TurnKey Linux Virtual Appliance Library

How to access Zimbra Admin from web

 Hi,

      I have downloaded and installed Turnkey Zimbra .ISO image and also installed it on the PC now i am trying to access zimbra PC from the other PC connected to the same network,

as zimbra shows it's ip address i.e. 192.168.0.1 & port no. i.e. 7071 to access Zimbra admin from the other PC through web brower, still i am not able to access the PC while i am able to access Webmin & Webshell also able to login successfully, but only i am not able to access Zimbra, do i have to execute any command to access Zimbra Admin & it's Web ?

 

Thanks in advance

Yogesh

Did you see the bugfix thread about configuring Zimbra?

Did you see the bugfix thread about configuring Zimbra referenced from the appliance page?

http://UnmeteredVPS.net/tkl
Try our TurnKey Linux appliance hosting FREE!

Re: How to access Zimbra Admin from web + more

(ps. sorry if a bit off topic, but I hate registering, so I thought I'd see if it is possible to post a comment here without registering :) )

Hi Neil,

Is it actually necesarry to do zimbra-conf before using the Zimbra image?

I am trying to use the VMware image, and this is my experience so far:

So I could log in to the admin part, add a newuser@example.com - my only problem is that I cannot get the newuser to send an email to itself though the Zimbra web interface! And unfortunately, there are no visible errors in /opt/zimbra/log/mailbox.log

So do I have to do something in addition to the above steps (like possibly running zimbra-conf) so that the mail can start working - at least for users mailing themselves? (I just want to do some tests on a local network, I don't care if the domain is example.com or an 192.168.*.* IP address) ...

I'd say, the webpage is not quite clear on it:
"Includes custom zimbra-conf script to change domain, admin passwords and regenerate Zimbra related secrets." (http://www.turnkeylinux.org/zimbra) - this doesn't quite tell me if I *must* run zimbra-conf in order to get things working, or if it is optional?

I tried to add:

root@zimbra:~# sudo nano /etc/hosts
192.168.1.223   example.com
but it didn't really help - still newuser@example.com cannot send an email to itself from the Zimbra web interface..

Any help would be greatly appreciated!

Thanks, Cheers!
Alon Swartz's picture

Zimbra is picky when it comes to DNS resolution

@sdaau - If you create an account you will get email notification when someone answers your question (you can also login with openid if you want).

Anyway, to answer your questions:

It takes a while for all the zimbra services to start, thats why you noticed the lag (we should consider making a note about that on the appliance page).

You can't really send email to user@example.com, as zimbra is really picky when it comes to DNS resolution, and example.com is a reserved domain (see RFC 2606, section 3)

So, you should be using zimbra-conf to change the domain name, unless you just want to test zimbra without actually sending/receiving email.

I hope the above helps.

Re: Zimbra Admin + more DNS

Hi Alon,

Thanks a lot for the very prompt answer! It did indeed help for getting a solution. Sorry for the longish response here, but I think it could be useful...

> You can't really send email to user@example.com, as zimbra is really picky 
> when it comes to DNS resolution, and example.com is a reserved domain (see 
> RFC 2606, section 3)

Thanks for that - in fact, I was quite surprised to see a message like "You have reached this web page by typing "example.com", "example.net", or "example.org" into your web browser. These domain names are reserved for use in documentation and are not available for registration. See RFC 2606, Section 3." when I entered example.com in the browser, instead of the the expected parked domain generic page :)

> It takes a while for all the zimbra services to start, thats why you 
> noticed the lag (we should consider making a note about that on the 
> appliance page).

Indeed - you should consider making a note not only about that, but also about this example.com RFC thing (considering noobs like me will try to use the appliance anyway, in a context similar to mine - expecting, like I did, that work regarding DNS and such would be already taken care of).

> So, you should be using zimbra-conf to change the domain name, unless 
> you just want to test zimbra without actually sending/receiving email.

Thanks for this pointer - and indeed, I do need to use zimbra-conf to change the domain name, but that is only a part of the story in order to get email to run locally. As far as I understood, Zimbra is made in that manner, that it must ask a Domain Name Server, for the actual name of the email server. And if you intend to use the image locally, most likely you don't have such a server installed anywhere - and it is definitely not on the virtual image by default.

So, in brief, what needs to be done (in addition to zimbra-conf) is to install a DNS server (known as BIND) on the Zimbra VM Image - which will simply point to itself as the email server responsible for the domain set by zimbra-conf. Should a noob try to do this manually, there is quite a possibility for an error in the settings; luckily, the Turnkey image comes with Webmin, which makes the installation of a BIND nameserver a bit easier.

