Difference between revisions of "King0770-Notes"

(Articles by King0770)
 
(50 intermediate revisions by the same user not shown)
Line 1: Line 1:
==Additional Articles by King0770==
+
==Articles by King0770==
  
http://wiki.zimbra.com/index.php?title=King0770-Notes-Merge_Two_Independent_Machines<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Merge_Two_Independent_Machines<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-MovingUsers<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-MovingUsers<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-Change-LDAP-Log-Levels<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Change-LDAP-Log-Levels<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-Postconf_or_localconfig<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Postconf_or_localconfig<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-Bulk_Upload_To_Briefcase<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Bulk_Upload_To_Briefcase<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-Sieve_Rules_By_Proxy<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Sieve_Rules_By_Proxy<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-Find_Out_When_Message_Was_Read<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Find_Out_When_Message_Was_Read<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-FireFox_MimeTypes<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-FireFox_MimeTypes<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-SearchGal-Edit<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-SearchGal-Edit<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-ZCO-Repair<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-ZCO-Repair<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-Download-JDK<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Download-JDK<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-Drop-Single-Mboxgroup-and-Reimport<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Drop-Single-Mboxgroup-and-Reimport<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-When_innodb_force_recovery_Fails<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-When_innodb_force_recovery_Fails<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-Removal_of_Bad_Contact_Address<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Removal_of_Bad_Contact_Address<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-Access_GAL_from_Clients_6.0<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Access_GAL_from_Clients_6.0<br>
http://wiki.zimbra.com/index.php?title=King0770-Notes-Nuking_everything_in_a_folder<br>
+
https://wiki.zimbra.com/index.php?title=King0770-Notes-Nuking_everything_in_a_folder<br>
http://wiki.zimbra.com/wiki/King0770-Notes-error-decoding-message<br>
+
https://wiki.zimbra.com/wiki/King0770-Notes-External-Authentication-with-LDAP<br>
http://wiki.zimbra.com/wiki/King0770-Notes-YAMM<br>
+
https://wiki.zimbra.com/wiki/King0770-Notes-Directory-Permissions-on-tmp<br>
http://wiki.zimbra.com/wiki/King0770-Notes-Chameleon-Skin<br>
+
https://wiki.zimbra.com/wiki/King0770-Notes-Removing-Messages-with-zmmailbox-based-on-Subject<br>
http://wiki.zimbra.com/wiki/King0770-Notes-InnoDB_is_in_the_future<br>
+
https://wiki.zimbra.com/wiki/King0770-Notes-Read-the-install-history-file-in-a-readable-format<br>
http://wiki.zimbra.com/wiki/King0770-Notes-Calendar-Notes<br>
+
https://wiki.zimbra.com/wiki/King0770-Notes-error-decoding-message<br>
http://wiki.zimbra.com/wiki/King0770-Notes-Milter_And_DistributionLists<br>
+
https://wiki.zimbra.com/wiki/King0770-Notes-YAMM<br>
http://wiki.zimbra.com/wiki/King0770-Notes-Check-Submission-Port-587<br>
+
https://wiki.zimbra.com/wiki/King0770-Notes-Chameleon-Skin<br>
http://wiki.zimbra.com/wiki/King0770-Notes-Header-Checks<br>
+
https://wiki.zimbra.com/wiki/King0770-Notes-InnoDB_is_in_the_future<br>
 +
https://wiki.zimbra.com/wiki/King0770-Notes-Calendar-Notes<br>
 +
https://wiki.zimbra.com/wiki/King0770-Notes-Milter_And_DistributionLists<br>
 +
https://wiki.zimbra.com/wiki/King0770-Notes-Check-Submission-Port-587<br>
 +
https://wiki.zimbra.com/wiki/King0770-Notes-Header-Checks<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-Verify-LDAP-Passwords<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-Verify-LDAP-Passwords<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-SpamTitan<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-SpamTitan<br>
Line 37: Line 41:
 
https://wiki.zimbra.com/wiki/King0770-Notes-Always_Bcc-Mishap<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-Always_Bcc-Mishap<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-Remove-Orphaned-Account<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-Remove-Orphaned-Account<br>
 
+
https://wiki.zimbra.com/wiki/King0770-Notes-Emulate-a-user-login-via-the-command-line<br>
==Removing Messages with Zmmailbox based on the Subject==
+
https://wiki.zimbra.com/wiki/King0770-Notes-SSL<br>
 
