NAT firewall
Alex Moen
alexm at ndtel.com
Mon Mar 25 14:58:44 CET 2013
On 03/25/2013 08:42 AM, Alex Moen wrote:
> Hi all,
>
> Newb trying to set up Kolab for the first time, to possibly replace a
> Mirapoint installation...
>
> I have searched through the docs and the list for the answer to this
> question, but it is possible that I missed it. If it is in the docs, I
> would accept an "RTFM" with a link to the proper section. :)
>
> So, I have a brand-new Kolab install on a freshly built Centos 6.4 VM in
> our datacenter blade server. This VM has a private address of
> 10.255.255.26, behind a Cisco firewall performing a one-to-one NAT
> translationto a public address. I have an entry inthe /etc/hosts file of
> "10.255.255.26 kolab kolab.ndtc.tv". Currently, the DNS is set to
> resolve to the external address. I have the Cisco configured to allow
> *all* traffic from our corporate office to this vm.
>
> The problem starts when I tryto use the webadmin utility. I enter the
> "CN=Directory Manager" username and the password that I entered during
> installation. There's a long pause, and then the web page shows
> "Internal system error". The /var/log/kolab-webadmin/errors file shows
> a "PHP Error: Login failed. Unable to connect to
> tcp://66.163.129.247:80. Error: Connection timed out (POST)" message.
> It's obvious that I need to inform the Kolab install about it's position
> in the grand scheme of our network, but as I said, I can'tfind the docs
> to show how to do that.
>
> SELINUX and the ipchains firewall are both disabled.
>
> One thing that I do notice that has confused me a bit: the
> /etc/kolab/kolab.conf file has not been overwritten. It contains all of
> the default information, and has not been updated using the changes in
> the /root/mykolab.conf file. This seems a bit confusing, asthe docs
> state that the /etc/kolab/kolab.conf file will be rewritten by
> thesetup-ds-admin.pl process invoked by the installation.
>
> I did *not* run the installation using the --fqdn option originally.
> That may have been my mistake. However, in trying to rerun the
> installation with the --fqdn option, the installation bombs with the
> following:
>
> Setup is now going to set up the 389 Directory Server. This may take a
> little
> while (during which period there is no output and no progress indication).
>
> Shutting down dirsrv:
> kolab... [ OK ]
> Starting dirsrv:
> kolab... [ OK ]
> Traceback (most recent call last):
> File "/usr/sbin/setup-kolab", line 42, in <module>
> setup.run()
> File "/usr/lib/python2.6/site-packages/pykolab/setup/__init__.py",
> line 43, in run
> components.execute('_'.join(to_execute))
> File "/usr/lib/python2.6/site-packages/pykolab/setup/components.py",
> line 170, in execute
> execute(component)
> File "/usr/lib/python2.6/site-packages/pykolab/setup/components.py",
> line 202, in execute
> components[component_name]['function'](conf.cli_args, kw)
> File "/usr/lib/python2.6/site-packages/pykolab/setup/setup_ldap.py",
> line 405, in execute
> auth._auth.ldap.add_s(dn, ldif)
> File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
> 195, in add_s
> return self.result(msgid,all=1,timeout=self.timeout)
> File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
> 458, in result
> resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
> File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
> 462, in result2
> resp_type, resp_data, resp_msgid, resp_ctrls =
> self.result3(msgid,all,timeout)
> File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
> 469, in result3
> resp_ctrl_classes=resp_ctrl_classes
> File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
> 476, in result4
> ldap_result =
> self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
> File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
> 99, in _ldap_call
> result = func(*args,**kwargs)
> ldap.ALREADY_EXISTS: {'desc': 'Already exists'}
>
> TIA for any insights!
>
> Alex
>
> _______________________________________________
> Kolab-users mailing list
> Kolab-users at kolab.org
> https://www.intevation.de/mailman/listinfo/kolab-users
>
Forgot a couple of things:
I ran the troubleshooting steps in Chapter 5.1.1 of the installation
guide with the following results:
# sestatus
SELinux status: disabled
# su -s /bin/bash - apache -c '/usr/lib64/mozldap/ldapsearch --help
>/dev/null 2>&1; echo $?'
89
# mysql -u root -p kolab -e 'SHOW TABLES;'
Enter password:
+-----------------+
| Tables_in_kolab |
+-----------------+
| group_types |
| options |
| resource_types |
| role_types |
| user_types |
+-----------------+
This all looks right to me...
Again, TIA
Alex
More information about the users
mailing list