Failed to start slapd attempting debug start to determine error zimbra

HelloWe had a server unexpected halt and after that we cant start zimbra by running zimbra start. the startup.log saysHost mail.compay.com

bonadio

Advanced member
Advanced member
Posts: 85
Joined: Fri Sep 12, 2014 11:11 pm

[SOLVED] zimbra cant start after crash ldap error

Hello
We had a server unexpected halt and after that we cant start zimbra by running zimbra start.
the startup.log says
Host mail.compay.com

Starting ldap…Done.

FAILED

Failed to start slapd. Attempting debug start to determine error.

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:02001002:system library:fopen:No such file or directory bss_file.c:356

TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:358

main: TLS init def ctx failed: -1

we found a work around starting ldap manually with
sudo /opt/zimbra/openldap/libexec/slapd -l LOCAL0 -4 -u zimbra -h ldap://mail.company.com:389/ -f /opt/zimbra/conf/slapd.conf
and then
sudo zimbra

zmstorectl start

zmnginx start

zmspellctl start

Any idea how to fix this problem? seens like a certificate problem but we already have reinstalled the commercial certificate but the problem persist.
Thanks

User avatar

L. Mark Stone

Ambassador
Ambassador
Posts: 2553
Joined: Wed Oct 09, 2013 11:35 am
Location: Portland, Maine, US
ZCS/ZD Version: 8.8.15 Network Edition
Contact:

[SOLVED] zimbra cant start after crash ldap error

Postby L. Mark Stone » Sat Jan 30, 2010 1:17 pm

There is a bug with LDAP TLS in that LDAP doesn’t know where the ca file are.
We have an open support ticket on this, and you can look at the bug report for more info.

Suggest»>https://bugzilla.zimbra.com/show_bug.cgi?id=43701
Suggest opening a support ticket with Zimbra directly, in the interim you can disable LDAP TLS on both servers by running the following as the zimbra user on both servers and then restarting Zimbra.

zmlocalconfig -e ldap_starttls_supported=1

At that point though, all the inter-server LDAP traffic is plain text, which may be a security risk depending on your infrastructure.
Hope that helps,

Mark

bonadio

Advanced member
Advanced member
Posts: 85
Joined: Fri Sep 12, 2014 11:11 pm

[SOLVED] zimbra cant start after crash ldap error

Postby bonadio » Sat Jan 30, 2010 2:16 pm

Hi Mark
Thanks for the reply, but the command
zmlocalconfig -e ldap_starttls_supported=0 or

zmlocalconfig -e ldap_starttls_supported=1
did not work, tried with both options, stopped but when I restart the startup.log says the same thing
FAILED

Failed to start slapd. Attempting debug start to determine error.

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:02001002:system library:fopen:No such file or directory bss_file.c:356

TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:358

main: TLS init def ctx failed: -1

I will copy this zimbra to a new server where I can do more tests, I will post back any results
Thanks

bonadio

Advanced member
Advanced member
Posts: 85
Joined: Fri Sep 12, 2014 11:11 pm

[SOLVED] zimbra cant start after crash ldap error

Postby bonadio » Fri Feb 12, 2010 1:24 pm

[quote user=»bonadio»]Hi Mark
Thanks for the reply, but the command
zmlocalconfig -e ldap_starttls_supported=0 or

zmlocalconfig -e ldap_starttls_supported=1
did not work, tried with both options, stopped but when I restart the startup.log says the same thing
FAILED

Failed to start slapd. Attempting debug start to determine error.

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:02001002:system library:fopen:No such file or directory bss_file.c:356

TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:358

main: TLS init def ctx failed: -1

I will copy this zimbra to a new server where I can do more tests, I will post back any results
Thanks[/QUOTE]

Hi
I found a solution.
I found that in the /opt/zimbra/conf/ca directory there was 2 broken link files, I removed those files and them zimbra started normally.
[]s


Return to “Administrators”

Who is online

Users browsing this forum: Bing [Bot], L. Mark Stone and 35 guests

From Notes_Wiki

Home > CentOS > CentOS 6.x > Troubleshooting zimbra issues

ldap fails to start

If ldap server does not starts and gives this error

Failed to start slapd.  Attempting debug start to determine error.
bdb_db_close: database "": txn_checkpoint failed: Invalid argument (22).
backend_startup_one (type=hdb, suffix=""): bi_db_open failed! (22)
bdb_db_close: database "": alock_close failed

First verify that domain to IP mapping in /etc/hosts file is correct. If domain to IP mapping in /etc/hosts is not correct then Zimbra will not be able to start listening socket on incorrect IP and hence ldap may fail to start. Also zimbra must be stopped before changing machine IP. Then IP should be changed on system and in /etc/hosts. Then zimbra should be started.