+
https://wiki.zimbra.com/wiki/King0770-Notes-ldap-fragmentation<br>
<code><pre>
+
https://wiki.zimbra.com/wiki/King0770-Notes-Disable-Zimbra-Desktop<br>
#!/bin/bash
+
https://wiki.zimbra.com/wiki/King0770-Notes-Rejecting-Nested-From-Addresses<br>
# rm_message.sh user@domain.com subject
+
https://wiki.zimbra.com/wiki/King0770-Notes-Relocated-Maps<br>
if [ -z "$2" ]; then
+
https://wiki.zimbra.com/wiki/King0770-Notes-Internal-False-Positives<br>
echo "usage:  rm_message.sh user@domain.com <subject>"
+
https://wiki.zimbra.com/wiki/King0770-Notes-Whitelist-Phishing-Service<br>
exit 0
+
https://wiki.zimbra.com/wiki/King0770-Notes-Lock-All-Accounts<br>
else
+
https://wiki.zimbra.com/wiki/King0770-Notes-Account-Organization<br>
addr=$1
+
https://wiki.zimbra.com/wiki/King0770-Notes-Cannot-Start-ldap-ldap_starttls_supported-Enabled<br>
subject=$2
+
https://wiki.zimbra.com/wiki/King0770-Notes-zmtrainsa_cleanup_host<br>
echo "Searching $addr  for Subject:  $subject"
+
https://wiki.zimbra.com/wiki/King0770-Notes-rsync-excludes<br>
for msg in `zmmailbox -z -m "$addr" s -l 999 -t message "subject:$subject"|awk '{ if (NR!=1) {print}}' | grep -v -e Id -e "-" -e "^$" | awk '{ print $2 }'`
+
https://wiki.zimbra.com/wiki/King0770-Notes-Mass-Account-Removal<br>
  do
+
https://wiki.zimbra.com/wiki/King0770-Notes-Export_And_Import_Spamassassin_Rules<br>
echo "Removing "$msg""
+
https://wiki.zimbra.com/wiki/King0770-Notes-Outbound_SMTP_Authentication_Using_Port_465<br>
zmmailbox -z -m $1 dm $msg
+
https://wiki.zimbra.com/wiki/King0770-Notes-Force-Authentication-With-Full-Email-Address<br>
done
+
https://wiki.zimbra.com/wiki/King0770-Notes-Quick-Guide-Setting-Up-ZCS-8.8.15_And_NextCloud17<br>
fi
+
https://wiki.zimbra.com/wiki/King0770-Notes-Zimbra-Connect<br>
</pre></code>
+
https://wiki.zimbra.com/wiki/King0770-Notes-Prevent-Accounts-From-Sending-To-External-Domains-With-CBPOLICYD<br>
 
+
https://wiki.zimbra.com/wiki/King0770-Notes-Setup-RateLimiting-with-CBPOLICYD<br>
Copy/Paste the script into a file, call it what you want, something like, "rm_message.sh". The syntax using the script would be something like:
+
https://wiki.zimbra.com/wiki/King0770-Notes-MTA-ALLOW-HELO<br>
<code><pre>./rm_message.sh user@domain.com subjectName</pre></code>
+
https://wiki.zimbra.com/wiki/King0770-Notes-NG_Modules<br>
 
 
If the subject contains more than one word, put double quotes around the subject.
 
<code><pre>./rm_message.sh user@domain.com "Hello World"</pre></code>
 
 
 
Special thanks to '''Matt Fox'''.
 
 
 
==License - Misc==
 
TTL for the account count cache is either 1 minute when they are very close to the limit, or 1 hour if the total account count is less than 90% of the quota.  In other words, the server will correct itself without restart in an hour in the worse case. See http://bugzilla.zimbra.com/show_bug.cgi?id=24009
 
 
 
* Admin counts towards user count, admin@domain.com
 
* Spam, Ham, Wiki accounts don't count toward user count total
 
 
 
 
 
 
 
==Handy Commands==
 
===Emulate a user login via the command line===
 
<code><pre>
 
curl -v -k 'https://mail.domain.com/' -H 'Cookie: ZM_TEST=true' --data 'loginOp=login&username=user%40domain.com&password=mypassword'
 
</pre></code>
 
 
 
 
 
