vmware_zimbra_logo

# hostname arthar.arthar.com

# vi  /etc/hosts
192.168.31.100    arthar.arthar.com   arthar

1a

# vi /etc/selinux/config
SELINUX=disabled

# yum install  -y  nc  sysstat

1b

# wget http://files2.zimbra.com/downloads/8.0.2_GA/zcs-8.0.2_GA_5569.RHEL6_64.20121210115059.tgz
# tar zxvf zcs-8.0.2_GA_5569.RHEL6_64.20121210115059.tgz
# cd zcs-8.0.2_GA_5569.RHEL6_64.20121210115059

#./install.sh    –platform-override

Do you agree with the terms of the software license agreement?[N]     y                # Yes
Do you agree with the terms of the software license agreement? [N]    y               # Yes

Install zimbra-ldap [Y]         # Enter
Install zimbra-logger [Y]     # Enter
Install zimbra-mta [Y]          # Enter
Install zimbra-snmp [Y]      # Enter
Install zimbra-store [Y]       # Enter
Install zimbra-apache [Y]   # Enter
Install zimbra-spell [Y]       # Enter
Install zimbra-memcached [N]  # Enter
Install zimbra-proxy [N]     # Enter

The system will be modified. Continue? [N]  y         # Yes

2
Address unconfigured (**) items (? – help)    3        # select “3”

3

Select, or ‘r’ for previous menu [r]      4          # select “4” and set admin password

Password for admin@arthar.com (min 6 characters): [xFuoltBR]   “your adminpassword”             # input password

5

Select, or ‘r’ for previous menu [r]      r               # back
*** CONFIGURATION COMPLETE – press ‘a’ to apply
Select from menu, or press ‘a’ to apply config (? – help)          a           # apply

6

Save configuration data to a file? [Yes]                 # Enter
Save config in file: [/opt/zimbra/config.7621]  # Enter
Saving config in /opt/zimbra/config.7621…done.
The system will be modified – continue? [No]      y        # Yes

ZCS ships a default zimbra user with a disabled password. ZCS requires access to this account via ssh public key authentication. On most operating systems this combination is okay, but if you have modified pam rules to disallow any ssh access to disabled accounts then you must define a password for the zimbra UNIX account. This will allow ssh key authentication for checking remote queues
Set up the ssh keys. and populate the ssh keys, as Zimbra user

# su zimbra
# zmsshkeygen

8

To update the key
# zmupdateauthkeys

9

Verifying sshd configuration:

The authentication method assumes that sshd on the mta is running on port 22, and that RSA Authentication is enabled. test the ssh command with:

# su zimbra

# cd /opt/zimbra

# ssh -i .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@ARTHAR.ARTHAR.COM
(Swap ARTHAR.ARTHAR.COM for your hostname, as it appears in the error).

You should NOT be prompted for a password; if you are, recreate the ssh keys and retry the test.

Verify in /etc/ssh/sshd_config that the zimbra user is an allow user

# vi /etc/ssh/sshd_config
AllowUsers   admin     zimbra
The Zimbra hostname may be different than the system. Add the Zimbra hostname to /etc/hosts.allow.
# vi /etc/hosts.allow
ALL: arthar.arthar.com

Zimbra account has been disabled

If the above steps do not work then enable verbose output for ssh with:

# ssh -vi .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@ARTHAR.ARTHAR.COM

If the output from ssh indicates that Next authentication method: password as below, then the Zimbra account may be locked.

debug1: Next authentication method: publickey
debug1: Offering public key: /opt/zimbra/.ssh/zimbra_identity
debug1: Authentications that can continue: publickey,gssapi-with-mic,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,gssapi-with-mic,password,keyboard-interactive
debug1: Next authentication method: password
zimbra@ARTHAR.ARTHAR.COM’s password:
To verify this, as root check /etc/shadow. Locate the zimbra account. If the account has one or more ! in the line then the account is locked. zimbra:!!:13634:0:99999:7:::

Use this command to unlock the zimbra account (or you can edit the shadow file directly and remove them).

# usermod -U zimbra
Then check /etc/shadow again, there should be no ! for the zimbra account. You may need to do this multiple times to remove the ! and unlock the account.

# ssh -i .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@ARTHAR.ARTHAR.COM
SSH doesn’t allow Public Key Authentication
Edit the /etc/ssh/sshd_config

# vi /etc/ssh/sshd_config
PubkeyAuthentication yes

Restart the SSH daemon and try again
# service sshd restart

Enabling Server Statistics Display.

In order for the server statistics to display on the administration console, the syslog configuration files must be modified.

As root, type /opt/zimbra/libexec/zmsyslogsetup. This enables the server to display statistics.

For enable syslog to log statistics from remote machines.
# vi /etc/sysconfig.syslog

SYSLOGD_options=”-r -m 0”

# /etc/init.d/syslog restart

[1] Access to ‘https://(hostname or IP address):7071/’, then following screen is shown. then, login with amin user and password which is set during installation.

11

[2] Click “Start” – “install certificates”.

12

[3] Select target server and go next.

13

[4] Select one and go next. This example proceed with self signed certificates.

14

[5] Change fields if you need and go next.

15

[6] Input effective days of certificates and click “install” button.

16

[7] Certificates just installed.

17

[8] Back to the first screen and click “manage” – “account” on the left menu.and click the icon which is on the right of “Help” and then select “new” on the menu.

18

[9] Input account name and so on.

19

[10] Scroll down and input password and time zone and click “finish” button.

20

[11] New account is just added.

21

[12] Logout the admin console and move to user console. Access to “https://(hostname or IP address)/” and login with a user and password you added.

22

[13] Just logined.

23

[14] Try to send an email.

24