So, eventually, what I did is the following:

  1. Ran the zimbra-conf script to change the domain to myzimbra.local
  2. Tried to test with sending emails: both from the Zimbra web interface, and directly by logging via Telnet; didn't work
  3. Installed BIND server, and set it up, through the Webmin interface on the VM image
  4. Test again with sending emails: both from the Zimbra web interface, and directly by logging via Telnet; this time it did work

I have included some of the steps I took in each of these phases, along with the BIND setup, below. Note that even after all this (and after email starts working), some addresses internally (I guess those for spam/ham training) still refer to example.com, but that should not harm basic email operation.

Hope this helps,
Cheers!

Running the zimbra-conf script, to change the domain to myzimbra.local
  • Power off Zimbra Virtual Machine, restart it again
  • Wait for about 5 min, until the intense hard disk/network activity of the VM settles down (this is probably all the services starting)
  • Login via ssh to Zimbra VM server ssh root@192.168.1.223
  • Apply patch in zimbra-conf fails with ERROR: account.AUTH_FAILED (Solved)
  • Check if patch applied root@zimbra:~# nano /usr/local/bin/zimbra-conf
  • Run the script: root@zimbra:~# /usr/local/bin/zimbra-conf myzimbra.local xxxxzzzz
  • Got an error at this point:
    [] WARN: flushDomainCacheOnAllServers: domain cache not flushed on server mail.myzimbra.local
    com.zimbra.cs.zclient.ZClientException: invoke Connection refused, server: mail.myzimbra.local
    ExceptionId:main:1263829271159:1c250433e45a2444
    Code:zclient.IO_ERROR
    	at com.zimbra.cs.zclient.ZClientException.IO_ERROR(ZClientException.java:47)
    ...
    	at com.zimbra.cs.account.soap.SoapProvisioning.invoke(SoapProvisioning.java:192)
    	... 9 more
    domain example.com renamed to myzimbra.local
  • Try it:
    root@zimbra:~# ping myzimbra.local
    ping: unknown host myzimbra.local 
    root@zimbra:~# ping example.com
    PING example.com (192.168.1.223) <-- still old address
  • Power off (shutdown appliance from menu), reboot VM again, wait, login via ssh
  • Test once:
    root@zimbra:~# ping myzimbra.local
    ping: unknown host myzimbra.local
    root@zimbra:~# ping mail.myzimbra.local
    PING localhost (127.0.0.1) 56(84) bytes of data.
    64 bytes from localhost (127.0.0.1):
  • Edit on VM image:
    root@zimbra:~# nano /etc/hosts 
    192.168.1.223   myzimbra.local 
  • To allow access from Firefox via http://myzimbra.local/, edit /etc/hosts on the local machine (where browser is used), and again add "192.168.1.223 myzimbra.local"
  • Trying to log in to web interface with just "newuser" (previously created) will fail with An invalid request was made. - however, logging in with "newuser@myzimbra.local" will work fine :)
  • Try send mail to newuser@myzimbra.local - notice that the suggestion still refers to newuser@example.com - gets sent, but not received..
  • Logoff the "newuser" and login to the admin console https://192.168.1.223:7071 as "admin@myzimbra.local", and don't forget the new password instead of 'turnkey'
  • Check Tools / Mail Queues, notice there are "Deferred" mails, example.com being still mentioned - select them in the Messages window below, right-click, Delete
  • Click Adresses/Accounts, check if admin@myzimbra.local and newuser@myzimbra.local have correct adresses (with myzimbra.local) ; try Reindex Mailbox for both too
  • Go back to normal Zimbra interface, login as either "admin" or "newuser", try to send each other mails.
  • Check back in the admin console, and notice that there is nothing new under Tools / Mail Queues
  • Check DNS entries via ssh using dig, nslookup, host:
    root@zimbra:~# dig mail.myzimbra.local
    
    ; [[]] DiG 9.4.2-P2 [[]] mail.myzimbra.local
    ;; global options:  printcmd
    ;; Got answer:
    ;; -]]HEADER[[- opcode: QUERY, status: NXDOMAIN, id: 15868
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;mail.myzimbra.local.		IN	A
    
    ;; AUTHORITY SECTION:
    .			4276	IN	SOA	A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2010011800 1800 900 604800 86400
    
    ;; Query time: 26 msec
    ;; SERVER: 192.168.1.1#53(192.168.1.1)
    ;; WHEN: Mon Jan 18 17:48:18 2010
    ;; MSG SIZE  rcvd: 112
    
    root@zimbra:~# nslookup mail.myzimbra.local
    Server:		192.168.1.1
    Address:	192.168.1.1#53
    