===Read the install history file in a readable format===
 
<code><pre>perl -e 'while (<>) { ($date, $op) = split(/:/, $_); print scalar localtime($date) . "  " . $op; }' < /opt/zimbra/.install_history</pre></code>
 
Or<br>
 
<code><pre>perl -an -F: -e 'print scalar localtime(shift @F), " @F";' /opt/zimbra/.install_history</pre></code>
 
 
 
===Get the version in ZWC===
 
Type the following in the search bar:
 
<code><pre>$set: get version</pre></code>
 
===LDAP - DB Status===
 
<code><pre>/opt/zimbra/sleepycat/bin/db_stat -c -h /opt/zimbra/openldap-data</pre></code>
 
===LDAP - DB Recover===
 
<code><pre>/opt/zimbra/sleepycat/bin/db_recover **make sure you are doing this as the zimbra user, and that slapd is not running**</pre></code>
 
===LDAP - Slapindex===
 
<code><pre>/opt/zimbra/openldap/sbin/slapindex -f /opt/zimbra/conf/slapd.conf</pre></code>
 
===LDAP - Export & Reimport===
 
<code><pre>
 
1) su - zimbra
 
2) libexec/zmslapcat /tmp
 
3) mv /tmp/ldap.bak /tmp/ldap.ldif
 
4) zmcontrol stop
 
5) ps -aux | grep slapd **If ldap is still running, kill it**
 
6) su - root
 
7) mv /opt/zimbra/openldap-data /opt/zimbra/openldap-data.OLD
 
8) mkdir -p /opt/zimbra/openldap-data/logs && mkdir -p /opt/zimbra/openldap-data/accesslog/db
 
9) chown -R zimbra:zimbra /opt/zimbra/openldap-data/
 
10) su - zimbra
 
11) /opt/zimbra/openldap/sbin/slapadd -f /opt/zimbra/conf/slapd.conf -b "" -l /tmp/ldap.ldif
 
12) zmcontrol start
 
</pre></code>
 
 
 
===Clear SA DB===
 
This would be handy if you are getting a lot of false positives
 
<code><pre>
 
/opt/zimbra/libexec/sa-learn -p /opt/zimbra/conf/salocal.cf.in --dbpath /opt/zimbra/amavisd/.spamassassin/ --siteconfigpath /opt/zimbra/conf/spamassassin --clear
 
</pre></code>
 
or
 
<code><pre>
 
/opt/zimbra/libexec/sa-learn -p /opt/zimbra/conf/salocal.cf --dbpath /opt/zimbra/amavisd/.spamassassin --siteconfigpath \ /opt/zimbra/conf/spamassassin --force -expire –sync
 
</pre></code>
 
 
 
===KeyTool Commands===
 
<code><pre>
 
keytool -list -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`
 
 
 
keytool -delete -alias jetty or tomcat -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`
 
</pre></code>
 
 
 
==Enable Away Messages (Vacation)==
 
1) Access your account using the web interface, <nowiki>https://mail.domain.com</nowiki><br>
 
2) Once you have accessed your account, go to Preferences => Mail<br>
 
3) If you scroll down in the Mail section, look for "Send auto-reply message:". You should then type your away message, and pick the start date and finish date.<br>
 
4) Don't forget to click "Save" in the upper left hand.<br>
 
===Auto-Reply Not Working===
 
Organizations using the Split-Domain configuration *may* encounter problems with the auto-replies not working.<br>
 
Mail that is arriving to user@somedomain.com and the zimbra server only knows about user@mail.domain.com. So the code that tries not to send vacation message if the mail was not directly sent to the account kicks in. This is as intended. The "was it sent directly to this acct" check only checks To: and Cc: headers and not envelope RCPT TO address (as it should).<br>
 
<br>
 
Workaround:<br>
 
 
 
<code><pre>
 
zmprov ma user@domain.com +zimbraPrefOutOfOfficeDirectAddress user@mail.domain.com
 
zmprov ma user@domain.com zimbraPrefOutOfOfficeReplyEnabled TRUE
 
</pre></code>
 
 
 
==Apple's .Mac Mail Service==
 
It was recently discovered Apple's .Mac Mail Service removes messages in the Trash from their server after one week. This is not configurable.
 
 
 
==Directory Permissions on /tmp==
 
It is possible that during ZCS install, if the /tmp directory does not have the correct permissions, it could hinder your efforts to install ZCS.
 
