Saturday, October 13, 2018

Redirect http connection to https for zimbra 8.8.9

Run this command as zimbra:

zmprov ms webmail.myserver.yourdomain.com zimbraReverseProxyMailMode redirect

Substitute the hostname with yours.

That's all there is to it.

Have fun.


Tuesday, October 9, 2018

How to install oci8 instant client for Ubuntu Linux


  • First prerequirements are a working apache2 and php7.2 (Ubunti 18.04) environment.
  • Download the basic (like instantclient-basic-linux.x64-12.2.0.1.0.zip) and the sdk (instantclient-sdk-linux.x64-12.2.0.1.0.zip) package from the Oracle Website http://www.oracle.com/technetwork/database/database-technologies/instant-client/downloads/index.html
  • Upload both files to your webserver, you can use WinSCP (windows) or rsync/scp (linux) for it
  • Unzip both files on server, in my case, you will get a new folder named "instantclient_12_2"
  • Create destination folder : mkdir /opt/oracle
  • Move and rename the instantclient folder: mv instantclient_12_2 /opt/oracle/instantclient
  • Change rights on folder: chown -R root:www-data /opt/oracle 
  • Check if you have the required packages for installing OCI8: apt install php7.2-dev php-pear build-essential libaio1 
  • Create necessary soft links: ln -s /opt/oracle/instantclient/libclntsh.so.12.1 /opt/oracle/instantclient/libclntsh.so; ln -s /opt/oracle/instantclient/libocci.so.12.1 /opt/oracle/instantclient/libocci.so
  • Add instant client to ld config files : echo /opt/oracle/instantclient > /etc/ld.so.conf.d/oracle-instantclient.conf
  • Update Dynamic Linker Run-Time Bindings : ldconfig
  • Now install OCI8 by pecl: pecl install oci8 
  • The OCI8 installation is asking you for the right folder: instantclient,/opt/oracle/instantclient
  • Add oci lib to the cli php config (console php): echo "extension = oci8.so" >>/etc/php/7.2/cli/php.ini
  • Add oci lib to the apache php config: echo "extension = oci8.so" >> /etc/php/7.2/apache2/php.ini
  • Set environment variables for the cli version (you will need to reboot the server after): echo "LD_LIBRARY_PATH=\"/opt/oracle/instantclient\"" >> /etc/environment echo "ORACLE_HOME=\"/opt/oracle/instantclient\"" >> /etc/environment
  • Set environement variables for the apache version: echo "export LD_LIBRARY_PATH=\"/opt/oracle/instantclient\"" >> /etc/apache2/envvars; echo "export ORACLE_HOME=\"/opt/oracle/instantclient\"" >> /etc/apache2/envvars 
  • Restart Apache: service apache2 restart or systemctl restart apache2 
  • You're done, now you can test your connection to the Oracle database

Update: If you're using Ubuntu 22.04 LTS with php 8.1, then then pecl install oci8-3.2.1

Thursday, October 4, 2018

Enabling java plugin in Chromium on Linux

Hi there,

In certain situations you may need to use java plugin in chromium to access certain functions in a website such as server's console accessed via IPMI page.

On Linux ( I use Ubuntu 18.04), install icedtea-plugin package:

sudo apt install icedtea-plugin

To enable chromium to run java, make a symbolic link of icedtea plugin to plugin directory of chromium:

sudo ln -s /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/IcedTeaPlugin.so /usr/lib/chromium-browser/plugins/

Have fun!

Saturday, September 8, 2018

Zimbra migration

1. Introduction

Zimbra project doesn’t have a cross migration or proper account transfer documentation. All they tell is to do copy the folder /opt/zimbra to your new servers. But if any of those files infected with a rootkit or other malicious scripts , then your new server also will be compromised. So never sync or copy the entire directory of your zimbra installation. Zimbra also tell you to upgrade your production server to the latest version before migration. But improper upgrade may result in entire data lose. With this procedure you can do:
  • Migrate zimbra from one Operating System To another.
  • Migrate zimbra account between any hardware and Operating systems configurations.
  • No interruption on production server like software upgrade or service disable.
  • Migrate zimbra from old version to a new version server
  • Zimbra cross migrations without copying entire directories.

