Multi-node Zimbra installs sometimes fail in mysterious ways.. We recently resolved what turned out to be a network problem but it was causing our Zimbra install to fail with what I originally suspected was an LDAP problem. I think the troubleshooting process may prove useful. This is Zimbra 5.0.4:
If a store doesn’t appear to be communicating with its ldap master, here’s how a I debugged it
On the ldap master:
# vi /etc/syslog.conf
local4.debug -/var/log/zimbra.log
# /sbin/service syslog reload
Reloading syslogd... [ OK ]
Reloading klogd... [ OK ]
# su - zimbra
$ zmlocalconfig -e ldap_log_level=800
$ zmcontrol stop && zmcontrol start
Now tail -f /var/log/zimbra.log for slapd logging
Now from the store:
yum install openldap-clients
(RHEL5) or
up2date openldap-clients
(RHEL4) if ldapsearch isn’t installed
$ ldapsearch -h zldap.morganjones.internal -W -x -LL -D cn=config
-b cn=zimbra objectclass=*
Enter LDAP Password:
version: 1
dn: cn=zimbra
objectClass: organizationalRole
description: Zimbra Systems Application Data
cn: zimbra
dn: cn=admins,cn=zimbra
objectClass: organizationalRole
description: admin accounts
cn: admins
...
dn: cn=com_zimbra_convertd,cn=zimlets,cn=zimbra
zimbraZimletDescription: Convertd Extension for Admin UI
zimbraZimletVersion: 1.0
objectClass: zimbraZimletEntry
zimbraZimletIndexingEnabled: TRUE
zimbraZimletKeyword: com_zimbra_convertd
cn: com_zimbra_convertd
zimbraZimletIsExtension: TRUE
zimbraZimletPriority: 12
zimbraZimletEnabled: TRUE
$
side note: Zimbra users TLS for connections before stores and ldap servers. ‘-LL’ forces ldapsearch to use TLS, -x turns off ldaps.
Here’s the background that started me down this path:
Install ldap master with at least zimbra-ldap
Install a store, answer ‘n’ to zimbra-ldap
and ‘y’ to zimbra-store
. At the Main menu choose ‘1’ for Common Configuration.
Set Ldap master host
and Ldap Admin password
and when I typed ‘r’ it hung just like this:
Common configuration
1) Hostname: store01.morganjones.internal
2) Ldap master host: zldap.morganjones.internal
3) Ldap port: 389
4) Ldap Admin password: set
5) LDAP Base DN: cn=zimbra
6) Require secure interprocess communications: yes
7) TimeZone:
(GMT-05.00) Easten Time (US & Canada)
Select, or 'r' for previous menu [r] r
A quick look at /tmp/zmsetup* revealed:
Couldn't bind to zldap.morganjones.internal as uid=zimbra,cn=admins,cn=zimbra
Checking ldap on zldap.morganjones.internal:389
Unable to startTLS: Resource temporarily unavailable
Couldn't bind to zldap.morganjones.internal as uid=zimbra,cn=admins,cn=zimbra
checking isEnabled zimbra-store
Aha.. an LDAP connectivity problem.