Make sure the /tmp directory has the following permissions.<br>
 
<br>
 
drwxrwxrwt  17 root root  4096 2008-07-07 08:33 tmp
 
<br>
 
 
 
If your /tmp permissions do not match the above, run the following commands as root:
 
<code><pre>
 
# chmod 777 /tmp
 
# chmod +t /tmp
 
</pre></code>
 
 
 
The "t" in the end of the permissions is called the "sticky bit". It replaces the "x" and indicates that in this directory, files can only be deleted by their owners, the owner of the directory or the root superuser. This way, it is not enough for a user to have write permission on /tmp, he also needs to be the owner of the file to be able to delete it.
 
 
 
[[Category:Community Sandbox]]
 
 
 
==Columns are MisMatch in the GAL using ZCO==
 
1) Remove ZCO profile(s) from Outlook - Start ==> Control Panel ==> Mail<br>
 
<br>
 
2) Once the ZCO profile is removed, go into the following directories and remove everything in the specified directories:<br>
 
c:\documents and settings\<user>\local settings\application data\microsoft\outlook<br>
 
&<br>
 
c:\documents and settings\<user>\application data\microsoft\outlook<br>
 
<br>
 
3) Recreate ZCO profile for Outlook - Start ==> Control Panel ==> Mail<br>
 
<br>
 
Once you have recreated the zco profile, open Outlook, then have a look again at the GAL.<br>
 
 
 
==Manually Delete Index Directories==
 
Ran across a case where the admin had to remove the index directories for a mailbox.  Looking at the mailbox.log file, there was this error:<br>
 
A couple of the symtoms are:<br>
 
- The reindex of a mailbox runs too fast.<br>
 
- When the user attempts a search in the ZWC, no results are found when there should be a result.<br>
 
<code><pre>
 
2008-07-18 00:13:52,477 INFO [MailboxPurge] [name=jsmith@mydomain.com;mid=11;] index - ignoring error while deleting index entries for items: [-28865, 28865]
 
java.io.IOException: Could not create index com.zimbra.cs.index.Z23FSDirectory@/opt/zimbra/index/0/11/index/0 (directory already exists)
 
at com.zimbra.cs.index.Lucene23Index.openIndexWriter(Lucene23Index.java:1359)
 
at com.zimbra.cs.index.Lucene23Index.deleteDocuments(Lucene23Index.java:292)
 
at com.zimbra.cs.index.MailboxIndex.deleteDocuments(MailboxIndex.java:267)
 
at com.zimbra.cs.mailbox.Mailbox.commitCache(Mailbox.java:6927)
 
at com.zimbra.cs.mailbox.Mailbox.endTransaction(Mailbox.java:6824)
 
at com.zimbra.cs.mailbox.Mailbox.purgeMessages(Mailbox.java:6182)
 
at com.zimbra.cs.mailbox.PurgeThread.run(PurgeThread.java:147)
 
Caused by: java.io.IOException: read past EOF
 
at org.apache.lucene.store.BufferedIndexInput.refill(BufferedIndexInput.java:146)
 
at org.apache.lucene.store.BufferedIndexInput.readByte(BufferedIndexInput.java:38)
 
at org.apache.lucene.store.IndexInput.readChars(IndexInput.java:126)
 
at org.apache.lucene.store.IndexInput.readString(IndexInput.java:112)
 
at org.apache.lucene.index.SegmentInfo.<init>(SegmentInfo.java:137)
 
at org.apache.lucene.index.SegmentInfos.read(SegmentInfos.java:220)
 
at org.apache.lucene.index.SegmentInfos$1.doBody(SegmentInfos.java:254)
 
at org.apache.lucene.index.SegmentInfos$FindSegmentsFile.run(SegmentInfos.java:636)
 
at org.apache.lucene.index.SegmentInfos.read(SegmentInfos.java:251)
 
at org.apache.lucene.index.IndexWriter.init(IndexWriter.java:710)
 
at org.apache.lucene.index.IndexWriter.<init>(IndexWriter.java:666)
 
at com.zimbra.cs.index.Lucene23Index.openIndexWriter(Lucene23Index.java:1340)
 
</pre></code>
 
While there are probably multiple situations where the index directory needs to be removed (or reindexed), this was one case I recently ran across.<br>
 
To remove the index directories in this example, follow this method:<br>
 
<code><pre>
 
1) su - zimbra
 
2) rm -rf /opt/zimbra/index/0/11/index/0
 
3) zmmailboxdctl stop
 
4) zmmailboxdctl start
 
5) Then reindex the mailbox from the Admin Console.
 