2. Requirement

You need an old server with zmibra account and a new fresh server with the Os you wish. Dont’ create or make any custom configuration or setting in you new server. Please make sure to set your new servers hostname same as the old one.
  • Old server
    • Need ssh root login
    • Need zimbra admin logins
    • Enough HDD space to store backups
  • New server
    • Must be installed with latest stable zimbra
    • Need ssh root logins
    • Need zimbra admin logins
    • Enough HDD space to store backups

3. Presetup

You need to setup an ssh key from the new server’s root account to the old server’s root account.
Reduce the TTL of MX records of your domain to 500 seconds . So that you can easily switch the domain’s IP after migration. Please remember to schedule the migration task on non peek hours.
Create a directory in both new and old server into which we store all required files and data for doing the migration
[root@zimbra ~]# mkdir /backups/zmigrate
[root@zimbra ~]# chown zimbra.zimbra /backups/zmigrate
[root@zimbra ~]# su - zimbra
All operation in your Zimbra server must be performed as Zimbra user itself, otherwise you will get permission and ownership issues in your zimbra server

4. Backup all data from Old server

We are going to copy all data from old server without interrupting the services.

4.1 Find all domains

You need to find all the domains from your old server. We will store the domain list in a file called domains.txt. You need to back all the domains list as follows,
zimbra@zimbra:~$ cd /backups/zmigrate
zimbra@zimbra:/backups/zmigrate$ zmprov gad > domains.txt
zimbra@zimbra:/backups/zmigrate$ cat domains.txt
fun.com
myserver.com
justfortest.com
checkit.com
dieanotherday.com
gnutest.com
foo.com
zimbra.foo.com
zimbra@zimbra:/backups/zmigrate$
Now remove all domains and subdomains related with the main hostname of your server foo.com , from this list (domains.txt) because it was already created in your new server. So there is no need to create a new domain with the same name.

4.2 Find all admin accounts

Most of these servers will have only one admin. But some servers have multiple admins. So it will be good to find all admin accounts. We will store the admins list in admins.txt
zimbra@zimbra:/backups/zmigrate$ zmprov gaaa > admins.txt
zimbra@zimbra:/backups/zmigrate$ cat admins.txt
admin@foo.com
zimbra@zimbra:/backups/zmigrate

4.3 Find all email accounts

Next step is to find all the email accounts hosted in your old server. Get a list of your email accounts and save in the file emails.txt . So from this file we can see how many accounts that need to migrate.
zimbra@zimbra:/backups/zmigrate$ zmprov -l gaa >emails.txt
zimbra@zimbra:/backups/zmigrate$ cat emails.txt
gm@fun.com
forest@fun.com
galsync@fun.com
fax@myserver.com
paul@myserver.com
angela@myserver.com
brooke@myserver.com
hnmobile1@myserver.com
maria@justfortest.com
samantha@justfortest.com
backupmail@justfortest.com
admin@checkit.com
sandra@checkit.com
zimbra@zimbra:/backups/zmigrate$
Please remove all the email accounts from the file /backups/zmigrate/emails.txt with a starting words like spam, virus, ham, galsync . There is no need to restore these accounts. Even if you still need to restore , you can do it. I don’t like spam and virus emails.

If you want to list all email accounts and their status, run this command as zimbra:

zmaccts

It is good to view the output to get some information about the status of the accounts so that I can exclude irrelevant accounts such as closed ones. 

4.4 Get all distribution lists

You need to get all the distributions list and store it in a file called distributinlist.txt.
 
zimbra@zimbra:~$ zmprov gadl > /backups/zmigrate/distributinlist.txt
zimbra@zimbra:~$ cat /backups/zmigrate/distributinlist.txt
budgetrtodomainusers@fun.com
healthnowdomainusers@myserver.com
checkit.comdomainusers@checkit.com
northpointessdomainusers@dieanotherday.com
parkatnorthhillsdomainusers@gnutest.com
zimbra@zimbra:~$

4.5 Get all members in distribution lists

In this step we are going to collect all members in each of these distributions. We will create a folder called distributinlist_members and create a file under this folder named distributinlist.txt , then store all the distributions members.
zimbra@zimbra:~$ mkdir /backups/zmigrate/distributinlist_members
zimbra@zimbra:~$ for i in `cat /backups/zmigrate/distributinlist.txt`; do zmprov gdlm $i > /backups/zmigrate/distributinlist_members/$i.txt ;echo "$i"; done
budgetrtodomainusers@fun.com
healthnowdomainusers@myserver.com
checkit.comdomainusers@checkit.com