If problem is not due to incorrect IP then:

  1. Login as root
  2. Go to dir ‘/opt/zimbra/data/ldap/hdb/db’
  3. Use command ‘/opt/zimbra/bdb/bin/db_recover’

Complete reinstallation without affecting data

If Zimbra stops working and normal troubleshooting is not working, then we can reinstall zimbra without affecting data using following steps:

  1. Download the same version of zimbra and extract the contents.
  2. Run ‘./install.sh -s —platform-override’ . The ‘-s’ option is used to reinstall zimbra without touching the data.
  3. Then run ‘/opt/zimbra/libexec/zmsetup.pl’ script as root to re-initialize the ldap and other settings.
  4. If permissions could be incorrect then they can be fixed using
    chown -R zimbra:zimbra /opt/zimbra
    /opt/zimbra/libexec/zmfixperms -verbose -extended

The same steps can be used for upgrading Zimbra to a higher version also

Fixing permisssions on zimbra files

If permissions on zimbra directory could be wrong then following can be use to fix permissions:

chown -R zimbra:zimbra /opt/zimbra
/opt/zimbra/libexec/zmfixperms -verbose -extended

Incoming email from other domains is not getting delivered to Zimbra

To troubleshoot incoming emails from other domains to Zimbra use following steps:

  1. Verify DNS MX entries for domain
  2. Verify Zimbra aliases or domains allow incoming emails for given alias or domain
  3. Send email to corresponding zimbra user using mail command
  4. Look at /var/log/zimbra.log if mail was accepted on Zimbra server. Mail not showing here indicates problem with sender.

In case there is issue with sender do following:

  1. Check /var/log/maillog on the sending machine to see if email was accepted for delivery as per sending machine
  2. Check «mailq» or «postqueue -p» output
  3. Check local user mail or various mail queues of postfix on sender to determine problem
  4. One way of accepting email is to add sending IP address in Zimbra Admin -< Configure -< Global Settings -< MTA -< MTATrusted Networks and save

Home > CentOS > CentOS 6.x > Troubleshooting zimbra issues

Содержание

  1. Failed to start slapd attempting debug start to determine error
  2. [SOLVED] zimbra cant start after crash ldap error
  3. [SOLVED] zimbra cant start after crash ldap error
  4. [SOLVED] zimbra cant start after crash ldap error
  5. Ubuntu + Zimbra (перестал запускаться LDAP)
  6. Комментарии
  7. Failed to start slapd attempting debug start to determine error
  8. Problem instalation zimbra Failed to start slapd
  9. Problem instalation zimbra Failed to start slapd
  10. Problem instalation zimbra Failed to start slapd
  11. Problem instalation zimbra Failed to start slapd
  12. Failed to start slapd attempting debug start to determine error
  13. How to fix the error: Failed to start slapd TLS: error:0200100D:system library:fopen:Permission denied bss file.c
  14. Contents
  15. Purpose
  16. Resolution
  17. Additional Content

Failed to start slapd attempting debug start to determine error

Post by bonadio » Fri Jan 29, 2010 7:51 pm

Hello
We had a server unexpected halt and after that we cant start zimbra by running zimbra start.
the startup.log says
Host mail.compay.com

Starting ldap. Done.

Failed to start slapd. Attempting debug start to determine error.

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:02001002:system library:fopen:No such file or directory bss_file.c:356

TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:358

main: TLS init def ctx failed: -1

we found a work around starting ldap manually with
sudo /opt/zimbra/openldap/libexec/slapd -l LOCAL0 -4 -u zimbra -h ldap://mail.company.com:389/ -f /opt/zimbra/conf/slapd.conf
and then
sudo zimbra

Any idea how to fix this problem? seens like a certificate problem but we already have reinstalled the commercial certificate but the problem persist.
Thanks

[SOLVED] zimbra cant start after crash ldap error

Post by L. Mark Stone » Sat Jan 30, 2010 1:17 pm

There is a bug with LDAP TLS in that LDAP doesn’t know where the ca file are.
We have an open support ticket on this, and you can look at the bug report for more info.

Suggest»>https://bugzilla.zimbra.com/show_bug.cgi?id=43701
Suggest opening a support ticket with Zimbra directly, in the interim you can disable LDAP TLS on both servers by running the following as the zimbra user on both servers and then restarting Zimbra.

