Saturday, May 31, 2014

create repo-metadata.sh



 

 create-repo-metadata.sh

 
#!/bin/sh

# This is for Redhat 64 bit versions of Linux with `createrepo` installed. If you
# do not have createrepo, you can install it with:
# yum install -y createrepo

# Change DESTDIR path to RPMS directory of your repo
DESTDIR="/var/www/repo/rhel/6"

for ARCH in x86_64
do
    pushd ${DESTDIR}/${ARCH} >/dev/null 2>&1
        createrepo .
    popd >/dev/null 2>&1
done

how to create an rpm-repository.sh

how-to-create-an-rpm-repository.s 

 
# How to create an RPM repository

# This is for Redhat 64 bit versions of Linux. You can create your own RPM repository # to host your custom RPM packages.
#
# See "How to create an RPM from source with spec file" for more information.
# https://gist.github.com/1376973

# Step: 1
# Install createrepo

yum install -y createrepo

# Step: 2
# Create repo directories for hosting your rpms.
#
# Create your repository inside your base directory. You will also need some rpms for
# your repo. For this example, I am using RHEL6 and /var/www/repo as base directory.

mkdir -p /var/www/repo/rhel/6/{SRPMS,x86_64}

# Step: 3
# Create `create-repo-metadata` executable file
# 
# Use the `create-repo-metadata` command, which can create by downloading a shell
# script and making it an executable file. Make sure this file is in a directory in
# your $PATH. Run the command `echo $PATH` to list them. Install in /usr/local/bin
#
# IMPORTANT: In the script above, replace the path in 'DESTDIR' with:
# /var/www/repo/rhel/6

curl http://bit.ly/sZpx8f > /usr/local/bin/create-repo-metadata
chmod +x /usr/local/bin/create-repo-metadata

# Step: 4
# Create the repository metadata
#
# After creating the metadata, your repository will be ready for use

create-repo-metadata

# Tip!
#
# If you have made this repo publicly available, others can use this yum repo config
# file to update their own systems.
#
# Run `vi /etc/yum.repos.d/my.repo` to create the file

[myrepo]
name=My Repository
baseurl=http://mywebsite.com/rhel/6/$basesearch
enabled=1

# Then simply run `yum update` to install the rpms.

yum update

How To Configure Static IP On CentOS 6

  Linux Static IP

## Configure eth0
#
# vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE="eth0"
NM_CONTROLLED="yes"
ONBOOT=yes
HWADDR=A4:BA:DB:37:F1:04
TYPE=Ethernet
BOOTPROTO=static
NAME="System eth0"
UUID=5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03
IPADDR=192.168.1.44
NETMASK=255.255.255.0


## Configure Default Gateway
#
# vi /etc/sysconfig/network

NETWORKING=yes
HOSTNAME=centos6
GATEWAY=192.168.1.1


## Restart Network Interface
#

/etc/init.d/network restart

## Configure DNS Server
#
# vi /etc/resolv.conf

nameserver 8.8.8.8      # Replace with your nameserver ip
nameserver 192.168.1.1  # Replace with your nameserver ip

Friday, May 30, 2014

How to View DVDs on Your Hard Drive with Windows Media Center

This page shows how to view DVDs that are stored on your local hard drive using Windows Media Center (WMC), Vista version.
If you have created, ripped or backed up DVDs on your hard drive and tried to play them in the Vista version of Windows Media Center, you will probably find that it doesn't work. When you try to play a DVD, WMC tries to open the folder and tells you that it's empty. This is because, unlike previous versions of WMC, this isn't how you play DVD folders in Vista.

Rather than playing DVDs from the Videos section, you need to use the DVD Library which is located in the TV & Movies section. If this is not enabled (i.e. you can't see it in the main menu), you need to edit the registry.

Warning: Editing the registry is for experienced users only. Inexperienced users can cause serious damage.

Here is the required registry edit:
Registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Media Center\Settings\DvdSettings
Registry value: ShowGallery
Registry value data type: REG_SZ
Registry value data: Gallery = enable My DVDs; Play = do not enable My DVDs
Change the setting to "Gallery", reboot the computer and restart Media Center. You should now see "dvd library" in the menu. To add DVDs, go to the information menu (click "i" on the remote control) and select "Add Movies".

Pros and Cons of Windows Media Center

Windows Media Center (MCE) has a lot of pros and cons compared to traditional home entertainment setups — it can be a source of both great joy and desperate frustration. It pays to understand what you're getting into before you decide to invest in this system.

