LogHTTPActivity no

Logging will show up in /var/log/system.log

Launch iCal app.

Select the shared folder, right click, refresh.

Not seeing Calendar's

'''DO NOT USE SPACES IN THE CALENDAR NAME'''

This is resolved for the 5.0.7 release. (Need bug # for this)

Can't see items in shared Calendar

You might be seeing this:

http://bugzilla.zimbra.com/show_bug.cgi?id=23671

Comment #30 give some instructions on a case they can reproduce.

zmprov gd <your domain name> zimbraPublicServiceHostname
zmprov gs <your server name> zimbraServiceHostname

If zimbraPublicServiceHostname is not set, or set to a different name (such as an alias of the machine or a load balancer), you are hitting this issue.

iCal & Entourage Use for Calendars - Leopard/10.5 users

Because of some core issues with Apple's SyncServices, we recommend that Entourage and iCal users use iCALv3 (Mac 10.5) configured for CALDAV. Please use the Zimbra Connector instructions to setup iCal for CALDAV.

For Entourage, this recommendation stems from the fact that Microsoft decided to use WebDAV rather than CALDAV. If MS decides later to include CALDAV support for Entourage, we'll have another option.

Please see bug for details:

http://bugzilla.zimbra.com/show_bug.cgi?id=27380

RFE to support WebDAV for Entourage:

http://bugzilla.zimbra.com/show_bug.cgi?id=24502

Can't see Calendar's after configuring Z-iSync for CALDAV - 10.5 users

You didn't follow the directions most likely. Goto iCal Preferences Accounts.

There should be NO configured accounts prior to configuring Z-iSync for CALDAV.

Remove the current Account listed in iCal and redo configuration for CALDAV with Z-iSync.

Calendar events are displaying the wrong time

Apple expects the year of 1971 for the DTSTART variable within an ICS file. There is no standard that dictates this.

Zimbra (prior to version 5.0.5) was using 1601, this is in /opt/zimbra/conf/timezones.ics .

Please see bug for more details (resolved 5.0.5):

http://bugzilla.zimbra.com/show_bug.cgi?id=22808

Alarm & Calendar Notification Issues with iCal

These issues are getting worked out for the 5.0.7 release.

Please review:

http://bugzilla.zimbra.com/show_bug.cgi?id=28057

Some more details:

http://bugzilla.zimbra.com/show_bug.cgi?id=28883

http://bugzilla.mozilla.org/show_bug.cgi?id=432540

Trick to work around address lookup for the Attendee field in iCal Events

Configure the Addressbook using one of the other recommendations on this page.

You can now drag entries from your Addressbook into the Attendee field of iCal.

Attendee Lookups for iCALv3/MacOS10.5

iCal3 [webdav] needs to use the Apple Directory Access utility for attendees (It's on 10.5). It will only work against Apple OD/CAL servers.

RFE filed to include necessary LDAP attributes to provide ical oattendee lookups

See bug [scheduled for 5.0.7]:

http://bugzilla.zimbra.com/show_bug.cgi?id=26619

Free/Busy Lookup not working as expected

The Free/Busy lookup requires auto-attendee lookup to be working.

This requires bug 26619 to be resolved for iCalv3/Mac 10.5.

Attendee Lookup for iCal/Mac 10.4

iCal.app on Mac 10.4 only uses local entries in Apples Addressbook for address/username lookup for new appointments.

Addressbook+LDAP configuration requires a copy of an "all/*" search in ldap into the local addressbook. Sync doesn't seem to work.

Please see this bug comment and the 10.4 section for more details:

http://bugzilla.zimbra.com/show_bug.cgi?id=26619#c3

iCal calendar color changing modifies calendar name and/or doesn't retain color

Fixed in 5.0.5 . See bugs for details:

http://bugzilla.zimbra.com/show_bug.cgi?id=26627

http://bugzilla.zimbra.com/show_bug.cgi?id=26625

New Calendars don't sync unless you select "all". Mac 10.4/Z-isync

Please see bug for details:

http://bugzilla.zimbra.com/show_bug.cgi?id=26653

Directory Access configuration on Macs

File that configures [system wide] for Address Book resolution

/Library/Preferences/DirectoryService/DSLDAPv3PlugInConfig.plist

Mac clients cause spamming of invitation events when they adjust calendar events

This, at it's root, is caused by other bugs listed here. Usually this will get resolved with the proper upgrades that the bugs require (ZCS 5.0.5+)

There is a RFE/Bug though that will also resolve this, by allowing the "action" of an appointment to be set.