At that point though, all the inter-server LDAP traffic is plain text, which may be a security risk depending on your infrastructure.
Hope that helps,

[SOLVED] zimbra cant start after crash ldap error

Post by bonadio » Sat Jan 30, 2010 2:16 pm

Hi Mark
Thanks for the reply, but the command
zmlocalconfig -e ldap_starttls_supported=0 or

zmlocalconfig -e ldap_starttls_supported=1
did not work, tried with both options, stopped but when I restart the startup.log says the same thing
FAILED

Failed to start slapd. Attempting debug start to determine error.

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:02001002:system library:fopen:No such file or directory bss_file.c:356

TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:358

main: TLS init def ctx failed: -1

I will copy this zimbra to a new server where I can do more tests, I will post back any results
Thanks

[SOLVED] zimbra cant start after crash ldap error

Post by bonadio » Fri Feb 12, 2010 1:24 pm

[quote user=»bonadio»]Hi Mark
Thanks for the reply, but the command
zmlocalconfig -e ldap_starttls_supported=0 or

zmlocalconfig -e ldap_starttls_supported=1
did not work, tried with both options, stopped but when I restart the startup.log says the same thing
FAILED

Failed to start slapd. Attempting debug start to determine error.

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:02001002:system library:fopen:No such file or directory bss_file.c:356

TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:358

main: TLS init def ctx failed: -1

I will copy this zimbra to a new server where I can do more tests, I will post back any results
Thanks[/QUOTE]

Hi
I found a solution.
I found that in the /opt/zimbra/conf/ca directory there was 2 broken link files, I removed those files and them zimbra started normally.
[]s

Источник

Ubuntu + Zimbra (перестал запускаться LDAP)

Комментарии

root@mail:/# /opt/zimbra/bin/zmcertmgr createca -new

** Creating directory /opt/zimbra/ssl/zimbra

** Creating directory /opt/zimbra/ssl/zimbra/ca

** Creating directory /opt/zimbra/ssl/zimbra/server

** Creating directory /opt/zimbra/ssl/zimbra/commercial

** Creating /opt/zimbra/ssl/zimbra/ca/zmssl.cnf. done

** Creating CA private key /opt/zimbra/ssl/zimbra/ca/ca.key. done.

** Creating CA cert /opt/zimbra/ssl/zimbra/ca/ca.pem. done.

root@mail:/# /opt/zimbra/bin/zmcertmgr createcrt -new -days 365

Validation days: 365

** Creating /opt/zimbra/conf/zmssl.cnf. done

** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20131029160425

** Generating a server csr for download self -new -keysize 1024

** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20131029160425

** Retrieving Commercial CA cert from ldap. failed.

** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr. done.

** Saving server config key zimbraSSLPrivateKey. failed.

** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csr. done.

root@mail:/# /opt/zimbra/bin/zmcertmgr deploycrt self

** Saving server config key zimbraSSLCertificate. failed.

** Saving server config key zimbraSSLPrivateKey. failed.

** Installing mta certificate and key. done.

** Installing slapd certificate and key. done.

** Installing proxy certificate and key. done.

** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12. done.

** Creating keystore file /opt/zimbra/mailboxd/etc/keystore. done.

** Installing CA to /opt/zimbra/conf/ca. done.

root@mail:/# /opt/zimbra/bin/zmcertmgr deployca

** Importing CA /opt/zimbra/ssl/zimbra/ca/ca.pem into CACERTS. done.

** Saving global config key zimbraCertAuthorityCertSelfSigned. failed.

** Saving global config key zimbraCertAuthorityKeySelfSigned. failed.

** Copying CA to /opt/zimbra/conf/ca. done.

root@mail:/# /opt/zimbra/bin/zmcertmgr viewdeployedcrt

notBefore=Oct 29 13:04:30 2013 GMT

notAfter=Oct 29 13:04:30 2014 GMT

subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.xxx-xxx.com

issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.xxx-xxx.com

notBefore=Oct 29 13:04:30 2013 GMT

notAfter=Oct 29 13:04:30 2014 GMT

subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.xxx-xxx.com

issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.xxx-xxx.com

notBefore=Oct 29 13:04:30 2013 GMT

notAfter=Oct 29 13:04:30 2014 GMT

subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.xxx-xxx.com

issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.xxx-xxx.com

notBefore=Oct 29 13:04:30 2013 GMT

notAfter=Oct 29 13:04:30 2014 GMT

subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.xxx-xxx.com

issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.xxx-xxx.com

После запустил — zmcontrol start, ошибка таже самая.
Может дело действительно в DNS, как это можно проверить?
Спасибо!