Pros

If you've never used a system like this before, be prepared to get excited. MCE, like other similar computer-based systems, will change the way you think about home entertainment. It's hard to describe just how good it is having all your media stuff in one place. Trust me — you need to experience it to understand why it's the biggest thing to hit the home entertainment market since the VCR. Here are just some of the things you can do:
  • Access everything from one simple on-screen menu (and a single remote control): TV channels, radio stations, personal videos, music, photos and online media sources.
  • If you like, use a wireless keyboard and mouse to control the PC from your couch. You can also purchase the purpose-built MCE keyboard/mouse-pointer combo which gives you everything in a small, tidy unit.
  • Pause and resume live TV — phone calls in the middle of your favourite program are no longer a problem.
  • Use the scheduler to automatically record programs daily, weekly or whatever — you never have to remember to record and your favourite shows are always waiting for you. Programs that are on in the middle of the night or while you're at work are just as easy to watch as any other program.
  • Create custom playlists, video screensavers, photo slideshows, etc. You can even play music playlists with photo slideshows.
  • Flick between watching TV and surfing the net. If you see something you want to investigate while you're watching TV, pause the program, do some surfing, then pick up the program where you left off.
  • Add multiple tuner cards to record multiple channels at once (requires some computer expertise).
  • With a bit of practice you can virtually eliminate ad breaks from your life.
This biggest overall advantage is the ease with which you can do all these things. For example, you can timeshift with your VCR but you could never do what the MCE scheduler does — it's in another league. Keeping control of what the kids watch is no longer a task. You will be surprised at how often you look at your home videos or photo albums when it's just another button on your remote. The list goes on — half the fun is in realising what you can do that you never thought would be practical.

Cons

If you are lucky enough to live in a country fully supported by MCE, and your installation goes smoothly, there aren't too many nasty surprises. However this is relatively new technology and things may not go quite as well as promised. For example, if you live outside the USA you may find that you can't easily program all your local TV channels or find a local programming guide.
The company which sells you your MCE system may not have the technical support needed to fix problems. For example, many shops may be happy to sell you a MCE PC but do not have staff trained to deal with configuration and tuning issues. I recommend that you make the terms of your purchase clear before you hand over the cash — you expect a fully-functional system tuned to all your channels and ready for viewing.
You may be disappointed in the quality of the video picture. This can be tweaked, but depending on your computer system and your skills, you may find it hard to get the same quality as your TV tuner or DVD player. This is becoming less of an issues over time, and it is certainly possible to get excellent pictures, but it's an issue worth noting.
Be warned: Many problems reported by MCE users are not easy to fix and may require measures such as editing the registry. This is not for the technically faint-hearted!

Overview of Windows Media Center

Windows Media Center Edition (MCE) is a special version of Windows designed to drive your home entertainment system. It's basically like a normal PC running Windows, but it uses your TV as a monitor and your sound system for audio.
These are the basic components:
 
  • PC with TV tuner card and DVD drive, running Windows Media Center Edition
  • Monitor or television set
  • Sound system (optional — you could use the TV's speakers)
  • Remote control
  • Wireless keyboard & mouse (optional)

Features

MCE consists of 6 main areas, all accessed from the main menu:
  1. My DVD
    Play DVDs using the PC's DVD drive.
  2. My Videos
    Save your favourite videos on hard drive and organise them in folders for easy access.
  3. My Pictures
    Save photos in folders, organise into albums and create slideshows.
  4. My TV
    View live or recorded TV programs. Live TV allows you to pause, rewind and resume programs. Recorded TV includes a scheduler to automatically record and organise saved programs.
  5. My Music
    Save music in folders, retrieve album information from the net, create playlists.
  6. Radio
    Program your favourite radio stations.
  7. Online Spotlight
    Get access to online content (not all countries are supported).

Remote Control

The official MCE remote control is the last remote control you'll ever need (well, maybe). Once you have your system set up you can control everything from here.
The remote control functions adapt to the area of MCE you are using, for example, the stop/play buttons work the same for live TV as recorded music. The up/down/left/right buttons have a whole range of functions depending on what you're doing, but it's surprisingly intuitive so there's no need to be intimidated.
Other common functions include:
  • Direct access to all main areas of MCE.
  • Manage recordings, playlists, etc.
  • Enter text characters when necessary.
  • Start up Windows Media Center, shut down the PC.
While the remote can control virtually every aspect of MCE, you will still need a keyboard if you want to use the computer's other features such as web browsing and running other applications.

Plugins & Additions

There are a range of official and unofficial add-ons for Windows Media Center. Common examples include picture enhancement, advanced scheduling, games, etc.
These applications are changing constantly — you should search the Internet for the current favourites.

Cost

The cost is around the same price as a decent home PC. Assuming you already have a suitable TV you don't need to buy a monitor — this compensates for having to include a decent amount of RAM and tuner card(s).

Encrypted Files in Windows

If you experience any of the following problems, you may be dealing with an encrypted file:
If a file name is shown in green in your Windows file manager, it's encrypted.

  • One or more files have turned green in My Computer (Windows Explorer).
  • You are unable to copy, move or otherwise alter a file.
  • You get a message saying you do not have permission to open or edit a file, even as Administrator.

 

 

 

What is an encrypted file?

A file that has been encoded with a special "key" to prevent unauthorized access.

How to find encrypted files

To locate all encrypted files on your system, open a command prompt and type the following command, then press the Enter key:
cipher /u /n

How do I get control of this file back?

Warning: It may not be possible to recover the file. Try these steps:
  1. Right-click the file and select Properties.
  2. Select Advanced (in the General tab).
  3. Uncheck Encrypt contents to secure data.
  4. Click OK. With any luck, the file name will turn from green to black and you'll be back in control.
Advanced Attributes

What if this doesn't work?

