common ldap error -Unable to determine enabled services from ldap
common ldap error -Unable to determine enabled services from ldap
Dear all,
I can't start zimbra service. i get below common error.
Search error: Unable to determine enabled services from ldap.
Unable to determine enabled services. Cache is out of date or doesn't exist.
I checked /etc/hosts , /etc/resolve.conf file and I used dig mx domain.com.
All r perfect.
My certificate was valid up to 2020.
But I regenerated it.
then , I came a cross below errors.
/opt/zimbra/bin/zmcertmgr createcrt -new -days 1825
Saving config key 'zimbraSSLPrivateKey' via zmprov modifyServer mail.domain.com...failed (rc=1)
/opt/zimbra/bin/zmcertmgr deploycrt self
** Saving config key 'zimbraSSLCertificate' via zmprov modifyServer mail.domain.com...failed (rc=1)
/opt/zimbra/bin/zmcertmgr deployca
** Saving config key 'zimbraCertAuthorityCertSelfSigned' via zmprov modifyConfig...failed (rc=1)
below thing I performed.
zmlocalconfig -s |grep ldap.*password
I checked localconfig.xml file.
I tried to upgrarde it. It gave me ldap error. then I followed this below URL.
https://wiki.zimbra.com/wiki/Upgrade_Sc ... figuration
Still no luck. my zimbra version is given below.
Release 8.8.11_GA_3737.RHEL7_64_20181207111719 RHEL7_64 FOSS edition, Patch 8.8.11_P4.
Hope to hear from you.
I can't start zimbra service. i get below common error.
Search error: Unable to determine enabled services from ldap.
Unable to determine enabled services. Cache is out of date or doesn't exist.
I checked /etc/hosts , /etc/resolve.conf file and I used dig mx domain.com.
All r perfect.
My certificate was valid up to 2020.
But I regenerated it.
then , I came a cross below errors.
/opt/zimbra/bin/zmcertmgr createcrt -new -days 1825
Saving config key 'zimbraSSLPrivateKey' via zmprov modifyServer mail.domain.com...failed (rc=1)
/opt/zimbra/bin/zmcertmgr deploycrt self
** Saving config key 'zimbraSSLCertificate' via zmprov modifyServer mail.domain.com...failed (rc=1)
/opt/zimbra/bin/zmcertmgr deployca
** Saving config key 'zimbraCertAuthorityCertSelfSigned' via zmprov modifyConfig...failed (rc=1)
below thing I performed.
zmlocalconfig -s |grep ldap.*password
I checked localconfig.xml file.
I tried to upgrarde it. It gave me ldap error. then I followed this below URL.
https://wiki.zimbra.com/wiki/Upgrade_Sc ... figuration
Still no luck. my zimbra version is given below.
Release 8.8.11_GA_3737.RHEL7_64_20181207111719 RHEL7_64 FOSS edition, Patch 8.8.11_P4.
Hope to hear from you.
Re: common ldap error -Unable to determine enabled services from ldap
Thanks for you response. I hv been working on this zimbra system moire than 24 hours.DualBoot wrote:Hello
Maybe you should try this :
https://wiki.zimbra.com/wiki/Regenerate ... gle-Server
Regards,
I tried your URL. But it gave me errors. Pls see them.
$ /opt/zimbra/bin/zmcertmgr deployca
** Saving config key 'zimbraCertAuthorityCertSelfSigned' via zmprov modifyConfig...failed (rc=1) -----------> Can u tell me why?
Why is that?
$ /opt/zimbra/bin/zmcertmgr createcrt -new -days 365
** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20200505152645
** Recreating /opt/zimbra/conf/zmssl.cnf
** Generating a server CSR of type 'self' for download
** Using CA cert in '/opt/zimbra/ssl/zimbra/ca/ca.pem'
** Using CA private key in '/opt/zimbra/ssl/zimbra/ca/ca.key'
** Retrieving Commercial CA cert from LDAP... failed
** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr with keysize=2048 digest=sha256
** Saving config key 'zimbraSSLPrivateKey' via zmprov modifyServer mail.domian.com...failed (rc=1). ------------> can u tell me why?
** Signing cert request /opt/zimbra/ssl/zimbra/server/serve
[zimbra@mail ~]$ /opt/zimbra/bin/zmcertmgr deploycrt self
** Saving config key 'zimbraSSLCertificate' via zmprov modifyServer mail.domain.com...failed (rc=1) ----------->. Can u tell me why?