Источник

Failed to start slapd attempting debug start to determine error

Post by carias78 » Thu Mar 18, 2010 9:56 am

$ ldap start
Failed to start slapd. Attempting debug start to determine error.

daemon: bind(7) failed errno=98 (Address already in use)

slap_open_listener: failed on ldap://mail:389[/QUOTE]

hi, output of the following commands
root@mail:

127.0.0.1 localhost.localdomain localhost

172.19.143.2 mail.banpro2.com.ve mail

# The following lines are desirable for IPv6 capable hosts

::1 ip6-localhost ip6-loopback

### END INFO
nameserver 172.19.143.2

#search mail.banpro2.com.ve
#nameserver 200.35.65.3

# dig banpro2.com.ve any
; > DiG 9.4.2-P2.1 > banpro2.com.ve any

;; global options: printcmd

;; ->>HEADER > DiG 9.4.2-P2.1 > banpro2.com.ve mx

;; global options: printcmd

Problem instalation zimbra Failed to start slapd

Post by quanah » Thu Mar 18, 2010 12:05 pm

Problem instalation zimbra Failed to start slapd

Post by carias78 » Thu Mar 18, 2010 12:28 pm

Conexiones activas de Internet (solo servidores)

Protocolo Recv-Q Send-Q Dirección Local Dirección Externa Estado PID/Program name

tcp 0 0 *:ldap *:* ESCUCHAR 5016/slapd

tcp 0 0 mail.banpro2.com:domain *:* ESCUCHAR 4953/named

tcp 0 0 localhost.locald:domain *:* ESCUCHAR 4953/named

tcp 0 0 localhost.localdoma:ipp *:* ESCUCHAR 5058/cupsd

tcp 0 0 localhost.localdoma:953 *:* ESCUCHAR 4953/named

tcp6 0 0 [::]:ldap [::]:* ESCUCHAR 5016/slapd

tcp6 0 0 [::]:domain [::]:* ESCUCHAR 4953/named

tcp6 0 0 [::]:ssh [::]:* ESCUCHAR 4979/sshd

tcp6 0 0 ip6-localhost:953 [::]:* ESCUCHAR 4953/named

udp 0 0 *:domain *:* 4953/named

udp 0 0 mail.banpro2.com:domain *:* 4953/named

udp 0 0 localhost.locald:domain *:* 4953/named

udp 0 0 *:47711 *:* 5000/avahi-daemon:

udp 0 0 *:mdns *:* 5000/avahi-daemon:

udp6 0 0 [::]:34459 [::]:* 4953/named

udp6 0 0 [::]:domain [::]:* 4953/named

Problem instalation zimbra Failed to start slapd

Post by malayo » Sun Nov 25, 2012 12:40 am

Problem instalation zimbra Failed to start slapd

Post by msmollin » Mon Mar 16, 2015 11:41 am

Источник

Failed to start slapd attempting debug start to determine error

Post by victorqedu » Tue Mar 29, 2016 7:37 pm

I upgraded Zimbra to the latest version and LDAP is not starting.
It seems that zimbra tries to start ldap too many times.
I killed slapd before starting Zimbra but the eror is the same.

In zimbra.log there is this error:

Mar 29 22:27:49 caido zimbramon[13642]: 13642:info: Starting services initiated by zmcontrol
Mar 29 22:27:49 caido slapd[13696]: @(#) $OpenLDAP: slapd 2.4.39 (Dec 2 2014 21:28:07) $#012#011root@zre-ubuntu14-64:/home/build/p4/zimbra/JUDASPRIEST-860/ThirdParty/openldap/openldap-2.4.39.2z/servers/slapd
Mar 29 22:27:49 caido slapd[13698]: slapd starting
Mar 29 22:27:54 caido slapd[13705]: @(#) $OpenLDAP: slapd 2.4.39 (Dec 2 2014 21:28:07) $#012#011root@zre-ubuntu14-64:/home/build/p4/zimbra/JUDASPRIEST-860/ThirdParty/openldap/openldap-2.4.39.2z/servers/slapd
Mar 29 22:27:54 caido slapd[13705]: daemon: bind(7) failed errno=98 (Address already in use)
Mar 29 22:27:54 caido slapd[13705]: slapd stopped.
Mar 29 22:27:54 caido slapd[13705]: connections_destroy: nothing to destroy.
Mar 29 22:27:59 caido slapd[13712]: @(#) $OpenLDAP: slapd 2.4.39 (Dec 2 2014 21:28:07) $#012#011root@zre-ubuntu14-64:/home/build/p4/zimbra/JUDASPRIEST-860/ThirdParty/openldap/openldap-2.4.39.2z/servers/slapd
Mar 29 22:27:59 caido slapd[13712]: daemon: bind(7) failed errno=98 (Address already in use)
Mar 29 22:27:59 caido slapd[13712]: slapd stopped.