</pre></code>
 
 
 
==Upper Case Letters in the hostname in /etc/hosts will prevent the install from continuing==
 
Make sure the hostname in the /etc/hosts do not contain upper case letters. Or else the install will not continue.<br>
 
http://bugzilla.zimbra.com/show_bug.cgi?id=30413<br>
 
<code><pre>
 
Main menu
 
 
 
  1) Common Configuration:                                                 
 
        +Hostname:                            KLAATU.blue.local
 
        +Ldap master host:                    klaatu.blue.local
 
        +Ldap port:                            389                         
 
        +Ldap Admin password:                  set                         
 
        +Require secure interprocess communications: yes                         
 
        +TimeZone:                            (GMT-08.00) Pacific Time (US & Canada)
 
 
 
  2) zimbra-ldap:                            Enabled                     
 
  3) zimbra-store:                            Enabled                     
 
  4) zimbra-mta:                              Enabled                     
 
  5) zimbra-snmp:                            Enabled                     
 
  6) zimbra-logger:                          Enabled                     
 
  7) zimbra-spell:                            Enabled                     
 
  8) Default Class of Service Configuration:                               
 
  9) Enable default backup schedule:          yes                         
 
  r) Start servers after configuration        yes                         
 
  s) Save config to file                                                   
 
  x) Expand menu                                                           
 
  q) Quit                                   
 
 
 
Address unconfigured (**) items or correct ldap configuration  (? - help)
 
</pre></code>
 
 
 
==External Authentication with LDAP==
 
<p>
 
Requires one of the following:  
 
<br>
 
1) set<br>
 
Set domain attribute zimbraAuthMech to ldap.<br>
 
<strong>zimbraAuthLdapSearchBindPassword</strong> => bind DN of the admin user of the external directory<br>
 
<strong>zimbraAuthLdapSearchBindDn</strong> => password of the admin user of the external directory<br>
 
<strong>zimbraAuthLdapSearchFilter</strong><br>
 
<strong>zimbraAuthLdapSearchBase</strong> (optional, if not set "" will be used).<br>
 
 
 
Three things are needed for auth to the external LDAP server:<br>
 
- URL of the LDAP server: zimbraAuthLdapURL<br>
 
- password entered by user<br>
 
- the bind DN for the user, this can be setup using one of the following 3 ways. <strong>(A)</strong> is preferred over <strong>(B)</strong> because <strong>(C)</strong> does an extra LDAP search.<br>
 
<br>
 
<strong>(A)</strong> zimbraAuthLdapBindDn<br>
 
This is the bind DN template<br>     
 
<br>
 
<strong>(B)</strong> zimbraAuthLdapSearchFilter<br>
 
If set, then zimbraAuthLdapSearchBindPassword, zimbraAuthLdapSearchBindDn, and zimbraAuthLdapSearchBase also need to be set. <br> 
 
Server uses the four attrs to get the bind DN for the user.<br> 
 
Server first does a LDAP search  using the zimbraAuthLdapSearchBindDn/zimbraAuthLdapSearchBindPassword credential by zimbraAuthLdapSearchFilter under zimbraAuthLdapSearchBase.  The search would return the bind DN for the user, if found.<br>  
 
example for zimbraAuthLdapSearchFilter: (&(mail=%u@%d)(objectclass=person))  (whatever object class they are using)<br>
 
<br>
 
<strong>(C)</strong> Account attribute zimbraAuthLdapExternalDn<br>
 
Unlike (A) and (B), which are domain settings, this is an account level setting.  This overrides the bind template and/or search setting, and directly contains the DN for the user in the external ldap server.<br>
 
 
 
<br>
 
OR<br>
 
<br>
 
2) set<br>
 
Set domain attribute zimbraAuthMech to ldap.<br>
 
<strong>zimbraAuthLdapBindDn</strong> to the template filter for the user in the external directory.<br>
 
For example, if the user exists at uid=jsmith,cn=users,dc=zimbra,dc=com , set zimbraAuthLdapBindDn on the domain to: uid=%u,cn=users,dc=zimbra,dc=com<br>
 
Another example uid=%u,ou=people,%D  (whatever LDAP DIT structure they are using)<br>
 
