Zimbra LDAP problem - Unable to determine enabled services from ldap

trevormantle · Post by **trevormantle** » Thu May 29, 2008 10:28 am

Background: Zimbra has been running fine on server for about one month. Restarted server and after restart I get the following when starting zimbra:
[zimbra@mail ~]$ zmcontrol start

Host mail.ofsloans.com

Starting ldap...Done.

Unable to determine enabled services from ldap.

Enabled services read from cache. Service list may be inaccurate.

Starting logger...Done.

Starting mailbox...Done.

Starting antispam...Done.

Starting antivirus...Done.

Starting snmp...Done.

Starting spell...Done.

Starting mta...Done.

Starting stats...Done.

You have new mail in /var/spool/mail/zimbra

Version Information:

[zimbra@mail ~]$ zmcontrol -v

Release 5.0.4_GA_2101.RHEL5_64_20080321154100 CentOS5_64
Verified slapd is running:

[zimbra@mail ~]$ ps -ef | grep slapd

zimbra 23494 1 0 08:18 ? 00:00:00 /opt/zimbra/openldap/libexec/slapd -l LOCAL0 -4 -u zimbra -h ldap://mail.ofsloans.com:389 -f /opt/zimbra/conf/slapd.conf
Verified it could resolve itself:

[zimbra@mail ~]$ zmhostname

mail.ofsloans.com

You have new mail in /var/spool/mail/zimbra
Checked the mail referenced:

[zimbra@mail ~]$ tail /var/spool/mail/zimbra

X-Cron-Env:

X-Cron-Env:

X-Cron-Env:

Message-Id:

Sender: CronDaemon

Date: Thu, 29 May 2008 08:24:18 -0700
Unable to determine enabled services from ldap.

Enabled services read from cache. Service list may be inaccurate.
Everything shows as running but I can not access email through the web client. I also can't access the administrator console through web interface.
Any Ideas on how to fix the LDAP error?

trevormantle · Post by **trevormantle** » Thu May 29, 2008 10:44 am

/var/log/messages is showing the following when a web client tries to connect:

May 29 08:43:03 mail zimbramon[23836]: 23836:info: zmmtaconfig: gacf ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException mail.ofsloans.com:389)

May 29 08:43:08 mail zimbramon[23836]: 23836:info: zmmtaconfig: Skipping All Reverse Proxy URLs update.

May 29 08:43:08 mail zimbramon[23836]: 23836:info: zmmtaconfig: Skipping getAllReverseProxyURLs ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException mail.ofsloans.com:389)

May 29 08:43:14 mail zimbramon[23836]: 23836:info: zmmtaconfig: Skipping All Reverse Proxy Backends update.

May 29 08:43:14 mail zimbramon[23836]: 23836:info: zmmtaconfig: Skipping getAllReverseProxyBackends ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException mail.ofsloans.com:389)

May 29 08:43:19 mail zimbramon[23836]: 23836:info: zmmtaconfig: Skipping All Memcached Servers update.

May 29 08:43:19 mail zimbramon[23836]: 23836:info: zmmtaconfig: Skipping getAllMemcachedServers ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException mail.ofsloans.com:389)

May 29 08:43:25 mail zimbramon[23836]: 23836:info: zmmtaconfig: Skipping All MTA Authentication Target URLs update.

May 29 08:43:25 mail zimbramon[23836]: 23836:info: zmmtaconfig: Skipping getAllMtaAuthURLs ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException mail.ofsloans.com:389)

May 29 08:43:31 mail zimbramon[23836]: 23836:info: zmmtaconfig: Skipping Configuration for server mail.ofsloans.com update.

May 29 08:43:31 mail zimbramon[23836]: 23836:info: zmmtaconfig: gs:mail.ofsloans.com ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException mail.ofsloans.com:389)

May 29 08:43:31 mail zimbramon[23836]: 23836:info: zmmtaconfig: Sleeping...Key lookup failed.

trevormantle · Post by **trevormantle** » Thu May 29, 2008 10:59 am

Here is a connection attempt:

May 29 08:56:09 mail postfix/smtpd[6868]: connect from catv-50624957.catv.broadband.hu[80.98.73.87]

May 29 08:56:11 mail zimbramon[4936]: 4936:info: zmmtaconfig: Skipping All Reverse Proxy URLs update.

