Irfan-Notes: Difference between revisions

No edit summary
No edit summary
Line 21: Line 21:
   /opt/zimbra/bin/zmcertmgr createca  
   /opt/zimbra/bin/zmcertmgr createca  
   /opt/zimbra/bin/zmcertmgr deployca  
   /opt/zimbra/bin/zmcertmgr deployca  
  /opt/zimbra/bin/zmcertmgr createcrt -new
   /opt/zimbra/bin/zmcertmgr deploycrt self  
   /opt/zimbra/bin/zmcertmgr deploycrt self  



Revision as of 07:14, 18 June 2009



Local mail delivery problem

If you don't want to configure split dns, you can use this. By default postfix performs a lookup against dns for a local (lmtp) delivery. If want to avoid configuring split dns, you can set postfix_lmtp_host_lookup to native mode. Then postfix will lookup in /etc/hosts file to deliver a local email rather than doing a dns query.

su - zimbra
zmlocalconfig -e postfix_lmtp_host_lookup=native

You may need to restart zmcontrol to update the setting.

Note: This will work only on postfix 2.3 or later.

Self Signed Certificates in 5.x

Simple five steps to re-deploy the self signed certificate via command line. Run as ROOT.

 /opt/zimbra/bin/zmcertmgr createca 
 /opt/zimbra/bin/zmcertmgr deployca 
 /opt/zimbra/bin/zmcertmgr createcrt -new
 /opt/zimbra/bin/zmcertmgr deploycrt self 

If you have ZCS older than 5.0.6, then use following command to deploy the certificate.

 /opt/zimbra/bin/zmcertmgr install self -new 

Restart the zmcontrol.

 su - zimbra
 zmcontrol stop 
 zmcontrol start

Using zimbra server only as a Store with a non-zimbra MTA

Delivering emails from an non-zimbra postfix server to Zimbra on lmtp (7025) port. This is an example for domain abc.com. Zimbra server address is server.zimbra.com

1. Make sure mx for abc.com pointed to postfix sever. And it can receive emails for abc.com 2. Create abc.com domain in zimbra. 3. Add "mailbox_transport" parameter to main.cf to deliver emails to zimbra server.

mailbox_transport = lmtp:<zimbra_hostname>:7025

Save and reload postfix.

Important: User account must be created on zimbra server whom mails are sent.

That should be enough to deliver all emails to zimbra server.


Holding the Postfix Queue at time of server migration/maintenance

Holding the postfix queue at the time of migration. Specifically at the time when you need mailboxd to be running so that imapsync can inject emails.

Hold the queue:

 postsuper -h ALL

Release the hold queue:

 postsuper -r ALL

To delete the mails from the queue:

 'cat /tmp/deletelist | /opt/zimbra/postfix/sbin/postsuper -d -'
  • Other way it to create a file and define the user's whose emails you want to hold.

1.Create a stub file called /opt/zimbra/conf/migration-hold that will be used by Postfix to HOLD messages and then "postmap" this file to create the .db hash file.

2. Modify /opt/zimbra/conf/postfix_recipient_restrictions.cf to include the line in bold below.

     reject_non_fqdn_recipient
     permit_sasl_authenticated
     permit_mynetworks
     reject_unlisted_recipient
     check_recipient_access hash:/opt/zimbra/conf/migration-hold
     permit
 

3. Execute "postfix reload" as the zimbra user. main.cf will now reference the new migration-hold file

4. The migration-hold file will contain the full list of email addresses that will be migrated during the impending migration in the following format:

 address1@domain.com              HOLD migration in progress
 address2@domain.com              HOLD migration in progress

Now the MTA will accept the message, but place it in the HOLD queue as shown below:

postfix/smtpd[5584]: NOQUEUE: hold: RCPT from unknown[xx.xx.xx.xx]: <sender@domain>: Recipient address migration in progress; from=<sender@domain.org> to=<recepient@domain>

5. Finally, the "postsuper -H ALL" command should be executed on each Zimbra MTA to allow all held mail to be moved back into the active queue for delivery.

6. After migration has been completed, all empty migration-hold file will be removed and postfix_recipient_restrictions.cf will have the check_recipient_access line deleted.


Manually Copying ldap data from Master to Replica

After converting the master ldap server to be a replica from the wiki http://wiki.zimbra.com/index.php?title=Promoting_Replica_to_LDAP_Master the replica server may take time to sync entire ldap data from the master server. These steps will guide you to manually copy the data from master server to the replica server. This is also useful if you have huge amount of ldap data on master and don't wish to sync the entire data through the network.

