zimbra do not start (search error)

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
apammn
Posts: 7
Joined: Sat Sep 13, 2014 2:32 am

zimbra do not start (search error)

Post by apammn »

hello.

zimbra 8.8.12 GA

I stopped zimbra, took a shapshot
before a yum update
I run yum update

After update complete zimbra do not start

to save time I reload the VM from the snapshot
but It does not start


ldap [zimbra@mail1 ~]$ zmcontrol start
Host mail1.apam.it
Search error: Unable to determine enabled services from ldap.

and then the other services not start

Can someone helpe me ?

thank you

I tried to regenerate certificate but got error
>Saving config key 'zimbraSSLPrivateKey' via zmprov modifyServer mail1.apam.it...failed (rc=1)

It seems a problem to read/update ldap repository

I tried to set the zimbra zimbra_ldap_password

(viewtopic.php?f=15&t=59186&hilit=com.zi ... redentials )

zimbra_ldap_password = gmxyTdNK
[zimbra@mail1 log]$ zmldappasswd gmxyTdNK
Updating local config and LDAP
[zimbra@mail1 log]$ zmlocalconfig -s zimbra_ldap_password
zimbra_ldap_password = gmxyTdNK
but
[zimbra@mail1 log]$ ldapsearch -x -LLL -H ldapi:/// -D uid=zimbra,cn=admins,cn=zimbra -w `zmlocalconfig -m nokey -s zimbra_ldap_password` -s base -b ""
ldap_bind: Invalid credentials (49)

Still blocked !!

how can I solve ?
User avatar
axslingr
Outstanding Member
Outstanding Member
Posts: 256
Joined: Sat Sep 13, 2014 2:20 am
ZCS/ZD Version: 8.8.15.GA.3869.UBUNTU18.64 UBUNTU18

Re: zimbra do not start (search error)

Post by axslingr »

Try these commands and see if ZCS will at least start.

Code: Select all

zmlocalconfig -e zimbra_require_interprocess_security=0
zmlocalconfig -e ldap_starttls_supported=0
zmlocalconfig -e ldap_starttls_required=false
apammn
Posts: 7
Joined: Sat Sep 13, 2014 2:32 am

Re: zimbra do not start (search error)

Post by apammn »

Thank you for support

I tried

[root@mail1 ~]# su - zimbra
[zimbra@mail1 ~]$ zmlocalconfig -e zimbra_require_interprocess_security=0
[zimbra@mail1 ~]$ zmlocalconfig -e ldap_starttls_supported=0
[zimbra@mail1 ~]$ zmlocalconfig -e ldap_starttls_required=false
[zimbra@mail1 ~]$ zmcontrol start
Host mail1.apam.it
Search error: Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.

but still non start
apammn
Posts: 7
Joined: Sat Sep 13, 2014 2:32 am

Re: zimbra do not start (search error)

Post by apammn »

I tried to backup the ldap db

[zimbra@mail1 ~]$ ll /opt/zimbra/data/ldap/mdb/db/
-rw-------. 1 zimbra zimbra 85899345920 Nov 20 21:37 data.mdb
-rw-------. 1 zimbra zimbra 8192 Nov 21 06:21 lock.mdb
[zimbra@mail1 ~]$ /opt/zimbra/libexec/zmslapcat /tmp
[zimbra@mail1 ~]$ ll /tmp/*ldap*
-rw-r-----. 1 zimbra zimbra 880390 Nov 21 06:21 /tmp/ldap-config.bak
-rw-r-----. 1 zimbra zimbra 880390 Nov 21 06:21 /tmp/ldap-config.bak.20201121062122
-rw-r-----. 1 zimbra zimbra 0 Nov 21 06:25 /tmp/ldap.bak
-rw-r-----. 1 zimbra zimbra 0 Nov 21 06:21 /tmp/ldap.bak.20201121062116
-rw-r-----. 1 zimbra zimbra 0 Nov 21 06:25 /tmp/ldap.bak.20201121062522

but the backup is 0 byte
User avatar
axslingr
Outstanding Member
Outstanding Member
Posts: 256
Joined: Sat Sep 13, 2014 2:20 am
ZCS/ZD Version: 8.8.15.GA.3869.UBUNTU18.64 UBUNTU18

Re: zimbra do not start (search error)

Post by axslingr »

Are you using self-signed certs? You may need to re-create the CA as well as certs if so.

Code: Select all

/opt/zimbra/bin/zmcertmgr createca -new
/opt/zimbra/bin/zmcertmgr createcrt -new -days 1825
/opt/zimbra/bin/zmcertmgr deploycrt self
/opt/zimbra/bin/zmcertmgr deployca
/opt/zimbra/bin/zmcertmgr viewdeployedcrt
apammn
Posts: 7
Joined: Sat Sep 13, 2014 2:32 am

[Solved] Re: zimbra do not start (search error)

Post by apammn »

Hello,

I solved with a rsync of /opt/zimbra/data/ldap/mdb/db
from a valid VM backup but 2 weeks old.
I lost some configurations made in the last 2 weeks
but not so much work.

I understand that the snapshot taken for backup the VM
with OS runnnig do non preserve the ldap db which is sparse
file.
Now I added a daily zmslapcat, just before VM backup, so I have
a valid export of ldap db as normal file.

thank you
Post Reply