May 29 08:56:11 mail zimbramon[4936]: 4936:info: zmmtaconfig: Skipping getAllReverseProxyURLs ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException mail.ofsloans.com:389)

May 29 08:56:11 mail zimbramon[6669]: 6669:info: 2008-05-29 08:56:02, STATUS: mail.ofsloans.com: antispam: Running

May 29 08:56:11 mail zimbramon[6669]: 6669:info: 2008-05-29 08:56:02, STATUS: mail.ofsloans.com: antivirus: Running

May 29 08:56:11 mail zimbramon[6669]: 6669:info: 2008-05-29 08:56:02, STATUS: mail.ofsloans.com: ldap: Running

May 29 08:56:11 mail zimbramon[6669]: 6669:info: 2008-05-29 08:56:02, STATUS: mail.ofsloans.com: logger: Running

May 29 08:56:11 mail zimbramon[6669]: 6669:info: 2008-05-29 08:56:02, STATUS: mail.ofsloans.com: mailbox: Running

May 29 08:56:11 mail zimbramon[6669]: 6669:info: 2008-05-29 08:56:02, STATUS: mail.ofsloans.com: mta: Running

May 29 08:56:11 mail zimbramon[6669]: 6669:info: 2008-05-29 08:56:02, STATUS: mail.ofsloans.com: snmp: Running

May 29 08:56:11 mail zimbramon[6669]: 6669:info: 2008-05-29 08:56:02, STATUS: mail.ofsloans.com: spell: Running

May 29 08:56:11 mail zimbramon[6669]: 6669:info: 2008-05-29 08:56:02, STATUS: mail.ofsloans.com: stats: Running

May 29 08:56:15 mail postfix/trivial-rewrite[6959]: error: dict_ldap_connect: Unable to set STARTTLS: -1: Can't contact LDAP server

May 29 08:56:15 mail zimbramon[4936]: 4936:info: zmmtaconfig: Skipping All Reverse Proxy Backends update.

May 29 08:56:15 mail zimbramon[4936]: 4936:info: zmmtaconfig: Skipping getAllReverseProxyBackends ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException mail.ofsloans.com:389)

May 29 08:56:18 mail postfix/smtpd[6979]: connect from 201008239118.user.veloxzone.com.br[201.8.239.118]

May 29 08:56:18 mail postfix/trivial-rewrite[6959]: error: dict_ldap_connect: Unable to set STARTTLS: -1: Can't contact LDAP server

May 29 08:56:19 mail zimbramon[4936]: 4936:info: zmmtaconfig: Skipping All Memcached Servers update.

May 29 08:56:19 mail zimbramon[4936]: 4936:info: zmmtaconfig: Skipping getAllMemcachedServers ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException mail.ofsloans.com:389)

May 29 08:56:20 mail postfix/smtpd[6990]: connect from pool-71-104-226-165.lsanca.dsl-w.verizon.net[71.104.226.165]

May 29 08:56:21 mail postfix/trivial-rewrite[6959]: error: dict_ldap_connect: Unable to set STARTTLS: -1: Can't contact LDAP server

May 29 08:56:21 mail postfix/trivial-rewrite[6959]: fatal: ldap:/opt/zimbra/conf/ldap-vad.cf(0,lock|fold_fix): table lookup problem

May 29 08:56:21 mail postfix/trivial-rewrite[6980]: error: dict_ldap_connect: Unable to set STARTTLS: -1: Can't contact LDAP server

May 29 08:56:22 mail postfix/smtpd[7000]: connect from n36.bullet.mail.ukl.yahoo.com[87.248.110.169]

May 29 08:56:22 mail postfix/smtpd[5595]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[5951]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6189]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6219]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[5826]: warning: problem talking to service rewrite: Success

May 29 08:56:22 mail postfix/smtpd[6254]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6310]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6311]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6290]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6330]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6370]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6371]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6379]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6378]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6402]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/smtpd[6398]: warning: problem talking to service rewrite: Connection reset by peer

May 29 08:56:22 mail postfix/master[5492]: warning: process /opt/zimbra/postfix-2.4.3.4z/libexec/trivial-rewrite pid 6959 exit status 1

May 29 08:56:24 mail postfix/smtpd[7001]: warning: 189.13.77.47: hostname 18913077047.user.veloxzone.com.br verification failed: Name or service not known

