Linux user zimbra lost rights in zmprov

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
vbmchik
Posts: 4
Joined: Wed Aug 15, 2018 7:37 am

Linux user zimbra lost rights in zmprov

Post by vbmchik »

Hello all.
After update my zimbra OSE installation to Zimbra 8.8.15_GA_4303 (build 20220612004933)
I lost ability to run zmprov from linux user Zimbra
[zimbra@mail vbm]$ zmprov
ERROR: service.PERM_DENIED (permission denied: Error in Authentication)
Though I can use zmprov if use mail admin credeintials with keys -a -p
If anyone knows can I add local linux user to mail admins now?
Or is it bug in my installation or security improvement?

Thank you
basilisk_
Posts: 1
Joined: Wed Jul 20, 2022 8:53 am

Re: Linux user zimbra lost rights in zmprov

Post by basilisk_ »

Hello. Have you managed to solve this problem?
fdb
Posts: 2
Joined: Mon Jul 25, 2022 7:13 pm

Re: Linux user zimbra lost rights in zmprov

Post by fdb »

I am having the same problem and I can't solve it. Has anyone figured out what should be done?
fdb
Posts: 2
Joined: Mon Jul 25, 2022 7:13 pm

Re: Linux user zimbra lost rights in zmprov

Post by fdb »

I may have found the problem, but still don't know how to properly fix it.

When I ran the zmlocalconfig -s command, I saw the following output:

zimbra_ldap_user = zimbra
zimbra_ldap_userdn = uid=zimbra,cn=admins,cn=zimbra


Then I did a ldap search: ldapsearch -D "uid=zimbra,cn=admins,cn=zimbra" -w YOURPASSWORD -H ldaps://YOURDOMAIN -b "uid=zimbra,cn=admins,cn=zimbra". The output (shown bellow) shows that my zimbra master admin account is locked. However, I don't know how to unlock an account that doesn't belong to my domain.


# zimbra, admins, zimbra
dn: uid=zimbra,cn=admins,cn=zimbra
uid: zimbra
objectClass: zimbraAccount
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: zimbra
sn: zimbra
zimbraIsAdminAccount: TRUE
zimbraIsSystemResource: TRUE
zimbraId: e0fafd89-1360-11d9-8661-000a95d98ef2
description: The master zimbra admin account
userPassword:: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
zimbraLastLogonTimestamp: xxxxxxxxxxxxxxx
zimbraAccountStatus: lockout
zimbraMailStatus: enabled

Does anyone know how to unlock the uid=zimbra,cn=admins,cn=zimbra account?
Post Reply