 
 
<br> 
 
zimbraAuthLdapBindDn and zimbraAuthLdapSearchFilter can contain expansion variables that are to be substituted by components in the account name:<br>
 
%n = username with @ (or without, if no @ was specified)<br>
 
%u = username with @ removed<br>
 
%d = domain as foo.com<br>
 
%D = domain as dc=foo,dc=com<br>
 
<br>
 
e.g. for user rking@zimbra.com<br>
 
%n => rking@zimbra.com<br>
 
%u => rking<br>
 
%d => zimbra.com<br>
 
%D => dc=zimbra,dc=com<br>
 
<br>
 
example for zimbraAuthLdapBindDn: uid=%u,ou=people,%D  (whatever LDAP DIT structure they are using)<br>
 
 
 
===External Authentication Errors===
 
525 - user not found<br>
 
52e - invalid credentials<br>
 
530 - not permitted to logon at this time<br>
 
532 - password expired<br>
 
533 - account disabled<br>
 
701 - account expired<br>
 
773 - user must reset password<br>
 
775 - user account locked<br>
 
 
 
<br>
 
http://forum.java.sun.com/thread.jspa?messageID=4227692
 
 
 
Example in the /opt/zimbra/log/mailbox.log file:<br>
 
<code><pre>
 
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece^@]
 
        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985)
 
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
 
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)
 
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646)
 
        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
 
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
 
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
 
.......
 
</pre></code>
 
 
 
<strong>Notable bugs:</strong><br>  
 
http://bugzilla.zimbra.com/show_bug.cgi?id=6353<br>
 
http://bugzilla.zimbra.com/show_bug.cgi?id=7235
 
 
 
===Mix external authentication users with local users===
 
Lets say, you are using external authentication; however, you would like to create a few users locally on the Zimbra system without provisioning users on the external authentication system (openldap, AD etc etc).<br>
 
 
 
This should be possible with setting the following domain attribute.
 
 
 
<code><pre>
 
zmprov md yourdomain.com zimbraAuthFallbackToLocal TRUE
 
</pre></code>
 
 
 
==Sending Attachments==
 
 
 
If you are having trouble sending attachments, and you *think* you've set the zimbraFileUploadMaxSize & zimbraMtaMaxMessageSize, correctly, then find out how much larger a MIME version of a file will be after base-64 encode. <br>
 
 
 
If you want to find out just how much larger a MIME version of a given file will be, run the file through UUDeview (windows app) - try 'base 64' in the encode settings. Won't wreck your current file, it creates a converted duplicate. This should give you an idea of what values to use if you don't want to use an arbitrary value. http://www.miken.com/uud/ <br>
 
 
 
==Removing older version inside /opt/zimbra==
 
<strong>Question:</strong><br>
 
Can I delete older versions of software that is in the /opt/zimbra directory? I have older version of amavisd, clamav, cyrus-sasl, etc.
 
 
 
<strong>Answer:</strong>
 
I am not sure *why* the prior versions are still around after an upgrade. The answer I received was, we (Zimbra), shouldn't remove things during an upgrade. My impression was this was a policy decision. I'd say move those older versions out of the way into another directory. And if there are no problems, I'd say you are good to go. To be honest, I am paranoid - I never suggest remove anything on a system. :)
 
 
 
==SOAP API==
 
The relevant docs are in /opt/zimbra/doc. The /opt/zimbra/doc directory has most (if not all) our docs for soap.<br>  
 
Regarding the URL using the admin soap stuff you need to talk to the admin server (by default port 7071).<br>
 
Example for the admin url for soap:
 
<code><pre>https://myhost:7071/service/admin/soap/</pre></code>
 
Another point of interest:  /opt/zimbra/conf/attrs/zimbra-attrs.xml
 
 
 
==Hardware Support==
 
<strong>Question</strong><br>
 
In the server, one of the hard disks is showing  a red light. It is Raid 5 configured. Not sure where to look.
 
 
 
<strong>Answer</strong><br>
 
Zimbra Support can't help very much here.  We support the Zimbra software, not the server hardware or the OS RAID infrastructure.  If it's a standard Linux RAID, you can remove it from the RAID group with mdadm, replace the device, and add a new device to replace it.  If it's a separate array or something, you'll have to go to the manufacturer instructions to find the procedure for replacing the device.  You'll probably find more information with a web search than you can get from us on this topic.
 