May 29 08:56:24 mail postfix/smtpd[7001]: connect from unknown[189.13.77.47]

phoenix · Post by **phoenix** » Thu May 29, 2008 11:11 am

Several things you can check. Permissions on the Zimbra files/directories, shutdown Zimbra and run the following (as root):
chown -R zimbra:zimbra /opt/zimbra

/opt/zimbra/libexec/zmfixperms -verboserestart Zimbra and see if that fixes it. If that's no good then do the following:
cat /etc/hosts

host `hostname`
dig yourdomain.com mx

dig yourdomain.com anyand post the output.

trevormantle · Post by **trevormantle** » Thu May 29, 2008 11:32 am

Here is the output of your commands:
[root@mail log]# chown -R zimbra:zimbra /opt/zimbra

[root@mail log]# cd /

[root@mail /]# /opt/zimbra/libexec/zmfixperms -verbose

Fixing ownership and permisions on /opt/zimbra/java

Fixing ownership and permisions on /opt/zimbra/lib

Fixing ownership and permisions on /opt/zimbra/db

Fixing ownership and permisions on /opt/zimbra/cyrus-sasl

Fixing ownership and permisions on /opt/zimbra/dspam

Fixing ownership and permisions on /opt/zimbra/jetty

Fixing ownership and permisions on /opt/zimbra/ssl

Fixing ownership and permisions on /opt/zimbra/httpd

Fixing ownership and permisions on /opt/zimbra/logger/mysql

Fixing ownership and permisions on /opt/zimbra/logger/db

Fixing ownership and permisions on /opt/zimbra/mysql

Fixing ownership and permisions on /opt/zimbra/snmp

Fixing ownership and permisions on /opt/zimbra/openldap

Fixing ownership and permisions on /opt/zimbra/sleepycat

Fixing ownership and permisions on /opt/zimbra/clamav

Fixing ownership and permisions on /opt/zimbra/amavisd

Fixing ownership and permisions on /opt/zimbra/zimbramon/lib

Fixing ownership and permisions on /opt/zimbra/rrdtool

Fixing ownership and permisions on /opt/zimbra/postfix

Fixing ownership and permisions on /opt/zimbra/data/postfix

[root@mail /]# su - zimbra

[zimbra@mail ~]$ zmcontrol start

Host mail.ofsloans.com

Starting ldap...Done.

Unable to determine enabled services from ldap.

Enabled services read from cache. Service list may be inaccurate.

Starting logger...Done.

Starting mailbox...Done.

Starting antispam...Done.

Starting antivirus...Done.

Starting snmp...Done.

Starting spell...Done.

Starting mta...Done.

Starting stats...Done.

You have new mail in /var/spool/mail/zimbra

Here is the additional information you requested:
[root@mail log]# cat /etc/hosts

127.0.0.1 localhost

209.20.66.252 mail.ofsloans.com
[root@mail log]# host `hostname`

mail.ofsloans.com has address 209.20.66.252
[root@mail log]# dig mail.ofsloans.com mx
; <<>> DiG 9.3.3rc2 <<>> mail.ofsloans.com mx

;; global options: printcmd

;; Got answer:

;; ->>HEADER<
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:

;mail.ofsloans.com. IN MX
;; AUTHORITY SECTION:

ofsloans.com. 3565 IN SOA ns1.slicehost.net. hostmaster.ofsloans.com. 2008041300 28800 7200 604800 3600
;; Query time: 0 msec

;; SERVER: 67.207.128.5#53(67.207.128.5)

;; WHEN: Thu May 29 09:30:47 2008

;; MSG SIZE rcvd: 99

[root@mail log]# dig mail.ofsloans.com any
; <<>> DiG 9.3.3rc2 <<>> mail.ofsloans.com any

;; global options: printcmd

;; Got answer:

;; ->>HEADER<
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:

;mail.ofsloans.com. IN ANY
;; ANSWER SECTION:

mail.ofsloans.com. 3538 IN A 209.20.66.252
;; AUTHORITY SECTION:

ofsloans.com. 102908 IN NS ns2.slicehost.net.

ofsloans.com. 102908 IN NS ns1.slicehost.net.
;; ADDITIONAL SECTION:

ns1.slicehost.net. 83273 IN A 208.78.100.222

ns2.slicehost.net. 76309 IN A 208.75.87.240
;; Query time: 10 msec

;; SERVER: 67.207.128.5#53(67.207.128.5)