    ** server can't find mail.myzimbra.local: NXDOMAIN
    
    root@zimbra:~# host myzimbra.local
    myzimbra.local does not exist, try again
    
    root@zimbra:~# host 127.0.0.1
    Name: localhost
    Address: 127.0.0.1
    Aliases: mail.myzimbra.local
    
    root@zimbra:~# host 192.168.1.223
    Name: myzimbra.local
    Address: 192.168.1.223
    
Testing email directly via Telnet
  • Try How to Send Email Using Telnet: 12 steps - wikiHow using "telnet 192.168.1.223 25" - Finally deffered shows under Tools / Mail Queues, but only if having, say "MAIL FROM:me@server.com" interpreted as recipient me@server.com
  • Try a local SMTP send via telnet:
    $ telnet 192.168.1.223 25
    Trying 192.168.1.223...
    Connected to 192.168.1.223.
    Escape character is '^]'.
    220 mail.myzimbra.local ESMTP Postfix
    EHLO myzimbra.local
    250-mail.myzimbra.local
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-ENHANCEDSTATUSCODES
    250-8BITMIME
    250 DSN
    MAIL FROM:newuser@myzimbra.local
    250 2.1.0 Ok
    RCPT TO:admin@myzimbra.local
    250 2.1.5 Ok
    DATA
    354 End data with .
    SUBJECT:mysif
    test
    test
    .
    250 2.0.0 Ok: queued as 89B1CE1270
    ^]
    
    telnet> q
    Connection closed.
    
  • zimbra enable clear text login, and then check via telnet / POP if there is mail..
    $ telnet 192.168.1.223 110
    Trying 192.168.1.223...
    Connected to 192.168.1.223.
    Escape character is '^]'.
    +OK mail.myzimbra.local Zimbra POP3 server ready
    USER newuser@myzimbra.local
    +OK hello newuser@myzimbra.local, please enter your password
    PASS passxxxx
    +OK server ready
    list
    +OK 0 messages
    .
    quit
    +OK mail.myzimbra.local closing connection
    Connection closed by foreign host.
    
  • Check SMTP log - Zimbra - Forums: /var/log/zimbra.log and look for "Name service error":
    Jan 18 17:38:03 zimbra amavis[5967]: (05967-02) Passed SPAMMY, LOCAL [192.168.1.
    190] [192.168.1.190]  -> , Message-ID: 
    <20100118173735.07DE7E12DB@mail.myzimbra.local>, mail_id: kcVX2CHTzVvg, Hits: 7.437, size: 374, queued_as: 0145AE12DD, 5650 ms
    Jan 18 17:38:03 zimbra postfix/smtp[20019]: 07DE7E12DB: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=66, delays=60/0.04/2.2/4.3, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 0145AE12DD)
    Jan 18 17:38:03 zimbra postfix/qmgr[7046]: 07DE7E12DB: removed
    Jan 18 17:38:03 zimbra postfix/lmtp[20069]: 0145AE12DD: to=, relay=none, delay=0.1, delays=0.05/0.03/0.02/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=mail.myzimbra.local type=A: Host not found)
    Jan 18 17:38:03 zimbra postfix/cleanup[19809]: 481B8E12DC: message-id=<20100118173803.481B8E12DC@mail.myzimbra.local>
    Jan 18 17:38:03 zimbra postfix/qmgr[7046]: 481B8E12DC: from=<>, size=3046, nrcpt=1 (queue active)
    Jan 18 17:38:03 zimbra postfix/bounce[20073]: 0145AE12DD: sender non-delivery notification: 481B8E12DC
    Jan 18 17:38:03 zimbra postfix/qmgr[7046]: 0145AE12DD: removed
    Jan 18 17:38:03 zimbra postfix/lmtp[20069]: 481B8E12DC: to=, 
    relay=none, delay=0.06, delays=0.03/0.01/0.02/0, dsn=5.4.4, status=bounced (Host
     or domain name not found. Name service error for name=mail.myzimbra.local type=
    A: Host not found)
    Jan 18 17:38:03 zimbra postfix/qmgr[7046]: 481B8E12DC: removed
    Jan 18 17:38:06 zimbra zmmailboxdmgr[20175]: status requested
    Jan 18 17:38:06 zimbra zmmailboxdmgr[20175]: status OK
    
Setup a BIND Dns server using Webmin (see also Howto: Setup a DNS server with bind - Ubuntu Forums)
  • To install bind via Webmin, must upgrade webmin to 1.5 first (which can be done through Webmin interface)...
  • Use the top menu in Webmin: "Un-used modules" to install BIND server - Webmin installs bind9.. And after install, in top menu getting entry "Servers" / "BIND DNS Server"..
  • Using instructions in Configuring BIND with Webmin - RimuHosting to configure BIND
    Edit Zone Parameters
    
    A 'zone' is basically a domain name (yourdomain.com).  Domain names like www.yourdomain.com and mysql.yourdomain.com are in the 'yourdomain.com' zone.
    