4.6 Find all email account’s passwords

Now need to find the encrypted password of all of your old email accounts and store it under a folder named userpass/ as follows:
zimbra@zimbra:/backups/zmigrate$ mkdir userpass
zimbra@zimbra:/backups/zmigrate$ for i in `cat emails.txt`; do zmprov  -l ga $i userPassword | grep userPassword: | awk '{ print $2}' > userpass/$i.shadow; done

4.7 Backup all user names , Display names and Given Names

Zimbra will accept a Names and Disaplay names in email accounts during account creation. So we need to restore those data too. We will create a directory called userdata/ which contains these details of each of those email accounts
zimbra@zimbra:/backups/zmigrate$ mkdir userdata
zimbra@zimbra:/backups/zmigrate$ for i in `cat emails.txt`; do zmprov ga $i  | grep -i Name: > userdata/$i.txt ; done

4.8 Now backup all email account

This will take some time to take backup of all email accounts. So you can run this command behind “screen”. A tgz file will be created with each emails name. We will use this files to transfer email accounts.
 
zimbra@zimbra:/backups/zmigrate$ for email in `cat /backups/zmigrate/emails.txt`; do  zmmailbox -z -m $email getRestURL '/?fmt=tgz' > $email.tgz ;  echo $email ; done
gm@fun.com
forest@fun.com
galsync@fun.com
fax@myserver.com
fax2@myserver.com
paul@myserver.com

This tgz files contains
  • Mail
  • Contacts
  • Calendars
  • Briefcase
  • Tasks
  • Searches
  • Tags
  • Folders
All subfolders are included, except Junk and Trash. There is no way to include these in the big dump, but they can be exported separately:

4.9 Now backup alias

Some times your server may have email aliases for certain accounts. So you need to copy those aliases too. We will create a sub folder called alias/ for storing the backup of Alias.
 
zimbra@zimbra:/backups/zmigrate$ mkdir -p alias/
zimbra@zimbra:/backups/zmigrate$ for i in `cat emails.txt`; do zmprov ga  $i | grep zimbraMailAlias |awk '{print $2}' > alias/$i.txt ;echo $i ;done
gm@fun.com
forest@fun.com
Some of your email accounts don’t have alias. So the above created files may be an empty file. Remove those empty files as follows,’\
zimbra@zimbra:/backups/zmigrate$ find alias/ -type f -empty | xargs -n1 rm -v 

4.10 Rsync folder to new server

Now we have all the required data to do the migration process. As a summery :
  • /backups/zmigrate – Have all the backups stored
  • /backups/zmigrate/domains.txt – Contains the domains names
  • /backups/zmigrate/emails.txt – Contains the list of email accounts
  • /backups/zmigrate/distributinlist.txt – Contains the distribution lists
  • /backups/zmigrate/distributinlist_members – Contains the members in each of your distributions
  • /backups/zmigrate/userpass – Contains the encrypted password of your email accounts
  • /backups/zmigrate/userdata – containts the email accounts user informations
  • /backups/zmigrate/alias – Contains all the aliases of your email accounts
Also the parent folder /backups/zmigrate contains a lot of zip file which are the data inside emails.
Now rsync the files as follows,
root@newserver # rsync -avp -e 'ssh -p 22' root@old-server-ip:/backups/zmigrate /backups/

5. Restore in new server

So after finishing the rsync process , we need to restore this in your new server as follows:
All this operations must be carried out as zimbra sudo user itself. Don’t use root account to store the backups
[root@zimbra ~]# su - zimbra
[zimbra@zimbra]$

5.1 Restore all domains

Now create all the domains that we have from the file /backups/zmigrate/domains.txt
[zimbra@zimbra zmigrate]$ for i in `cat /backups/zmigrate/domains.txt `; do  zmprov cd $i zimbraAuthMech zimbra ;echo $i ;done
2c86f244-de9d-4b7c-8e22-2246a8256219
myserver.com
dbf75058-d85e-4d60-8b69-1f148a456eb6
justfortest.com
ee90ffa2-505d-449f-82fd-129acb21cb5e
checkit.com
8b6bf287-f61e-4930-ada0-96b817292556
dieanotherday.com
17d3c73c-14f7-43aa-9fd2-c9be9e29c9e5
You can also verify the domains created from the zimbra admin panel too

