Difference between revisions of "King0770-Notes"

(External Authentication with LDAP)
(Additional Articles by King0770)
Line 16: Line 16:
 
https://wiki.zimbra.com/index.php?title=King0770-Notes-Access_GAL_from_Clients_6.0<br>
 
https://wiki.zimbra.com/index.php?title=King0770-Notes-Access_GAL_from_Clients_6.0<br>
 
https://wiki.zimbra.com/index.php?title=King0770-Notes-Nuking_everything_in_a_folder<br>
 
https://wiki.zimbra.com/index.php?title=King0770-Notes-Nuking_everything_in_a_folder<br>
 +
https://wiki.zimbra.com/wiki/King0770-Notes-External-Authentication-with-LDAP<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-Directory-Permissions-on-tmp<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-Directory-Permissions-on-tmp<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-Removing-Messages-with-zmmailbox-based-on-Subject<br>
 
https://wiki.zimbra.com/wiki/King0770-Notes-Removing-Messages-with-zmmailbox-based-on-Subject<br>

Revision as of 22:11, 5 December 2018

Additional Articles by King0770

https://wiki.zimbra.com/index.php?title=King0770-Notes-Merge_Two_Independent_Machines
https://wiki.zimbra.com/index.php?title=King0770-Notes-MovingUsers
https://wiki.zimbra.com/index.php?title=King0770-Notes-Change-LDAP-Log-Levels
https://wiki.zimbra.com/index.php?title=King0770-Notes-Postconf_or_localconfig
https://wiki.zimbra.com/index.php?title=King0770-Notes-Bulk_Upload_To_Briefcase
https://wiki.zimbra.com/index.php?title=King0770-Notes-Sieve_Rules_By_Proxy
https://wiki.zimbra.com/index.php?title=King0770-Notes-Find_Out_When_Message_Was_Read
https://wiki.zimbra.com/index.php?title=King0770-Notes-FireFox_MimeTypes
https://wiki.zimbra.com/index.php?title=King0770-Notes-SearchGal-Edit
https://wiki.zimbra.com/index.php?title=King0770-Notes-ZCO-Repair
https://wiki.zimbra.com/index.php?title=King0770-Notes-Download-JDK
https://wiki.zimbra.com/index.php?title=King0770-Notes-Drop-Single-Mboxgroup-and-Reimport
https://wiki.zimbra.com/index.php?title=King0770-Notes-When_innodb_force_recovery_Fails
https://wiki.zimbra.com/index.php?title=King0770-Notes-Removal_of_Bad_Contact_Address
https://wiki.zimbra.com/index.php?title=King0770-Notes-Access_GAL_from_Clients_6.0
https://wiki.zimbra.com/index.php?title=King0770-Notes-Nuking_everything_in_a_folder
https://wiki.zimbra.com/wiki/King0770-Notes-External-Authentication-with-LDAP
https://wiki.zimbra.com/wiki/King0770-Notes-Directory-Permissions-on-tmp
https://wiki.zimbra.com/wiki/King0770-Notes-Removing-Messages-with-zmmailbox-based-on-Subject
https://wiki.zimbra.com/wiki/King0770-Notes-Read-the-install-history-file-in-a-readable-format
https://wiki.zimbra.com/wiki/King0770-Notes-error-decoding-message
https://wiki.zimbra.com/wiki/King0770-Notes-YAMM
https://wiki.zimbra.com/wiki/King0770-Notes-Chameleon-Skin
https://wiki.zimbra.com/wiki/King0770-Notes-InnoDB_is_in_the_future
https://wiki.zimbra.com/wiki/King0770-Notes-Calendar-Notes
https://wiki.zimbra.com/wiki/King0770-Notes-Milter_And_DistributionLists
https://wiki.zimbra.com/wiki/King0770-Notes-Check-Submission-Port-587
https://wiki.zimbra.com/wiki/King0770-Notes-Header-Checks
https://wiki.zimbra.com/wiki/King0770-Notes-Verify-LDAP-Passwords
https://wiki.zimbra.com/wiki/King0770-Notes-SpamTitan
https://wiki.zimbra.com/wiki/King0770-Notes-Enable-webui-for-cbpolicyd-Unsupported
https://wiki.zimbra.com/wiki/King0770-Notes-Installing-Proxy-For-Single-Server
https://wiki.zimbra.com/wiki/King0770-Notes-ldapsearch-to-csv
https://wiki.zimbra.com/wiki/King0770-Notes-My-Github
https://wiki.zimbra.com/wiki/King0770-Notes-VNC-Safe
https://wiki.zimbra.com/wiki/King0770-Notes-Whitelist-Spamassassin-MTA
https://wiki.zimbra.com/wiki/King0770-Notes-Ultra-Restrictive-Sending-And-Receiving
https://wiki.zimbra.com/wiki/King0770-Notes-smtp_tls_policy_maps
https://wiki.zimbra.com/wiki/King0770-Notes-Always_Bcc-Mishap
https://wiki.zimbra.com/wiki/King0770-Notes-Remove-Orphaned-Account
https://wiki.zimbra.com/wiki/King0770-Notes-Emulate-a-user-login-via-the-command-line https://wiki.zimbra.com/wiki/King0770-Notes-SSL
https://wiki.zimbra.com/wiki/King0770-Notes-ldap-fragmentation
https://wiki.zimbra.com/wiki/King0770-Notes-Disable-Zimbra-Desktop
https://wiki.zimbra.com/wiki/King0770-Notes-Rejecting-Nested-From-Addresses
https://wiki.zimbra.com/wiki/King0770-Notes-Relocated-Maps
https://wiki.zimbra.com/wiki/King0770-Notes-Internal-False-Positives