Источник

How to fix the error: Failed to start slapd TLS: error:0200100D:system library:fopen:Permission denied bss file.c

Contents

Purpose

Doing a zmcontrol restart or zmcontrol start you obtain the next error:

Resolution

This problem is related to the privileges, try to run the next command to fix the privileges: As root

Additional Content

  • A Community thread about the error, in this case the fix was manually changing the permissions of some files to zimbra:zimbra, but is much better use the zmfixperms tool.
KB 21957 Last updated on 2015-07-11 Last updated by Jorge de la Cruz
Verified Against: Zimbra Collaboration 8.6, 8.5, 8.0 Date Created: 05/12/2015
Article ID: https://wiki.zimbra.com/index.php?title=How_to_fix_the_error:_Failed_to_start_slapd_TLS:_error:0200100D:system_library:fopen:Permission_denied_bss_file.c Date Modified: 2015-07-11

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Other help Resources

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Источник

A week ago, I received a call from one of our clients to whom we provide system and networking support. They had called me to inform that their Zimbra server had stopped working after an unexpected power outage. So, I asked them to provide me a remote access to their server so that I could analyze the cause of the problem. It didn’t strike me as a big deal then because there had been lots of issues with this server previously and most of them were about spam filters, users’ accounts, or some services not working properly. After looking at the problem, I learned that it was due to the failed LDAP server whose database, according to Zimbra, had been corrupted. Well, it was something new. Then, as most of us do when facing problem, I googled the Zimbra’s error message and error code to find information on this issue.

Zimbra Logo

Zimbra Logo

The error message I got looked like this:

[zimbra@mail ~]$ ldap start
Failed to start slapd. Attempting debug start to determine error.
56d2e1e8 mdb_db_open: database "": mdb_dbi_open(/opt/zimbra/data/ldap/mdb/db/ad2i) failed: MDB_CORRUPTED: Located page was wrong type (-30796).
56d2e1e8 backend_startup_one (type=mdb, suffix=""): bi_db_open failed! (-30796)
Zimbra LDAP DB Recovery

The search results on this error message mostly provided two main recovery methods: first, to recover the corrupted database and second, to restore the previously backed up working database. So, I backed up my existing database and tried first method. As a matter of fact, Zimbra itself ships with a LDAP database recovery tool by default. I found numerous articles which taught database recovery for  earlier versions or Network edition of Zimbra and OpenLDAP only. However, I have Community Edition of Zimbra and its version is as follows:

[zimbra@mail ~]$ zmcontrol -v
Release 8.5.0_GA_3042.RHEL6_64_20140828192005 RHEL6_64 FOSS edition.

And the LDAP database can be recovered in this Zimbra version as follows:

[zimbra@mail ~]$ /opt/zimbra/bdb/bin/db_recover -v -h /opt/zimbra/data/ldap/mdb/db
BDB2526 Finding last valid log LSN: file: 1 offset 28

But unfortunately for me, this didn’t help. Instead of going through the recovery process, db_recover exited without making any changes to the database. Perhaps I messed up with my log file or accidentally deleted it before trying recovery. I can’t tell this for sure because I went through lots of articles about this issue and tried few of the suggestions. Later I learned from some OpenLDAP folks that deleting or modifying database log file is very bad and can make database recovery almost impossible. Or, there was another possibility that both my system and database assumed that their information was correct, but had noncomplying entries. According to some MDB or LDAP DB experts, sometimes while writing information into database and there is immediate power cut, the operating system or application assumes that the information has been successfully written into database, but the database doesn’t have any knowledge of it. This mismatch can lead to database corruption and can also create trouble in recovery.

 After failing to recover my corrupted database repeatedly, there was the second option to get my LDAP and Zimbra running i.e. restoring previously backed up database. But since I didn’t have any backup whatsoever of this server and my predecessors also didn’t take any backup, I skipped this option too. I guess you can imagine the pressure and stress one feels under such circumstance. So, I was left with no other choice than to setup a new Zimbra server to at least allow our clients to send and receive new mails.

Restoring Old Mails in New Server

Setting up a new Zimbra server wasn’t much of a big deal. I was able to install a fresh CentOS system and ZCS in a couple of hours. We had a list of mail users  and distribution lists from a year ago, using which I created users and distribution lists in my new server. Then, I asked my network team to change the NAT setting in the Gateway device from old server’s IP to new server’s IP address. After that, the new server was ready to send and receive mails on behalf of our clients. This reduced the stress level a little, but the challenge of restoring older mails and contacts was still there.