    To start your DNS setup, create a new Master Zone.
    
    Domain name is your zone.  e.g. "yourdomain.com".  "Master Server" is the DNS server 'in charge' of DNS for the zone.  Other DNS servers are 'slave' servers and will generally sync themselves up with the master server.  Typically, you'd enter "ns1.yourdomain.com" for the "Master Server".   Enter an email address.  Perhaps set the "Default Time to Live" to a lower value. 
  • Configure BIND - Create Master Zone
    "Create master zone"
    Zone type 	 Forward (Names to Addresses)
    Domain name / Network  myzimbra.local
    Records file 	 Automatic
    Master server 	zimbra (default) Add NS record for master server? (check)
    Email address 	root@myzimbra.local
    Use zone template? No (default)
    Add reverses for template addresses? 	 Yes (default)
    
  • Click Check Records in Webmin - no errors.. Now should be getting "myzimbra.local" type links in Zimbra web interface.
  • Configuring BIND with Webmin - RimuHosting - 'A' Address Records
    'A' Address Records
    
    Create an 'A' record (this sets the IP address for a domain).  E.g. Enter a 'Name' of "yourdomain.com." (include the trailing period, without the quotes).  Set your IP Address.
    
  • Configure BIND - Create an 'A' record
    That should be the "Address (0)".. link...
    Name myzimbra.local.
    Address 192.168.1.223
    Update reverse? 	 Yes (and replace existing)
    click Create 
  • Configuring BIND with Webmin - RimuHosting - 'MX' Mail Server Records
    'MX' Mail Server Records
    
    First, create a mail.yourdomain.com 'A' Address.  Then create a Mail Server ('MX') record.  Use a "Name" of "yourdomain.com.".  Set the 'Mail Server' field to mail.yourdomain.com.  Set a priority.  1 will do.  If you have multiple mail servers, the mail server lowest priority that is available is used). 
  • Configure BIND - Create 'A' entry and 'MX' Mail Server Record
    Do first new A entry of mail.myzimbra.local. same IP adress, 
    and then Click Mail ...  and add MX record.. 
  • Now did stop BIND / Start BIND from Webmin..
  • Check DNS using dig, nslookup, host
    root@zimbra:~# dig myzimbra.local
    
    ; [[]] DiG 9.4.2-P2.1 [[]] myzimbra.local
    ;; global options:  printcmd
    ;; Got answer:
    ;; -]]HEADER[[- opcode: QUERY, status: NOERROR, id: 6500
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;myzimbra.local.			IN	A
    
    ;; ANSWER SECTION:
    myzimbra.local.		38400	IN	A	192.168.1.223
    
    ;; AUTHORITY SECTION:
    myzimbra.local.		38400	IN	NS	zimbra.
    
    ;; Query time: 1 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Jan 18 19:38:06 2010
    ;; MSG SIZE  rcvd: 68
    
    root@zimbra:~# nslookup myzimbra.local
    Server:		127.0.0.1
    Address:	127.0.0.1#53
    
    Name:	myzimbra.local
    Address: 192.168.1.223
    
    root@zimbra:~# host myzimbra.local
    myzimbra.local      	A	192.168.1.223
    
    root@zimbra:~# ping myzimbra.local
    PING myzimbra.local (192.168.1.223)
    root@zimbra:~# ping mail.myzimbra.local
    PING localhost (127.0.0.1)
    
  • Test mail via telnet - the log says that now mails get removed, but without errors as before.. That is because those emails would be moved in Junk folder.
  • After removal of mails from Junk folder, there is now some mail from ham.grc appearing under Deffered in Tools/Mail Queue.. again referring to example.com?!
  • Try reply from admin to newuser from web interfacte - seems to work fine, mail ends up in inbox of newuser - and funnily it does not appear in Tools / Mail Queue??
Liraz Siri's picture

Wow, this is very helpful and in-depth

This has to be one of the most detailed comment posts I've come across yet. It's a shame you didn't register for a user account because I'm itching to give you a Karma boost for this. Many thanks!

The same problem

Hello, i have the same problem, and i do not sucessful have to work zimbra web page...

Some ideas???

Thanks in advanced

zimbra domain problem

I have problem I install zimbar and configure it and everything goes will but I have configure two domains on it (example.com) and (example2.com) from the admin web, but how can I let the customer

Create account in domains with different web admin without any admin for each domain enter to the

Other domains (each admin must have its access to his domain to create and but polices to his domain)

 

Thanks..

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)