 
 
==Zimbra Mobile and BIS==
 
Customers using utilizing AT&T and Verizon for their Blackberry Internet Services (BIS) will need to make sure port 993 is accessible. Apparently, BIS services will authenticate using port 993. I had a case where the admin was using AT&T to setup an account; however, he was getting the "connection timed out" message, or "cannot authenticate" from the AT&T app. On a hunch I suggested opening port 993 through his firewall (because it wasn't accessible to the outside world) . After that was done, AT&T was able to authenticate.
 
 
 
==Distribution Lists and Duplicates==
 
The scenario is that you are a member of a distribution list, and also was CC'd separately, and you have noticed you have received two messages instead of one; send to: you@someZimbraList.com, you@domain.com.<br>
 
 
 
Have a look at the following global setting:<br>
 
 
 
<code><pre>zmprov gacf | grep zimbraMessageIdDedupeCacheSize</pre></code>
 
 
 
If this setting was set to zero, that would probably explain the duplicates you may see.<br>
 
 
 
If you need to suppress the duplicates, run this command:<br>
 
 
 
<code><pre>
 
zmprov mcf zimbraMessageIdDedupeCacheSize 3000
 
**3000 is the default**
 
</pre></code>
 
 
 
This would require to restart Jetty services.<br>
 
 
 
<code><pre>
 
zmmailboxdctl restart
 
**be advised this would be a slight disruption of services. you may need to restart jetty during low-peak times, or after business hours.**
 
</pre></code>
 
 
 
 
 
==Change LDAP Log Levels==
 
There are two methods.<br>
 
 
 
1)<br>
 
 
 
<code><pre>
 
 
 
zmlocalconfig -e ldap_log_level=256
 
 
 
ldap stop
 
 
 
ldap start
 
 
 
</pre></code>
 
 
 
2)<br>
 
 
 
<code><pre>
 
**this method does not require ldap stop/start**
 
 
 
ldapmodify -x -h <host> -D "cn=config" -W <hit enter>
 
<enter ldap_root_password>
 
dn: cn=config
 
changetype: modify
 
replace: olcLogLevel
 
olcLogLevel: 256 **if you want to disable ldap log, type in 'none'**
 
<enter> <enter>
 
 
 