Once the new Zimbra server was up and running with basic configuration and tuning, I started looking into restoration of old mails and contacts from crashed server. For that purpose, I researched so extensively that I at least read a hundred articles and forum posts. I looked under every stone I could find and I even turned over some stones time and again to discover any clue for my goal. Even after failing multiple times at database recovery, I kept on trying to recover it because the more I researched about my problem, the more I realized that LDAP database is the key in Zimbra’s recovery or restoration or migration. Therefore, I needed a way to either recover my LDAP database or restore old mails and contacts from older server’s user accounts to new server.

While trying to restore mails from old server to new server, one helpful member from Zimbra community suggested me a way to do it. You can find my question in this link: http://community.zimbra.com/collaboration/f/1886/t/1141281 Following this suggestion, I created a new user account in new server and restored all the older mails to this account. Here’s how I did it:

[root@mail ~]$ screen -S Sajjan
[root@mail ~]$ mkdir /opt/zimbra/store/0/Recovered-mails
[root@mail ~]$ rsync -av root@192.168.2.1:/opt/zimbra/store /opt/zimbra/store/0/Recovered-mails

To elaborate my steps, I first created a screen session because I was working over SSH and I didn’t want the processes I created to die on my disconnection. After creating a session and starting my work inside it, I could easily close and resume my work later by connecting to my screen. Then, I created a folder called Recovered-mails inside store folder and copied the entire store folder from old server to new server using Rsync. Since I had more than 128 GB of mails and I was copying them over network, it was a good thing to run it inside screen. Now you see the benefit of Screen, right?

[root@mail ~]$ su zimbra
[zimbra@mail ~]$ zmprov ca recovery@sajjan.com.np <password> displayName "Recovery Account"
[zimbra@mail ~]$ zmmailbox -z -m recovery@sajjan.com.np cf /Old-Mails
[zimbra@mail ~]$ zmmailbox -z -m "recovery@sajjan.com.np" addMessage /Old-Mails /opt/zimbra/store/0/Recovered-mails/store/0/*/msg/*

Next, I logged into zimbra account to control mail server. First, I added a new user called recovery@sajjan.com.np with zmprov. Then, I created a folder Old-Mails in the mailbox of this user, where I would be restoring all the old mails into. At last, I restored all mails inside Recovered-mails directory into the Old-Mails folder of recovery@sajjan.com.np. I was planning to apply filters for getting mails of specific users and then redirecting the filtered mails to their respective user accounts. But this plan was going cost a lot of time and effort for me because I had about 180 user accounts and the volume of mails was also quite high. And as you may now guess, I wasn’t going down that road for the lazy type of person that I am. So, I started to search for better ways to accomplish this or to automate things. Until I had a better idea, I manually filtered the recovered mails and redirected/shared them to few users based on the criticality and urgency of their mails.

Finally I came to learn that Zimbra creates a directory for each user account inside the store/0 directory of zimbra’s home directory and names these user directories as the respective IDs of the users. For example, if a MySQL ID of a particular user is 10 and zimbra has been installed in /opt directory, then all mails belonging to that user are stored inside /opt/zimbra/store/0/10 directory. And this information is the key for the successful restoration and mapping of all user mails from one to another server. As simple as it sounds, everything I did next is primarily based on this small concept. And now, the fun part begins.

In order to map and restore mails of a user from old server to new server, I needed to know the ID of that user in the old server because that’s the value which was attached to the mail store. Thank goodness, I had MySQL server running in old server. As a matter of fact, Zimbra’s MySQL server isn’t dependent upon its LDAP server/database. MySQL server of old server wasn’t running by default, so I started it manually and ran a select query to fetch the list of user’s IDs and email addresses. Note this is in old server.

[zimbra@old-mail ~]$ mysql.server start
[zimbra@old-mail ~]$ mysql -e "SELECT id,comment FROM zimbra.mailbox;"
1    admin@sajjan.com.np
2    user1@sajjan.com.np
3    user2@sajjan.com.np
[zimbra@old-mail ~]$ mysql -e "SELECT id,comment FROM zimbra.mailbox;" &gt; /tmp/id-comment.list 

Doing this dumps the list of IDs and emails of all users in old server’s database into a file called id-comment.list in /tmp. That’s all I needed to do in my old server. Then, I went back to new server and copied the dump file.