Handy Commands

LDAP - DB Status

/opt/zimbra/sleepycat/bin/db_stat -c -h /opt/zimbra/openldap-data

LDAP - DB Recover

/opt/zimbra/sleepycat/bin/db_recover **make sure you are doing this as the zimbra user, and that slapd is not running**

LDAP - Slapindex

/opt/zimbra/openldap/sbin/slapindex -f /opt/zimbra/conf/slapd.conf

LDAP - Export & Reimport

1) su - zimbra
2) libexec/zmslapcat /tmp
3) mv /tmp/ldap.bak /tmp/ldap.ldif
4) zmcontrol stop
5) ps -aux | grep slapd **If ldap is still running, kill it**
6) su - root
7) mv /opt/zimbra/openldap-data /opt/zimbra/openldap-data.OLD
8) mkdir -p /opt/zimbra/openldap-data/logs && mkdir -p /opt/zimbra/openldap-data/accesslog/db
9) chown -R zimbra:zimbra /opt/zimbra/openldap-data/
10) su - zimbra
11) /opt/zimbra/openldap/sbin/slapadd -f /opt/zimbra/conf/slapd.conf -b "" -l /tmp/ldap.ldif 
12) zmcontrol start

Clear SA DB

This would be handy if you are getting a lot of false positives

/opt/zimbra/libexec/sa-learn -p /opt/zimbra/conf/salocal.cf.in --dbpath /opt/zimbra/amavisd/.spamassassin/ --siteconfigpath /opt/zimbra/conf/spamassassin --clear

or

/opt/zimbra/libexec/sa-learn -p /opt/zimbra/conf/salocal.cf --dbpath /opt/zimbra/amavisd/.spamassassin --siteconfigpath \ /opt/zimbra/conf/spamassassin --force -expire –sync

KeyTool Commands

keytool -list -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`

keytool -delete -alias jetty or tomcat -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`

Columns are MisMatch in the GAL using ZCO

1) Remove ZCO profile(s) from Outlook - Start ==> Control Panel ==> Mail

2) Once the ZCO profile is removed, go into the following directories and remove everything in the specified directories:
c:\documents and settings\<user>\local settings\application data\microsoft\outlook
&
c:\documents and settings\<user>\application data\microsoft\outlook

3) Recreate ZCO profile for Outlook - Start ==> Control Panel ==> Mail

Once you have recreated the zco profile, open Outlook, then have a look again at the GAL.

Upper Case Letters in the hostname in /etc/hosts will prevent the install from continuing

Make sure the hostname in the /etc/hosts do not contain upper case letters. Or else the install will not continue.
http://bugzilla.zimbra.com/show_bug.cgi?id=30413

Main menu

   1) Common Configuration:                                                  
        +Hostname:                             KLAATU.blue.local
        +Ldap master host:                     klaatu.blue.local
        +Ldap port:                            389                           
        +Ldap Admin password:                  set                           
        +Require secure interprocess communications: yes                           
        +TimeZone:                             (GMT-08.00) Pacific Time (US & Canada)

   2) zimbra-ldap:                             Enabled                       
   3) zimbra-store:                            Enabled                       
   4) zimbra-mta:                              Enabled                       
   5) zimbra-snmp:                             Enabled                       
   6) zimbra-logger:                           Enabled                       
   7) zimbra-spell:                            Enabled                       
   8) Default Class of Service Configuration:                                
   9) Enable default backup schedule:          yes                           
   r) Start servers after configuration        yes                           
   s) Save config to file                                                    
   x) Expand menu                                                            
   q) Quit                                    

Address unconfigured (**) items or correct ldap configuration  (? - help)

Sending Attachments

If you are having trouble sending attachments, and you *think* you've set the zimbraFileUploadMaxSize & zimbraMtaMaxMessageSize, correctly, then find out how much larger a MIME version of a file will be after base-64 encode.

If you want to find out just how much larger a MIME version of a given file will be, run the file through UUDeview (windows app) - try 'base 64' in the encode settings. Won't wreck your current file, it creates a converted duplicate. This should give you an idea of what values to use if you don't want to use an arbitrary value. http://www.miken.com/uud/

Removing older version inside /opt/zimbra

Question:
Can I delete older versions of software that is in the /opt/zimbra directory? I have older version of amavisd, clamav, cyrus-sasl, etc.

Answer: I am not sure *why* the prior versions are still around after an upgrade. The answer I received was, we (Zimbra), shouldn't remove things during an upgrade. My impression was this was a policy decision. I'd say move those older versions out of the way into another directory. And if there are no problems, I'd say you are good to go. To be honest, I am paranoid - I never suggest remove anything on a system. :)

Hardware Support

Question
In the server, one of the hard disks is showing a red light. It is Raid 5 configured. Not sure where to look.

Answer
Zimbra Support can't help very much here. We support the Zimbra software, not the server hardware or the OS RAID infrastructure. If it's a standard Linux RAID, you can remove it from the RAID group with mdadm, replace the device, and add a new device to replace it. If it's a separate array or something, you'll have to go to the manufacturer instructions to find the procedure for replacing the device. You'll probably find more information with a web search than you can get from us on this topic.

Zimbra Mobile and BIS

Customers using utilizing AT&T and Verizon for their Blackberry Internet Services (BIS) will need to make sure port 993 is accessible. Apparently, BIS services will authenticate using port 993. I had a case where the admin was using AT&T to setup an account; however, he was getting the "connection timed out" message, or "cannot authenticate" from the AT&T app. On a hunch I suggested opening port 993 through his firewall (because it wasn't accessible to the outside world) . After that was done, AT&T was able to authenticate.

Jump to: navigation, search