Please see bug for details [scheduled for 5.0.7]:

http://bugzilla.zimbra.com/show_bug.cgi?id=10536

Calendar Invites can't be imported into iCal

If you look at the ics file, you might see an extra return character at the end.

You'll see this if an Outlook client send an invite to a user using a Mac with a thick client [Mail.app/Entourage].

This was resolved in the 5.0.5 release. Please see bug for more details:

http://bugzilla.zimbra.com/show_bug.cgi?id=26487

iTunes & iPhone configuration for CALDAV

Please see main wiki page on iPhone http://wiki.zimbra.com/index.php?title=IPhone

If you follow the instructions about configuring the Zimbra iSync Connector for CALDAV use, there should be no issues about sync'ing with your iPhone.

At this time, new events created on a iPhone/CALDAV setup will write the event to a local calendar in iCal.app . There's no way around this yet. It's a limitation at this time with Apple's software. You can change the events calendar assignment though later via iCal.app.

Please see Screenshot of iTunes & iPhone

Clearing iCal cache

Make and run script:

#!/bin/sh
rm -rf ~/Library/Application\ Support/SyncServices/Local/clientdata/com.apple.iCal
rm -rf ~/Library/Calendars
rm -rf ~/Library/Preferences/com.apple.iCal.plist
rm -rf ~/Library/Preferences/IcalExternalSync.plist
rm -rf ~/Library/Preferences/ByHost/com.apple.iCal.helper.*
rm -rf ~/Library/Caches/com.apple.iCal
rm -rf ~/Library/Caches/Metadata/iCal

Clearing ALL of iCal

Make and run script:

#!/bin/sh
rm -rf ~/Library/Application\ Support/SyncServices/Local
rm -rf ~/Library/Application\ Support/SyncLocalCopy
rm -rf ~/Library/Application\ Support/iSync/SyncLocalCopy
rm -rf ~/Library/Application\ Support/iCal
rm -rf ~/Library/Calendars
rm -rf ~/Library/Preferences/com.apple.iCal.*
rm -rf ~/Library/Preferences/IcalExternalSync.plist
rm -rf ~/Library/Preferences/ByHost/com.apple.iCal.helper.*
rm -rf ~/Library/Caches/com.apple.iCal
rm -rf ~/Library/Caches/Metadata/iCal

Use LDAP directory from ZCS for Mac Addressbook / Mail.App / iCal for Mac 10.4

This is generally for those that aren't using Z-iSync.

First, test on shell that you have ldap connectivity.

ldapsearch -x -H ldap://ZCSserver-name:389 "uid=ajcody"

That returned successfully.

Then Addressbook Preferences

LDAP  + (for new)
Name: anything really
Server: ip/hostname that was used successfully in the ldapsearch string
Search Base:  [leave blank]
Port: 389
Scope: Subtree
No auth needed
* Save

I have no idea what the "Auto Update LDAP Cards" does.

Then setup Mail.App for IMAP to the Zimbra server. Check preferences to use LDAP - it will use the Address Book configuration that you did prior and it should auto-resolve to a username when you do a new message.

iCal will only use address that are in the LOCAL addressbook when you use the attendee field for a new event.

One way around this is to do a wildcard search in the Addressbook and drag those items to the local addressbook.

Goto to Address Book, selected Directories my ldap server and put in the below for the search field:

*.

This search result can then be dragged to the "All" folder in the Group column. It creates a "Last Import" item in the Group column now - it might warn about updating entries that all ready match.

Sync To Do/Tasks Items in Leopard

RFE filed, please see http://bugzilla.zimbra.com/show_bug.cgi?id=12917

No target date, please vote for this RFE.

What's my time and timezone?

I wrote up the steps to make sure the ZCS server is using the correct time and timezone here:

http://wiki.zimbra.com/index.php?title=Time_Zones_in_ZCS#The_server_OS

Hostname resolution issues and testing commands

Allot of failed installs are because administrators are skipping the steps to make sure resolution is working.

Check your /etc/hosts file. You should have the localhost similar to the one below. Your ZCS server name should be replaced with the zimbra.test.com and zimbra fields. The IP address should be the IP address bound to the network interface [ip addr or ifconfig -a to confirm].

