Current Known Issues

Revision as of 14:41, 14 July 2022 by Amolmistry (talk | contribs) (Current Known Issues on 8.8.15)

Current Known Issues on 8.8.15


   KB 24443        Last updated on 2022-07-14  




0.00
(0 votes)

Current known issues with ZCS 8.8.15 patch 32


New and unfixed bug in the latest packages for patch 32

The following bugs are discovered after installing patch 32,

Summary of the issue: SAML Authentication is not working and getting 500 erro after installing Patch 32

Bug number: ZBUG-2907 Users can check the status in the support portal using ZBUG-2907. When logging into your support account (in [1] ), you will find a new link called Bug Lookup under the Support Menu section.

Description: The error appears as follows when trying log in to the account.

SAML auth error: .
https://mail.example.tld/service/extension/samlreceiver
HTTP ERROR 500 Error in validating SAML response
URI: /service/extension/samlreceiver
STATUS: 500
MESSAGE: Error in validating SAML response.
SERVLET: ExtensionDispatcherServlet

Workaround: Apply the given workaround 1. Open /opt/zimbra/common/lib/jvm/java/conf/security/java.security

2. Now remove the following lines (Before that, you can take a backup of java. security file as well.)

disallowAlg http://www.w3.org/2000/09/xmldsig#rsa-sha1,\
disallowAlg http://www.w3.org/2000/09/xmldsig#sha1,\

3. Restart mailbox services. zmmailboxdctl restart




Fixed in the latest packages for patch 32

The following bugs have been fixed in the latest packages, but are included here in case someone is still on the old package.

Summary of the issue: SAML authentication is not working and getting 500 error after installing latest Patch in ZCS v8.8.15 P32.

Bug number: ZBUG-2907

Description: zmconfigd is failing for ldap-only nodes.

Workaround: Apply the given workaround

1. On the ldap server wget these two files for the respective versions in /tmp/:

   wget https://raw.githubusercontent.com/Zimbra/zm-core-utils/8.8.15.p32/src/libexec/zmconfigd
   wget https://raw.githubusercontent.com/Zimbra/zm-jython/8.8.15.p32/jylibs/commands.py

2. Take a backup and replace the files in this location:

  /opt/zimbra/common/lib/jylibs/commands.py /opt/zimbra/libexec/zmconfigd

3. Restart zmconfigd


Summary of the issue: SMTP authentication failure with 2FA application passcode

Bug number: ZBUG-2831 Fixed in the latest patch packages.

Description: SMTP authentication failure with 2FA application passcode is configured in client like outlook, thunderbird etc.

Workaround: The following workaround can be applied on the affected server.

1. Open /opt/zimbra/jetty_base/etc/jetty.xml.in and add below statement on line no 41.

   <Set name="forwardedPortAsAuthority">false</Set>

2. Restart mailbox after this


Summary of the issue: All Zimlets are disabled from custom COS after redeploying the Zimlets

Bug number: ZBUG-2833 Fixed in the latest patch packages.

Description: When zimlets are redeployed on the server , then zimlets are disabled on the customer COS.

Workaround: Those zimlets can be enabled on the custom COS manually.


Summary of the issue: No INFO logs while redeploying the Zimlets on the server.

Bug number: ZBUG-2834 Fixed in the latest patch packages.

Description: When a zimlet is deployed on the server, it shows the output but it doesn't show anything on the screen and zimlet gets deployed silently in backend.

Workaround: N/A


Summary of the issue: /var/log/syslog filling after applying the patch-32 on ZCS-8.8.15 and this leads to the disk space filling up.

Bug number: ZBUG-2835 Fixed in the latest patch packages.

Description: /var/log/syslog filling after applying the patch-32 on ZCS-8.8.15. This leads to the disk space filling up.

Workaround: The following workaround can be applied on the affected server.

1. Open /opt/zimbra/conf/log4j.properties.in and update line no 195 and change value to info from debug.

2. Update line no 210 and remove SLOGGER from statement.

3. Restart mailbox after this


  • While deploying zimlets, if the following error is encountered, refer to the patch installation section to install the zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages in a particular order and re-deploy the zimlets
/opt/zimbra/bin/zmjava: line 59: /bin/java: No such file or directory
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/logging/log4j/core/appender/ConsoleAppender$Target
       at com.zimbra.cs.localconfig.LocalConfigCLI.main(LocalConfigCLI.java:353)
Caused by: java.lang.ClassNotFoundException: org.apache.logging.log4j.core.appender.ConsoleAppender$Target
       at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:602)
       at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
       at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521)
       ... 1 more

Other issues with ZCS 8.8.15 patch 32

  • From Kepler-Patch-25 onwards, customers using SSO will need to update zimbraVirtualHostName attribute for the domains. Please refer to the instructions to update the attribute.


  • With OpenJDK 17, weaker Kerberos encryption types like 3DES and RC4 have now been disabled by default. This can cause SPNEGO auth to fail if described encryption types are being used. We recommend using stronger encryption types like AES256.
       To get SPNEGO auth working with weak encryption types, weak encryption can be enabled by setting the allow_weak_crypto property to true in the krb5.conf configuration file. Please follow below instructions: 

1. In /opt/zimbra/jetty_base/etc/krb5.ini.in -> [libdefaults] section, set allow_weak_crypto = true

2. Restart mailboxd service:

su - zimbra
zmmailboxdctl restart
Jump to: navigation, search