[zimbra@mail ~]$ scp root@192.168.2.1:/tmp/id-comment.list /tmp

Then, I wanted to create a folder called Old-Mails in the mailbox of every user to store their past mails. I could’ve done it from the web panel by logging into every user’s account one-by-one and creating folder there or by entering a folder creation command for every user. But I had over 180 users, so I wasn’t going to do that. Therefore, I created a script to do that for me, which is mentioned below. When running this script, I didn’t use the id-comment.list file that I created earlier because the number of users in old server was greater than that in the new server and also that list contained ID values in it, which was unnecessary in this script. So, I generated a list of user accounts present in the new server and passed this new list to the script.

[zimbra@mail ~]$ mysql -e "SELECT comment FROM zimbra.mailbox;" > /tmp/accounts.list
[zimbra@mail ~]$ vi /tmp/create_folder.sh 
#!/bin/bash
#Author: Sajjan Bhattarai
#Date: March 3, 2016
#Description: This script takes a list of accounts in the new Zimbra server and create a folder named "Old-Mails" in the mailbox of each user, where all the mails from old mail server will be restored.

# Looping through users in the list
while IFS='' read -r user || [[ -n "$user" ]]; do
	echo "$user: Creating Old-Mails folder..."
	# Creating folder inside a user's mailbox
	output=$(zmmailbox -z -m "$user" cf /Old-Mails)
	# Handling error status of the above command
	if [ $? -eq 0 ]
	then
		echo "Success!"
	else
		echo "Failed!"
		echo "$user:" >> create_folder.log
		echo "$output" >> create_folder.log
	fi
done < "$1"
[zimbra@mail ~]$ chmod +x /tmp/create_folder.sh
[zimbra@mail ~]$ /tmp/create_folder.sh /tmp/accounts.list

Running script as above created Old-Mails folder inside mailbox of every user in the new server. If for any reason this folder isn’t created in any user’s account, this failed event will be logged with its error message in the create_folder.log. If you’re wondering why I created new folder to store old mails rather than simply restoring them into existing Inbox folder, I did it that way mainly for safety purpose and simplicity. There’s no any absolute reason for it. Once these folders were created, I wrote another script to restore old mails into the user accounts to which they belonged to. This script takes the id-comment.list file that I created earlier.

[zimbra@mail ~]$ vi /tmp/restore_mails.sh

#!/bin/bash
#Author: Sajjan Bhattarai
#Date: March 3, 2016
#Description: This script takes the list of zimbra accounts' ids and email addresses and inputs the mails associated with those users from old mail store to new Zimbra server's mailbox

#Splitting IDs and Email addresses in every line delimited by whitespace
while IFS='' read -r user || [[ -n "$user" ]]; do
	# Creating array containing ID and Email
	user_id=($user)
	echo "${user_id[0]} : ${user_id[1]}"
	# Restoring mails from user's mail directory to new mailbox inside folder named "Old-Mails
	zmmailbox -z -m "${user_id[1]}" addMessage /Old-Mails /opt/zimbra/store/0/Recovered-mails/store/0/"${user_id[0]}"/msg/*	
done < "$1"
[zimbra@mail ~]$ chmod +x /tmp/restore_mails.sh
[zimbra@mail ~]$ /tmp/restore_mails.sh /tmp/id-comment.list

Well, this is it. I successfully restored past mails of all users into their respective mailbox. But my work didn’t end there because I didn’t have as much user accounts in new server as in old server. That means, I was missing some users and along with that, mails associated with those users. To be exact, I lacked 40 user accounts and it wasn’t forgivable if I were to let it go.

Completing the Users’ List in New Server

To complete the users’ list, I first needed to identify the users missing in my new server. To do this, I once again utilized the previously used id-comments.list and accounts.list file. First, I needed to extract only user accounts from id-comments.list so that I could perform comparison between them and accounts in accounts.list to determine lacking accounts. For this purpose, I wrote another little script which created accounts.old.list containing email addresses only. Then, I compared the account lists from old and new servers and put the missing accounts in a new file accounts.missing.

[zimbra@mail ~]$ vi /tmp/extract_accounts.sh 

#!/bin/bash
#
while IFS='' read -r user || [[ -n "$user" ]]; do
  user_id=($user)
  echo "${user_id[1]}" >> /tmp/accounts.old.list
done < "$1" 
[zimbra@mail ~]$ chmod +x /tmp/extract_accounts.sh
[zimbra@mail ~]$ /tmp/extract_accounts.sh /tmp/id-comments.list
[zimbra@mail ~]$ comm -2 -3 < (sort /tmp/accounts.old.list) < (sort /tmp/accounts.list) > /tmp/accounts.missing

After I had a list of missing accounts, I passed this list to my another script which adds users into Zimbra server.