127.0.0.1	localhost.localdomain	localhost
192.168.0.1	zimbra.test.com         zimbra

If your ZCS server is behind a firewall or is being NAT'd. Make sure that resolution for the hostname on the ZCS server returns the internal IP information rather than the external IP. To test:

hostname -f
zimbra.test.com

or

domainname -f
zimbra.test.com

As long as one of the above returns the full hostname, use the command for the following. The MX lookups depend on how you are doing your mail domain and server hostname.

host `hostname -f`
 zimbra.test.com has address 192.168.0.1
host -t MX `domainname -f`
 zimbra.test.com mail is handled by 10 zimbra.test.com.
host -t MX `domainname -d`
   test.com mail is handled by 10 zimbra.test.com.

You should also have reverse records (PTR) as well. Replace 192.168.0.1 using your internal ip address, it should return something like:

host 192.168.0.1
1.0.168.192.in-addr.arpa domain name pointer zimbra.test.com

Please review wiki page on split-DNS :

http://wiki.zimbra.com/index.php?title=Split_DNS

and also the variable use of lmtp_host_lookup .

http://bugzilla.zimbra.com/show_bug.cgi?id=27988

Disable LDAP Replica

This is a work in progress, please don't use for production servers at this time.

References:

http://wiki.zimbra.com/index.php?title=Promoting_Replica_to_LDAP_Master

http://www.zimbra.com/docs/os/latest/multi_server_install/LDAP%20Replication.6.1.html

For each server that you want to change:

Stop the Zimbra services on the server, zmcontrol stop.

Check the existing ldap_url value.

zmlocalconfig | grep ldap_url

Update the ldap_url value. Remove the replica LDAP server URL, below assumes you only had one replica.

zmlocalconfig -e ldap_url=”ldap:// ”

If other replica's exist, then the list typed is like:

zmlocalconfig -e ldap_url=”ldap:// ldap:// ldap:// ” 

The hosts are tried in the order listed. The master URL must always be included and is listed last.

Additional Steps for MTA hosts.

After updating the ldap_url, rerun /opt/zimbra/libexe/zmmtainit. This rewrites the Postfix configuration with the updated ldap_url.

To stop the ldap service running on the ldap replica server.

su - zimbra
ldap stop

To now disable ldap from running on the old ldap replica. The - in front of zimbraServiceEnabled is [off], rather than a + for [on].

zmprov ms  -- -zimbraServiceEnabled ldap

IMAPSYNC with admin login

Reference - http://wiki.zimbra.com/index.php?title=User_Migration

imapsync --buffersize 8192000 --nosyncacls --subscribe --syncinternaldates \
--host1 server.gtds.lan --user1 yourAccount --password1 yourPassword \
--user2 yourZimbraAccount --authuser2 admin --password2 adminZimbraPassword --authmech2 LOGIN
I found this description in one of the imapsync files:

"You may authenticate as one user (typically an admin user), but be authorized as someone else, which means you don't need to know every user's personal password. Specify --authuser1 "adminuser" to enable this on host1. In this case, --authmech1 PLAIN will be used, but otherwise, --authmech1 CRAM-MD5 is the default. Same behavior with the --authuser2 option."

ZCO Zimbra Outlook Connector

The complete troubling-shooting guide (dev info requests)

  1. Reproduce
  2. ZCO install logs
    • msiexec /i zco-installer.msi /lv 00022083-zco-install.log
  3. Get zco logs
  4. Check for core dumps - mandatory for all crashes
  5. Winhttp trace (issues where they can&amp;amp;amp;amp;amp;#39;t connect - check zco logs first). Run this on the machine with Outlook.
  6. Are there any local failures/server failures?
  7. Winmsd (dump of the local environment configuration)
    • Start Run winmsd
      • This might take awhile to bring up the application
      • From app [System Information titled] , File Export
    • What about msinfo32.exe ?
  8. External factors (add-ins, other mapi clients)
  9. Network topology (firewall, proxy, etc)
  10. Server topology (single/multi-node, clustering, nginx, 3rd party lb)
  11. Search bugzilla
  12. Search old support cases
  13. Can we get remote access?
  14. Can we get an account on the server?
  15. Can we access the account in question?
  16. Get the id of the item
    • get the original of the item from the server (mime representation)
    • get the .msg of the item from outlook
  17. Quick analysis of zco logs
    • sync - change record creation - CHANGE RECORD
    • follow soap requests, look for soap faults
    • look for the word - exception
    • follow soap traces
    • ignore MAPI_E_NOT_FOUND

Performance Issues

Sources:

http://msexchangeteam.com/archive/2007/12/17/447750.aspx

http://blogs.msdn.com/outlook/

http://support.microsoft.com/kb/940226/

http://technet.microsoft.com/en-us/library/bb738147.aspx

The skinny is this, [per Microsoft]

  • ...recommended max OST size (2GB)
  • ...we strongly recommend storing no more than 5,000 items in core folders, such as the Inbox and Sent Items folders. Creating more top-level folders, or subfolders underneath the Inbox and Sent Items folders, greatly reduces the costs associated with this index creation, so long as the number of items in any one folder does not exceed 5,000.