5.2 Create email accounts and set the old password

We need to create the email accounts for storing the mails. We also need to set the old passwords too. We already collected the account info and passwords.
To Create email accounts and restore passwords . Please use the following script to create it
#!/bin/bash
#Scrit  for creating the email accounts createacct.sh
USERPASS="/backups/zmigrate/userpass"
USERDDATA="/backups/zmigrate/userdata"
USERS="/backups/zmigrate/emails.txt"
for i in `cat $USERS`
do
givenName=$(grep givenName: $USERDDATA/$i.txt | cut -d ":" -f2)
displayName=$(grep displayName: $USERDDATA/$i.txt | cut -d ":" -f2)
shadowpass=$(cat $USERPASS/$i.shadow)
tmpPass="CHANGEme"
zmprov ca $i CHANGEme cn "$givenName" displayName "$displayName" givenName "$givenName" 
zmprov ma $i userPassword "$shadowpass"
done

5.3 Restore email accounts

Now we are going to restore the emails from the Zip file. This process may take some hours. So it will be good to run behind “screen” command.
[zimbra@zimbra zmigrate]$ for i in `cat /backups/zmigrate/emails.txt`; do zmmailbox -z -m $i postRestURL "/?fmt=tgz&resolve=skip" /backups/zmigrate/$i.tgz ;  ; echo "$i -- finished "; done
gm@fun.com -- finished 
forest@fun.com -- finished 

5.4 Now recreate the distribution lists

It is time to recreate all the distribution lists as follows.
[zimbra@zimbra zmigrate]$ for i in `cat distributinlist.txt`; do zmprov cdl $i ; echo "$i -- done " ; done
2a852fd8-6e66-426e-a76d-15192536042a
budgetrtodomainusers@fun.com -- done 
a0f6ddb3-8525-4194-9397-6cf0a920dda6

5.5 Restore the distribution lists

After creating the distribution lists we need to add all the members inside the distribution lists. We have the distribution lists in the folder distributinlist_members/ and the list is in distributionlist.txt file. Please use the following small script to restore the distribution lists.
[zimbra@zimbra zmigrate]$ cat restoredist.sh 
#!/bin/bash
# add all memebers to each of these distribution lists
for i in `cat distributinlist.txt`
do
 for j in `grep -v '#' distributinlist_members/$i.txt |grep '@'` 
 do
 zmprov adlm $i $j
 echo " $j member has been added to list $i"
 done

done

5.6 Restore Alias accounts

Please use the following script to restore alias. This will add all the aliases in your email accounts.
#!/bin/bash
for i in `cat /backups/zmigrate/emails.txt`
do
 if [ -f "alias/$i.txt" ]; then
 for j in `grep '@' /backups/zmigrate/alias/$i.txt`
 do
 zmprov aaa $i $j
 echo "$i HAS ALIAS $j --- Restored"
 done
 fi
done

6. Conclusion

So now we migrated all our email accounts. It is time for DNS change. You need to shut down the old zimbra services and change the DNS. After that send some test emails and make sure everything is working fine. Next step is to secure your zimbra server. You need to install ssl certificates and firewall in your new zimbra server. Now you have a new server with new packages and files with the same old email accounts and its data.

Credits go to : Sherin and Syslint (Web)

7. References

https://wiki.zimbra.com/wiki/Zmprov_Examples
https://wiki.zimbra.com/wiki/Zmprov
https://wiki.zimbra.com/wiki/Backing_up_and_restoring_Zimbra_%28Open_Source_Version%29
'https://xmission.com/blog/2015/04/30/zimbra-server-admin-tip-mailbox-password-migration-and-server-settings-comparison'
http://stdout.no/zimbra-open-source-backup-strategy-and-scripts/

Tuesday, July 10, 2018

Zimbra: Restore or import a user mailbox from backup using CLI

If you have backed up or exported an account and named the compressed backup file as backup.tgz, you can restore or import using zimbra webgui or CLI. CLI is the preferred method if involving backup file bigger than 500MB. The command is as below(run as user zimbra):

zmmailbox -z -m email@domain.com postRestURL "/?fmt=tgz&resolve=skip" backup.tgz

That's all there is to it.


Wednesday, January 10, 2018

Problem with KDE Look and Feel and Desktop Theme page empty in KDE System Settings (Ubuntu-based distro)

If you're experiencing empty page of KDE Look and Feel and Desktop Theme (mine from KDE Neon beta), please do these steps:

sudo apt update
sudo apt dist-upgrade
sudo apt install qml-module-org-kde-kcm

It should work.

That's all there is to it.

Renew letsencrypt ssl certificate for zimbra 8.8.15

 Letsencrypt certs usually consists of these files: 1. cert.pem 2. chain.pem 3. fullchain.pem 4. privkey.pem I am not going to discuss about...