</pre></code>
 

Latest revision as of 20:47, 16 April 2020

Articles by King0770

https://wiki.zimbra.com/index.php?title=King0770-Notes-Merge_Two_Independent_Machines
https://wiki.zimbra.com/index.php?title=King0770-Notes-MovingUsers
https://wiki.zimbra.com/index.php?title=King0770-Notes-Change-LDAP-Log-Levels
https://wiki.zimbra.com/index.php?title=King0770-Notes-Postconf_or_localconfig
https://wiki.zimbra.com/index.php?title=King0770-Notes-Bulk_Upload_To_Briefcase
https://wiki.zimbra.com/index.php?title=King0770-Notes-Sieve_Rules_By_Proxy
https://wiki.zimbra.com/index.php?title=King0770-Notes-Find_Out_When_Message_Was_Read
https://wiki.zimbra.com/index.php?title=King0770-Notes-FireFox_MimeTypes
https://wiki.zimbra.com/index.php?title=King0770-Notes-SearchGal-Edit
https://wiki.zimbra.com/index.php?title=King0770-Notes-ZCO-Repair
https://wiki.zimbra.com/index.php?title=King0770-Notes-Download-JDK
https://wiki.zimbra.com/index.php?title=King0770-Notes-Drop-Single-Mboxgroup-and-Reimport
https://wiki.zimbra.com/index.php?title=King0770-Notes-When_innodb_force_recovery_Fails
https://wiki.zimbra.com/index.php?title=King0770-Notes-Removal_of_Bad_Contact_Address
https://wiki.zimbra.com/index.php?title=King0770-Notes-Access_GAL_from_Clients_6.0
https://wiki.zimbra.com/index.php?title=King0770-Notes-Nuking_everything_in_a_folder
https://wiki.zimbra.com/wiki/King0770-Notes-External-Authentication-with-LDAP
https://wiki.zimbra.com/wiki/King0770-Notes-Directory-Permissions-on-tmp
https://wiki.zimbra.com/wiki/King0770-Notes-Removing-Messages-with-zmmailbox-based-on-Subject
https://wiki.zimbra.com/wiki/King0770-Notes-Read-the-install-history-file-in-a-readable-format
https://wiki.zimbra.com/wiki/King0770-Notes-error-decoding-message
https://wiki.zimbra.com/wiki/King0770-Notes-YAMM
https://wiki.zimbra.com/wiki/King0770-Notes-Chameleon-Skin
https://wiki.zimbra.com/wiki/King0770-Notes-InnoDB_is_in_the_future
https://wiki.zimbra.com/wiki/King0770-Notes-Calendar-Notes
https://wiki.zimbra.com/wiki/King0770-Notes-Milter_And_DistributionLists
https://wiki.zimbra.com/wiki/King0770-Notes-Check-Submission-Port-587
https://wiki.zimbra.com/wiki/King0770-Notes-Header-Checks
https://wiki.zimbra.com/wiki/King0770-Notes-Verify-LDAP-Passwords
https://wiki.zimbra.com/wiki/King0770-Notes-SpamTitan
https://wiki.zimbra.com/wiki/King0770-Notes-Enable-webui-for-cbpolicyd-Unsupported
https://wiki.zimbra.com/wiki/King0770-Notes-Installing-Proxy-For-Single-Server
https://wiki.zimbra.com/wiki/King0770-Notes-ldapsearch-to-csv
https://wiki.zimbra.com/wiki/King0770-Notes-My-Github
https://wiki.zimbra.com/wiki/King0770-Notes-VNC-Safe
https://wiki.zimbra.com/wiki/King0770-Notes-Whitelist-Spamassassin-MTA
https://wiki.zimbra.com/wiki/King0770-Notes-Ultra-Restrictive-Sending-And-Receiving
https://wiki.zimbra.com/wiki/King0770-Notes-smtp_tls_policy_maps
https://wiki.zimbra.com/wiki/King0770-Notes-Always_Bcc-Mishap
https://wiki.zimbra.com/wiki/King0770-Notes-Remove-Orphaned-Account
https://wiki.zimbra.com/wiki/King0770-Notes-Emulate-a-user-login-via-the-command-line
https://wiki.zimbra.com/wiki/King0770-Notes-SSL
https://wiki.zimbra.com/wiki/King0770-Notes-ldap-fragmentation
https://wiki.zimbra.com/wiki/King0770-Notes-Disable-Zimbra-Desktop
https://wiki.zimbra.com/wiki/King0770-Notes-Rejecting-Nested-From-Addresses
https://wiki.zimbra.com/wiki/King0770-Notes-Relocated-Maps
https://wiki.zimbra.com/wiki/King0770-Notes-Internal-False-Positives
https://wiki.zimbra.com/wiki/King0770-Notes-Whitelist-Phishing-Service
https://wiki.zimbra.com/wiki/King0770-Notes-Lock-All-Accounts
https://wiki.zimbra.com/wiki/King0770-Notes-Account-Organization
https://wiki.zimbra.com/wiki/King0770-Notes-Cannot-Start-ldap-ldap_starttls_supported-Enabled
https://wiki.zimbra.com/wiki/King0770-Notes-zmtrainsa_cleanup_host
https://wiki.zimbra.com/wiki/King0770-Notes-rsync-excludes
https://wiki.zimbra.com/wiki/King0770-Notes-Mass-Account-Removal
https://wiki.zimbra.com/wiki/King0770-Notes-Export_And_Import_Spamassassin_Rules
https://wiki.zimbra.com/wiki/King0770-Notes-Outbound_SMTP_Authentication_Using_Port_465
https://wiki.zimbra.com/wiki/King0770-Notes-Force-Authentication-With-Full-Email-Address
https://wiki.zimbra.com/wiki/King0770-Notes-Quick-Guide-Setting-Up-ZCS-8.8.15_And_NextCloud17
https://wiki.zimbra.com/wiki/King0770-Notes-Zimbra-Connect
https://wiki.zimbra.com/wiki/King0770-Notes-Prevent-Accounts-From-Sending-To-External-Domains-With-CBPOLICYD
https://wiki.zimbra.com/wiki/King0770-Notes-Setup-RateLimiting-with-CBPOLICYD
https://wiki.zimbra.com/wiki/King0770-Notes-MTA-ALLOW-HELO
https://wiki.zimbra.com/wiki/King0770-Notes-NG_Modules

Jump to: navigation, search