Public Service Hostname

variable is zimbraPublicServiceHostname , as referenced in /opt/zimbra/openldap/etc/openldap/schema/zimbra.schema

Bugs about the url's for shares that use spaces (%20), the redirection drops the %20

http://bugzilla.zimbra.com/show_bug.cgi?id=27788

http://bugzilla.zimbra.com/show_bug.cgi?id=27477

Domain Rename Issues

We have a command to rename a "domain" and the resources within it - unfortunately it doesn't handle ALL of the different components for various reasons. Specifically Documents and Calendars [more down below].

Review this RFE that was done when they implemented the renameDomain command.

http://bugzilla.zimbra.com/show_bug.cgi?id=7655

Note comment 21 & 22 (confirming what QA'd). The syntax is

zmprov -l rd testold.com testnew.com

Problems that arise with Documents are explained here, comment #1 has workaround.

http://bugzilla.zimbra.com/show_bug.cgi?id=25873

Now, the very unfortunate part about calendars with a domainname change/move.

"Ability to change a username globally on all appointments"

http://bugzilla.zimbra.com/show_bug.cgi?id=26736

"Cant edit calendar entries after renameDomain"

http://bugzilla.zimbra.com/show_bug.cgi?id=27707

The root issue here's seems to be more about the calendar standards and practices with the use of the "Organizer" field and notifications. You'll see 3 "work arounds" in comment 2 of bug 26736.

Export/Importing of the calendar data is shown here:

http://wiki.zimbra.com/index.php?title=User_Migration

This part specifically :

http://wiki.zimbra.com/index.php?title=User_Migration#Copy_Calendar_From_One_Zimbra_User_to_Another

Finding The NO_SUCH_BLOB Errors

grep -B2 NO_SUCH_BLOB /opt/zimbra/log/mailbox.lo* |grep mailbox= |sed -r 's/.*mailbox=([0-9]*).*$/\1/' |sort -u

Account & Domain Summary

Run zmaccts

Here's what it would return:

su - zimbra
[zimbra@mail3 ~]$ zmaccts
           account                          status             created       last logon
------------------------------------   -----------     ---------------  ---------------
admin@mail3.internal.homeunix.com           active      05/06/08 18:46   07/08/08 09:56
ajcody@mail3.internal.homeunix.com          active      05/06/08 20:43   06/23/08 15:48
ajcody2@mail3.internal.homeunix.com         active      05/28/08 11:48   06/30/08 17:44
forward@mail3.internal.homeunix.com         active      05/06/08 21:06   05/29/08 17:24
ham.bidiob2mm@mail3.internal.homeuni        active      05/06/08 18:47            never
spam.rormmtcyy@mail3.internal.homeun        active      05/06/08 18:47            never
wiki@mail3.internal.homeunix.com            active      05/06/08 18:46            never
           account                          status             created       last logon
------------------------------------   -----------     ---------------  ---------------
secondary@secondary.internal.homeuni        active      06/23/08 15:26   06/23/08 15:27
wiki@secondary.internal.homeunix.com        active      06/23/08 15:25            never
-
                                domain summary
-
    domain                  active    closed    locked    maintenance     total
-----------------------   --------  --------  --------  -------------  --------
mail3.internal.homeunix          7         0         0              0         7
secondary.internal.home          2         0         0              0         2

My Gal & LDAP Settings For A Domain

To see your setting, do the following - replacing with domainname with the domain in question.

zmprov gd domainname | egrep -i 'ldap|gal'

Zimlets

Zimlets should be already located on the zimbra server in one of these directories:

/opt/zimbra/zimlets/
/opt/zimbra/zimlets-admin-extra/
/opt/zimbra/zimlets-extra/
/opt/zimbra/zimlets-experimental/
/opt/zimbra/zimlets-network/

To deploy a zimlet, simply cd to the directory where the zimlet is located and issue this command:

/opt/zimbra/bin/zmzimletctl deploy <zimlet_name>
Jump to: navigation, search