[zimbra@mail ~]$ vi /tmp/add_users.sh 
#!/bin/bash
# Author: Sajjan Bhattarai
# Date: March 5, 2016
# Description: This bash script takes the list of user accounts from old zimbra server as an argument and creates the corresponding email accounts in the new Zimbra server.

domain="sajjan.com.np"
default_password="sajjan@12345#"

# This script creates user accounts with default CoS, so user specific CoS hasn't been defined here. You may add CoS settings accordingly.

# Splitting email address into user and domain name
while IFS='@' read -a user || [[ -n "$user" ]]; do
	# Splitting user account into firstname and lastname
	IFS='.' read -a names <<< "$user"
	# Capitalizing first letter of names
	firstname="$(tr '[:lower:]' '[:upper:]' <<< ${names[0]:0:1})${names[0]:1}"
	lastname="$(tr '[:lower:]' '[:upper:]' <<< ${names[1]:0:1})${names[1]:1}"
	echo "Creating $user@$domain..."
	# Creating user account in Zimbra server
	#output=$(zmprov ca "$user"@"$domain" "$default_password" displayName "$firstname $lastname")
	# Checking the exit status of zmprov function
	if [ $? -eq 0 ]
	then
		echo "Success!"
		echo "$user@$domain" >> new_users.list
	else
		echo "Failed!"
		echo "$user@$domain:" >> generate_users.log
		echo "$output" >> generate_users.log
		echo "===================================================" >> generate_users.log
	fi
done < "$1"
[zimbra@mail ~]$ chmod +x /tmp/add_users.sh
[zimbra@mail ~]$ /tmp/add_users.sh /tmp/accounts.missing

On completion of this script, all missing accounts were successfully added into Zimbra. If for some reason an account wasn’t added, that failing account would be logged into /tmp/generate_users.log file along with the error message. I then created Old-Mails folder for these users as well.

[zimbra@mail ~]$ /tmp/create_folder.sh /tmp/accounts.missing

Then, to restore past mails of these newly added users, I had to know the user ID of each of these accounts in old server. I could’ve known ID of each user by making a query to MySQL server of old server and then used that ID to restore mails to that user’s mailbox as follows:

[zimbra@old-mail ~]$ mysql -e "SELECT id,comment from zimbra.mailbox WHERE comment LIKE 'missing-user@sajjan.com.np';"
168
[zimbra@mail ~]$ zmmailbox -z -m missing-user@sajjan.com.np addMessage /Old-Mails /opt/zimbra/store/0/Recovered-mails/store/0/168/msg/*

Or, I could’ve also opened up /tmp/id-comment.list file and searched for missing-user@sajjan.com.np to find its ID. Then, I could’ve used above zmmailbox command to restore mails. But I had to do it for 40 accounts, which would’ve taken quite a long time and effort. So, I created a script for it as well.

[zimbra@mail ~]$ vi /tmp/generate_remaining_id_comment_list.sh 

#!/bin/bash

# Author: Sajjan Bhattarai
# Date: March 6, 2016
# Description: This script takes the list of remaining zimbra accounts and fetches their respective IDs from the list containing both ID and Email address. After fetching the matching ID and Email, it stores them into remaining-id-comment.list file.

# Looping through each missing user account
while IFS='' read -r user || [[ -n "$user" ]]; do
  # Creating array containing ID and Email
  output=$(cat /tmp/id-comment.list | grep -w "$user")
  echo "$output" >> /tmp/remaining-id-comment.list
done < "$1" 
[zimbra@mail ~]$ chmod +x /tmp/generate_remaining_id_comment_list.sh
[zimbra@mail ~]$ /tmp/generate_remaining_id_comment_list.sh /tmp/accounts.missing

Lastly, I put this remaining-id-comment.list file into the restore_mails.sh script, which restored all the past mails of remaining users into their mailbox.

[zimbra@mail ~]$ /tmp/restore_mails.sh /tmp/remaining-id-comment.list

Finally, this is it. My Zimbra mail server has been fully restored. I never thought of it, but now I’m truly thankful toward the problem I faced. Because without it, I wouldn’t have gone any deeper into Zimbra and wouldn’t have stepped any further from my comfort zone. Yes, it nearly brought me down, but I raised myself and solved it. Moral of the story: Don’t stop when you’re tired and cannot find a way to solve a problem, rather stop when you’ve fully solved it. Thank you for reading!

Понравилась статья? Поделить с друзьями:
  • Failed to start playback netsdk returns error
  • Failed to start openbsd secure shell server как исправить
  • Failed to start nginx high performance web server как исправить
  • Failed to start lenovo driver error code 2148204812
  • Failed to start ista please make sure your ista configuration is valid как исправить