Current Known Issues on ZCS 9.0

KB 24444	Last updated on 2022-11-29	Last updated by Harsh	0.00 (0 votes)	Verified in: ZCS 9.0
- This article is a Work in Progress, and may be unfinished or missing sections.

KB 24444	Last updated on 2022-11-29
0.00 (0 votes)
- This article is a Work in Progress, and may be unfinished or missing sections.

Current known issues with ZCS 9.0 patch 25

Summary of the issue: dns-cache service fails to start after upgrading the server

Bug number: ZBUG-2929

Description: After upgrading the server to ver 9.0 (latest patch), the dns-cache service doesn't start.

Workaround: Follow the given steps :

1) Comment below line from "/opt/zimbra/conf/unbound.conf.in", trust-anchor-file: "/opt/zimbra/conf/root.key"

2) Enable the DNS cache service if disabled on server.

3) Restart the Zimbra services on DNS-cache server, zmcontrol restart

Summary of the issue: Using the Org Chart in ZWC may cause the webclient to freeze

Bug number: ZBUG-2853

Description: Performing actions such a clicking on a checkbox or minimizing a branch may cause the client to freeze.

Workaround: NA

Other issues with ZCS 9.0 patch 25

• While deploying zimlets, if the following error is encountered, refer to the patch installation section to install the zimbra-common-core-jar, zimbra-common-core-libs, zimbra-mbox-store-libs packages in a particular order and re-deploy the zimlets

/opt/zimbra/bin/zmjava: line 59: /bin/java: No such file or directory
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/logging/log4j/core/appender/ConsoleAppender$Target
       at com.zimbra.cs.localconfig.LocalConfigCLI.main(LocalConfigCLI.java:353)
Caused by: java.lang.ClassNotFoundException: org.apache.logging.log4j.core.appender.ConsoleAppender$Target
       at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:602)
       at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
       at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521)
       ... 1 more

• From Kepler-Patch-25 onwards, customers using SSO will need to update zimbraVirtualHostName attribute for the domains. Please refer to the instructions to update the attribute.

• With OpenJDK 17, weaker Kerberos encryption types like 3DES and RC4 have now been disabled by default. This can cause SPNEGO auth to fail if described encryption types are being used. We recommend using stronger encryption types like AES256.

       To get SPNEGO auth working with weak encryption types, weak encryption can be enabled by setting the allow_weak_crypto property to true in the krb5.conf configuration file. Please follow below instructions: 

1. In /opt/zimbra/jetty_base/etc/krb5.ini.in -> [libdefaults] section, set allow_weak_crypto = true

2. Restart mailboxd service:

su - zimbra
zmmailboxdctl restart