** Installing imapd certificate '/opt/zimbra/conf/imapd.crt' and key '/opt/zimbra/conf/imapd.key'
** Copying '/opt/zimbra/ssl/zimbra/server/server.crt' to '/opt/zimbra/conf/imapd.crt'
** Copying '/opt/zimbra/ssl/zimbra/server/server.key' to '/opt/zimbra/conf/imapd.key'
** Creating file '/opt/zimbra/ssl/zimbra/jetty.pkcs12'
** Creating keystore '/opt/zimbra/conf/imapd.keystore'
** Installing ldap certificate '/opt/zimbra/conf/slapd.crt' and key '/opt/zimbra/conf/slapd.key'
** Copying '/opt/zimbra/ssl/zimbra/server/server.crt' to '/opt/zimbra/conf/slapd.crt'
** Copying '/opt/zimbra/ssl/zimbra/server/server.key' to '/opt/zimbra/conf/slapd.key'
** Creating file '/opt/zimbra/ssl/zimbra/jetty.pkcs12'
** Creating keystore '/opt/zimbra/mailboxd/etc/keystore'
** Installing mta certificate '/opt/zimbra/conf/smtpd.crt' and key '/opt/zimbra/conf/smtpd.key'
** Copying '/opt/zimbra/ssl/zimbra/server/server.crt' to '/opt/zimbra/conf/smtpd.crt'
** Copying '/opt/zimbra/ssl/zimbra/server/server.key' to '/opt/zimbra/conf/smtpd.key'
** Installing proxy certificate '/opt/zimbra/conf/nginx.crt' and key '/opt/zimbra/conf/nginx.key'
** Copying '/opt/zimbra/ssl/zimbra/server/server.crt' to '/opt/zimbra/conf/nginx.crt'
** Copying '/opt/zimbra/ssl/zimbra/server/server.key' to '/opt/zimbra/conf/nginx.key'
** NOTE: restart services to use the new certificates.
** Cleaning up 3 files from '/opt/zimbra/conf/ca'
** Removing /opt/zimbra/conf/ca/6f5437d0.0
** Removing /opt/zimbra/conf/ca/ca.key
** Removing /opt/zimbra/conf/ca/ca.pem
** Copying CA to /opt/zimbra/conf/ca
** Copying '/opt/zimbra/ssl/zimbra/ca/ca.key' to '/opt/zimbra/conf/ca/ca.key'
** Copying '/opt/zimbra/ssl/zimbra/ca/ca.pem' to '/opt/zimbra/conf/ca/ca.pem'
** Creating CA hash symlink '6f5437d0.0' -> 'ca.pem'
Really appreciate, if you can help further.
-
- Ambassador
- Posts: 2767
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Re: common ldap error -Unable to determine enabled services from ldap
Is your DNS set up properly (splt DNS might be needed)?
Can you server resolve its own FQDN?
Can you server resolve its own FQDN?
Re: common ldap error -Unable to determine enabled services from ldap
zmhostname and nslookup and ping work properly. This worked until 2 days ago very well. This issue started suddenly.Klug wrote:Is your DNS set up properly (splt DNS might be needed)?
Can you server resolve its own FQDN?
how can I get email addresses. the below command does not work
$ zmprov -l gaa
[] INFO: master is down, falling back to replica...
[] FATAL: failed to initialize LDAP client
com.zimbra.cs.ldap.LdapException: LDAP error: : invalid credentials
Is there a alternative way to get email addresses?
another command.
$ zmprov getMailboxInfo admin@domain.com
[] INFO: I/O exception (java.net.ConnectException) caught when processing request: Connection refused (Connection refused)
There r messages under
/opt/zimbra/store/0 directory. I got a back up of this.
It there a way to restore these mails to the SAME USERS after a fresh install of zimbra?
- DualBoot
- Elite member
- Posts: 1326
- Joined: Mon Apr 18, 2016 8:18 pm
- Location: France - Earth
- ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
- Contact:
Re: common ldap error -Unable to determine enabled services from ldap
You should investigate your zmlocalconfig setup. Maybe LDAP configuration is wrong.
Regards,
Regards,
Re: common ldap error -Unable to determine enabled services from ldap
DualBoot wrote:Hello
Maybe you should try this :
https://wiki.zimbra.com/wiki/Regenerate ... gle-Server
Regards,
How can I solve this?
ldapsearch -x -h mail.domain.com -D uid=zimbra,cn=admins,cn=zimbra,dc=domain,dc=com -w PASSWORD
ldap_bind: Invalid credentials (49)
This may be problem?
How can I give a password?
zmldappassword newpass ?
Or
zmlocalconfig -e ?
Hope to hear from you.
- DualBoot
- Elite member
- Posts: 1326
- Joined: Mon Apr 18, 2016 8:18 pm
- Location: France - Earth
- ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
- Contact:
Re: common ldap error -Unable to determine enabled services from ldap
before using zmlocalconf -e you should search the right password for the right LDAP user.
zmlocalconfig -s should show you all password which are stored in the setup. If you get them
replace them in the LDAP with Zimbra internal command.
Regards,
zmlocalconfig -s should show you all password which are stored in the setup. If you get them
replace them in the LDAP with Zimbra internal command.
Regards,
Re: common ldap error -Unable to determine enabled services from ldap
Thanks a lot.DualBoot wrote:before using zmlocalconf -e you should search the right password for the right LDAP user.
zmlocalconfig -s should show you all password which are stored in the setup. If you get them
replace them in the LDAP with Zimbra internal command.
Regards,
zmlocalconfig -s |grep -i password gave me passwords. All r same. Let's say PASSWORD
Now how to replace them in zimbra LDAP with zimbra internal command?
What's the zimbra internal command?
Plz guide me I will do my homework...
- DualBoot
- Elite member
- Posts: 1326
- Joined: Mon Apr 18, 2016 8:18 pm
- Location: France - Earth
- ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
- Contact:
Re: common ldap error -Unable to determine enabled services from ldap
You have answered it yourself earlier
zmldappasswd
Before make sure you have a backup and after each modification you should verify with common ldap command.
zmldappasswd
Before make sure you have a backup and after each modification you should verify with common ldap command.