;; WHEN: Thu May 29 09:31:14 2008

;; MSG SIZE rcvd: 132

phoenix · Post by **phoenix** » Thu May 29, 2008 11:36 am

First of all the hosts file is incorrect, the following change should be made:
127.0.0.1 localhost
change that to read as follows:
127.0.0.1 localhost.localdomain localhostReboot the server after making that change and see what happens.

phoenix · Post by **phoenix** » Thu May 29, 2008 11:41 am

In addition, you also seem to have no MX record pointing to your server. That might be because you've used the wrong domain name for the dig command. It should be as follows:
dig ofsloans.com mx

dig ofsloans.com any

trevormantle · Post by **trevormantle** » Thu May 29, 2008 11:46 am

Here are my resolv.conf and hosts files now:

[root@mail ~]# cat /etc/resolv.conf

nameserver 67.207.128.5

nameserver 67.207.128.4

[root@mail ~]# cat /etc/host

host.conf hosts hosts.allow hosts.deny

[root@mail ~]# cat /etc/hosts

127.0.0.1 mail.ofsloans.com localhost

209.20.66.252 mail.ofsloans.com
After the reboot:

[zimbra@mail ~]$ zmcontrol status

Unable to determine enabled services from ldap.

Enabled services read from cache. Service list may be inaccurate.

Host mail.ofsloans.com

antispam Running

antivirus Running

ldap Running

logger Running

mailbox Running

mta Running

snmp Running

spell Running

stats Running

trevormantle · Post by **trevormantle** » Thu May 29, 2008 11:51 am

[zimbra@mail ~]$ dig ofsloans.com mx
; <<>> DiG 9.3.3rc2 <<>> ofsloans.com mx

;; global options: printcmd

;; Got answer:

;; ->>HEADER<
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; QUESTION SECTION:

;ofsloans.com. IN MX
;; ANSWER SECTION:

ofsloans.com. 3600 IN MX 10 mail.ofsloans.com.
;; AUTHORITY SECTION:

ofsloans.com. 101742 IN NS ns1.slicehost.net.

ofsloans.com. 101742 IN NS ns2.slicehost.net.
;; ADDITIONAL SECTION:

mail.ofsloans.com. 2372 IN A 209.20.66.252

ns1.slicehost.net. 82107 IN A 208.78.100.222

ns2.slicehost.net. 75143 IN A 208.75.87.240
;; Query time: 3 msec

;; SERVER: 67.207.128.5#53(67.207.128.5)

;; WHEN: Thu May 29 09:50:40 2008

;; MSG SIZE rcvd: 148
You have new mail in /var/spool/mail/zimbra

[zimbra@mail ~]$ dig ofsloans.com any
; <<>> DiG 9.3.3rc2 <<>> ofsloans.com any

;; global options: printcmd

;; Got answer:

;; ->>HEADER<
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 3
;; QUESTION SECTION:

;ofsloans.com. IN ANY
;; ANSWER SECTION:

ofsloans.com. 3600 IN A 209.20.66.243

ofsloans.com. 3600 IN SOA ns1.slicehost.net. hostmaster.ofsloans.com. 2008041300 28800 7200 604800 3600

ofsloans.com. 3600 IN MX 10 mail.ofsloans.com.

ofsloans.com. 101738 IN NS ns1.slicehost.net.

ofsloans.com. 101738 IN NS ns2.slicehost.net.
;; AUTHORITY SECTION:

ofsloans.com. 101738 IN NS ns2.slicehost.net.

ofsloans.com. 101738 IN NS ns1.slicehost.net.
;; ADDITIONAL SECTION:

mail.ofsloans.com. 2368 IN A 209.20.66.252

ns1.slicehost.net. 82103 IN A 208.78.100.222

ns2.slicehost.net. 75139 IN A 208.75.87.240
;; Query time: 6 msec

;; SERVER: 67.207.128.5#53(67.207.128.5)

;; WHEN: Thu May 29 09:50:44 2008

;; MSG SIZE rcvd: 239

phoenix · Post by **phoenix** » Thu May 29, 2008 11:56 am

You've misunderstood the post above, you hosts file should not have this line:
127.0.0.1 mail.ofsloans.com localhostit should be exactly as I typed it above:
127.0.0.1 localhost.localdomain localhost