Steps to followed on the Master server:

1. Create a backup directory and take a dump of ldap data.

 mkdir /backup
 chown zimbra:zimbra /backup
 /opt/zimbra/libexec/zmslapcat /backup

Steps to follow on the Replica server:

1. Create a directory on replica server and copy the ldap dump in it.

 mkdir /backup
 chown zimbra:zimbra /backup
 Copy the ldap.bak from the master server's /backup directory and place it in /backup directory of this server.

2. Removing and recreating the openldap data.

 cp /opt/zimbra/openldap-data/DB_CONFIG /tmp
 rm -rf /opt/zimbra/openldap-data/*
 cp /tmp/DB_CONFIG /opt/zimbra/openldap-data/
 mkdir -p /opt/zimbra/openldap-data/logs /opt/zimbra/openldap-data/accesslog/db /opt/zimbra/openldap-data/accesslog/logs
 chown -R zimbra:zimbra /opt/zimbra/openldap-data

3. Restoring the ldap data.

 /opt/zimbra/openldap/sbin/slapadd -q -b "" -f /opt/zimbra/conf/slapd.conf -cv -l /backup/ldap.bak

You may need to restart zmcontrol on the replica. Also make sure if replica is syncing with the master server by looking at /var/log/zimbra.log file.


Replacing organiser of a meeting

1. zmmailbox -z -m user@domain.com gru /Calendar > /tmp/resourceA.ics

2. modify resourceA.ics (i.e. change the organizer from user to the new person) and rename it to, say, resourceA_updated.ics

3. zmmailbox -z -m resourceA@laika.com pru /Calendar /tmp/resourceA_updated.ics

Changing login skin and logo per domain

1. Set virtual hosts for domains which you need customize skin/logo.

 su - zimbra
 zmprov md <domainname> zimbraVirtualHostname <domainname>

Setting zimbraVirtualHostname is very important. It is the URL which users have to connect to see the branding of the domain. It can be different from the actual domain name, and you need to set up DNS entries for the virtual hostname.

For example:

Your domain is domain1.com, and you set zimbraVirtualHostname to mail.domain1.com. You need to make sure mail.domain1.com is resolvable the the mailstore (or proxy, if using http proxy). Then users will need to connect to http://mail.domain1.com to see the branding for domain1.com.

2. Create custom skins for each domain. Or you can just place the logo banners at below mentioned paths.

3. For each domain define two attributes

 zmprov md <domainname> zimbraSkinLogoLoginBanner /zimbra/skins/<skinname>/logos/LoginBanner.png
 zmprov md <domainname> zimbraSkinLogoAppBanner  /zimbra/skins/<skinname>/logos/AppBanner.png
 zmprov md <domainname> zimbraSkinLogoURL http(s)://www.serverurl.com

Note: Full path of /zimbra/skins/<skinname>/logos/* is /opt/zimbra/jetty/webapps/zimbra/skins/<skinname>/logos/ But it should be defined as mentioned about without /opt/zimbra/jetty/webapps part.

4. Restart zmmailboxdctl

 su - zimbra
 zmmailboxdctl stop
 zmmailboxdctl start

Changing Index Volume

By-default index volume is set to /opt/zimbra/index. Some administrators may want to change it to other directory (which may be mounted over the network). If you add a new index volume and set it as current, new index data for old users will still be saved to /opt/zimbra/index (old) volume. Only index data of new users (which are added after setting new volume) will be added to new volume. This results in two index directories. Here are the steps which will help to set new index volume keep all index data in one place regardless of old/new users.

In this example (tested on 5.0.11), old volume is /opt/zimbra/index which is default. New volume is /mnt/index and its volume ID is 3.

1. Create a new directory /mnt/index on file system. Changed permission to zimbra:zimrba. From Admin Console add new index volume and set it as current. Make sure data is been added to new volume by creating a new account and sending an email to it.

2. Note the volume ID by running this command as zimbra user.

 zmvolume -l

3. Stop zimbra services. This will make sure no new messages are coming in and hence no new index data is been written.

 zmcontrol stop

4. Move all contents of /opt/zimbra/index to /mnt/index/

5. Start mysql server.

 start mysql.server

6. Manually update "index_volume_id" for each account to id of /mnt/index in mailbox table. You will need to run following command in loop for all user IDs.

 mysql zimbra -e "update mailbox SET index_volume_id='<VolumeID>' where id=<mailboxID>"

For example. Updating index_volume_id for one account whose ID is 101.

 mysql zimbra -e "update mailbox SET index_volume_id='3' where id=101"

You can find mailboxID with this command.

 zmprov gmi <accountname>

7 . Stop mysql.server

 mysql.server stop

8. Start zimbra services.

 zmcontrol start

Note: Make sure you test above steps on a test box before doing on production server. I also recommend to make a backup copy of /opt/zimbra/index directory. If need help in above procedure, contact zimbra support.

Jump to: navigation, search