April 27, 2008

Zimbra LDAP Debugging

Filed under: Directory/LDAP, Messaging, Redhat/Fedora, Zimbra, linux — morgan @ 4:36

Multi-node Zimbra installs sometimes fail in mysterious ways.. We recently resolved what turned out to be a network problem but it was causing our Zimbra install to fail with what I originally suspected was an LDAP problem. I think the troubleshooting process may prove useful. This is Zimbra 5.0.4:

If a store doesn’t appear to be communicating with its ldap master, here’s how a I debugged it

On the ldap master:


# vi /etc/syslog.conf
    local4.debug          -/var/log/zimbra.log
# /sbin/service syslog reload
Reloading syslogd...                                       [  OK  ]
Reloading klogd...                                         [  OK  ]
# su - zimbra
$ zmlocalconfig -e ldap_log_level=800
$ zmcontrol stop && zmcontrol start

Now tail -f /var/log/zimbra.log for slapd logging

Now from the store:

yum install openldap-clients (RHEL5) or
up2date openldap-clients (RHEL4) if ldapsearch isn’t installed


$ ldapsearch -h zldap.morganjones.internal -W -x -LL -D cn=config
-b cn=zimbra objectclass=*
Enter LDAP Password:
version: 1 

dn: cn=zimbra
objectClass: organizationalRole
description: Zimbra Systems Application Data
cn: zimbra 

dn: cn=admins,cn=zimbra
objectClass: organizationalRole
description: admin accounts
cn: admins 

...

dn: cn=com_zimbra_convertd,cn=zimlets,cn=zimbra
zimbraZimletDescription: Convertd Extension for Admin UI
zimbraZimletVersion: 1.0
objectClass: zimbraZimletEntry
zimbraZimletIndexingEnabled: TRUE
zimbraZimletKeyword: com_zimbra_convertd
cn: com_zimbra_convertd
zimbraZimletIsExtension: TRUE
zimbraZimletPriority: 12
zimbraZimletEnabled: TRUE
$

side note: Zimbra users TLS for connections before stores and ldap servers. ‘-LL’ forces ldapsearch to use TLS, -x turns off ldaps.

Here’s the background that started me down this path:

Install ldap master with at least zimbra-ldap

Install a store, answer ‘n’ to zimbra-ldap and ‘y’ to zimbra-store. At the Main menu choose ‘1′ for Common Configuration.

Set Ldap master host and Ldap Admin password and when I typed ‘r’ it hung just like this:


Common configuration

   1) Hostname:                                store01.morganjones.internal
   2) Ldap master host:                      zldap.morganjones.internal
   3) Ldap port:                                389
   4) Ldap Admin password:                 set
   5) LDAP Base DN:                           cn=zimbra
   6) Require secure interprocess communications: yes
   7) TimeZone:
             (GMT-05.00) Easten Time (US & Canada)

Select, or 'r' for previous menu [r] r

A quick look at /tmp/zmsetup* revealed:


Couldn't bind to zldap.morganjones.internal as uid=zimbra,cn=admins,cn=zimbra
Checking ldap on zldap.morganjones.internal:389
Unable to startTLS: Resource temporarily unavailable
Couldn't bind to zldap.morganjones.internal as uid=zimbra,cn=admins,cn=zimbra
checking isEnabled zimbra-store

Aha.. an LDAP connectivity problem.

April 8, 2008

Nutter speaks to Council about casinos

Filed under: Casinos — morgan @ 1:34

The third of four city council hearings on whether to award Foxwoods casino their CED (commercial entertainment district) zoning took place on Friday. The hearing may be moot in light of this week’s supreme court ruling but council choose to hold the hearing and Mayor Nutter spoke strongly on the matter.

Nutter said: “It is clear that the proposed Foxwoods site is the wrong site for Philadelphia and the Commonwealth of Pennsylvania.” He said it is the responsibility of Council and the Mayor to “…represent our constituents and run the city of Philadelphia in a forthright, open and transparent fashion.” He spoke of the potentially enormous impact casinos may have on Philadelphia, he thanked council for holding the hearings.

“If. If. If we are to have gaming in Philadelphia there is a way to do it, there is a way right that works for the citizens of this city, that works for the citizens of the Commonwealth of Pennsylvania.”

He spoke firmly about the increased infrastructure costs, particularly police, that the casinos will levy upon the city. He said these costs were not considered in the budget, the five year and the city should not have to pay for them.

He ended with: “…We have an obligation to the citizens of this city and residents of the Commonwealth of Pennsylvania that if there is to be casino gaming in Philadelphia that it is done properly, it is done respectfully, it is done thoughtfully, and that it uses the best land use planning principles and we not allow ourselves to be lulled by the various interests who have their interests and not our interests at heart.”

This is strong stuff. So far Nutter has not spoken without purpose. He clearly chooses his words carefully. He twice referred to casinos as ‘if:’ likely not a mistake or oversight on his part. He speaks clearly and deliberately without hesitation or second thought. This is why we elected him, this is the stuff that changes cities.

Update, 4/26/08: I am not sure I can give credit but this is posted publicly:

Powered by WordPress