1) Après exécuter la commande de configuration : sudo /opt/zimbra/libexec/zmsetup.pl Operations logged to /tmp/zmsetup.20250514-080919.log Installing LDAP configuration database...done. Setting defaults... DNS ERROR resolving MX for zimbra.uriv-poitiers.fr It is suggested that the domain name have an MX record configured in DNS Change domain name? [Yes] y Create domain: [zimbra.uriv-poitiers.fr] uriv-poitiers.fr MX: zimbra.uriv-poitiers.fr (192.168.0.16) Interface: 127.0.0.1 Interface: 192.168.0.16 done. Checking for port conflicts Checking ldap status....not running. Starting ldap...done. Setting defaults from ldap...done. Note The previous configuration appears to have failed to complete Attempt to complete configuration now? [yes] y Save configuration data to a file? [Yes] y Save config in file: [/opt/zimbra/config.33872] Saving config in /opt/zimbra/config.33872...done. The system will be modified - continue? [No] y Operations logged to /tmp/zmsetup.20250514-080919.log Saving CA in ldap...failed. 2) Exécution de la commande pour sauvegarder le CA dans LDAP: zimbra@zimbra:~$ /opt/zimbra/bin/zmcertmgr deployca ** Saving config key 'zimbraCertAuthorityCertSelfSigned' via zmprov modifyConfig...failed (rc=1) 3) Erreur: Search error: Unable to determine enabled services from ldap. Unable to determine enabled services. Cache is out of date or doesn't exist. # Réinitialiser le mot de passe ldap zmldappasswd root # Vérification de la configuration LDAP zmlocalconfig -s | grep ldap # Redémarrage des services Zimbra: zmcontrol restart # Vérifier et redéployer les certificats SSL: /opt/zimbra/bin/zmcertmgr createca /opt/zimbra/bin/zmcertmgr deployca /opt/zimbra/bin/zmcertmgr deploycrt self # Vérifier les permissions: chown -R zimbra:zimbra /opt/zimbra/conf chmod 600 /opt/zimbra/conf/localconfig.xml # Vérifier la connexion LDAP ldapsearch -x -H ldap://zimbra.uriv-poitiers.fr -b "" -s base # Régénération des certificats si besoin : /opt/zimbra/bin/zmcertmgr createca -new /opt/zimbra/bin/zmcertmgr deployca /opt/zimbra/bin/zmcertmgr deploycrt self #Suppression et recréation du keystore (si besoin) mv /opt/zimbra/ssl/zimbra/jetty.pkcs12 /tmp/jetty.pkcs12 mv /opt/zimbra/mailboxd/etc/keystore /tmp/keystore /opt/zimbra/bin/zmcertmgr deploycrt self #Vérification des permissions : chown -R zimbra:zimbra /opt/zimbra/ssl/zimbra/ca chmod 600 /opt/zimbra/ssl/zimbra/ca/ca.key # Régénération des certificats : /opt/zimbra/bin/zmcertmgr createca -new /opt/zimbra/bin/zmcertmgr deployca /opt/zimbra/bin/zmcertmgr deploycrt self keytool -storepasswd -new new_password -keystore /opt/zimbra/ssl/zimbra/jetty.pkcs12 rm /opt/zimbra/ssl/zimbra/jetty.pkcs12 rm /opt/zimbra/mailboxd/etc/keystore /opt/zimbra/bin/zmcertmgr createca -new /opt/zimbra/bin/zmcertmgr deployca /opt/zimbra/bin/zmcertmgr deploycrt self #Exporter les certificats et clés existants : openssl pkcs12 -in /opt/zimbra/ssl/zimbra/jetty.pkcs12.bak -nocerts -out /opt/zimbra/ssl/zimbra/jetty.key -nodes -nomacver openssl pkcs12 -in /opt/zimbra/ssl/zimbra/jetty.pkcs12.bak -nokeys -out /opt/zimbra/ssl/zimbra/jetty.crt #Importer les certificats et clés dans le nouveau keystore : keytool -importkeystore -srckeystore /opt/zimbra/ssl/zimbra/jetty.pkcs12.bak -destkeystore /opt/zimbra/ssl/zimbra/jetty.pkcs12 -deststorepass newpassword -srcstorepass oldpassword #Mettre à jour les configurations Zimbra : /opt/zimbra/bin/zmcertmgr deploycrt self # Réinstaller le service LDAP # Vérifier les sources des paquets: #Arrêtez les services Zimbra : zmcontrol stop # Réinstaller Zimbra LDAP : sudo apt-get install --reinstall zimbra-ldap # Configurer LDAP: /opt/zimbra/libexec/zmsetup.pl #Redémarrez les services Zimbra : zmcontrol start #Vérifiez le statut du service LDAP: zmcontrol status #Testez la connexion LDAP : ldapsearch -x -H ldap://zimbra.uriv-poitiers.fr -b "" -s base #Consultez les logs de Zimbra :: tail -f /opt/zimbra/log/zmconfigd-log4j.log