If you still see error messages telling you that permission is denied, and you are unable to remove the encryption, you have a more serious problem. Most likely the file was encrypted by someone else or you have copied the file to a new computer.
The next step is to open a command prompt and type the following command, then press the Enter key. This will find all the encrypted files on your system and attempt to update the file encryption key or recovery keys.
cipher /u
Read the output from the window to see if you've been successful. If not, the only remaining hope is to find the original encryption key. Hopefully you are able to use a backup of the key, but you'll need to know where it is.
Unfortunately, in some cases you won't have the key. For example, if you moved to a new computer without making a backup of the encryption key, and you no longer have access to the old computer, you're out of luck. In such cases the file is irretrievable.

Windows Command Prompt

Occasionally you might need to use the Windows Command Prompt to enter a particular command. This can be a little intimidating if you've never done it before but it's actually very simple. Hopefully you've been given instructions so all you need to do is open the window, type or paste your command, and hit the Enter key on your keyboard.

To open the Command Prompt window:

Windows Command Prompt

 

Windows 7:

  1. Click the Start button.
  2. In the Search Programs and Files field, type "Command Prompt" and hit Enter.

Windows 8:

  1. Open the search charm and enter "Command Prompt".

Tips

  • Be extremely careful when typing commands. Triple-check that your spelling is absolutely 100% correct, including any punctuation and spaces. Even one single wrong character or space can cause a lot of damage.
  • You can copy commands from elsewhere and paste them into the prompt window. After copying the text, right-click inside the prompt window and select Paste.

How to Change a File Extension in Windows 7

This page shows you how to change a file extension in Windows. For example, you might want to rename a file called MyDocument.rtf to MyDocument.txt.
These instructions are for Windows 7 but the same basic process applies to most versions of Windows (see screenshots from Windows XP).

NOTE: Changing a file extension should only be done if you are confident it's the right thing to do. Test the file thoroughly after the change. If it doesn't work you can easily change the extension back—just make sure you remember what it was!

My Computer

The first thing to do is open Windows Explorer (or My Computer) and view the file you wish to change. We'll use the example of MyDocument.rtf. When we browse to the file it looks like this:

Windows Explorer
You'll notice that the file does not appear to have an extension—it's just called MyDocument. That's because in this example Windows is set to hide extension names.

If you can already see file extensions on your computer, skip the next step.

If you can't see the file extension, go to organize > Folder and Search Options, then click the View tab. Uncheck the box titled "Hide extensions for known file types" like so:

Folder Options Window

Click OK. Now you should be able to see the file extension:

Windows Explorer

Right-click the file name and select Rename (or left-click and hold down the button for one second). Enter the new extension like so:

Changing the extension

After entering the new extension, hit the Enter (return) key. Windows will give you a warning that the file may not work properly. This is quite safe—remember that you can restore the original extension if anything goes wrong.
It's also possible that you might get another message telling you that the file is "read-only". In this case either say yes to turning off read-only, or right-click the file, select Properties and uncheck the Read-only box.
If you do not have permission to change the file extension, you may have to login as Administrator. Another option is to make a copy of the file, rename the copy and then delete the original.

Note: Windows treats file extensions as case-insensitive, i.e. .RTF is the same as .rtf. However other operating systems do not, and will treat MyDocument.RTF and MyDocument.rtf as two different files. Therefore it is good practice to always treat your files as case-sensitive for maximum compatibility. This is especially crucial if you are going to use the files on the Internet. We recommend that you get into the habit of using all lower-case letters for all file extensions—then there's no confusion.

How to Change a File Extension in Windows XP

Windows Explorer

The first thing to do is open Windows Explorer (or My Computer) and view the file you wish to change. We will use the example of a file called myfile.rtf which we want to change to myfile.txt. It looks like this in Windows Explorer:
Windows Explorer
At this stage you might notice that your file does not appear to have an extension (in the above example it would simply be called myfile). This is probably because you have Windows set to hide extension names. Go to Tools > Folder Options, then click the View tab. Uncheck the box titled "Hide extensions for known file types" like so:
Folder Options Window
Click OK. Now you should be able to see the file extensions for all files. Right-click the file name and select Rename. Enter the new extension like so:

Changing the extension

After entering the new extension, hit the Enter (return) key. Windows will give you a warning that the file may not work properly. This is quite safe — if the file does stop working you can always change the extension back (just make sure you remember what it was!).
If you get another message telling you that the file is "read-only" and asking if you want to turn read-only off, say yes.

How to Setup Nagios 3.4.4 Network Monitoring On Ubuntu Server 12.04/12.10

This guide will shown you how to installing latest version of nagios 3.4.4 on Ubuntu Server 12.04/12.10. Nagios is free and open source tool with GPL License allowing to control and monitor the items and services on a network. When it detects a problem it sends alert messages, either by mail or by other techniques.
Step 1. Before installing Nagios 3.4.4 on Ubuntu Server 12.04/12.10, make sure your Ubuntu Server is up to date. Enter the following commands one by one, and install any available updates:
sudo apt-get update
sudo apt-get upgrade -y
Step 2.  Install Apache 2, PHP5, GCC ( development libraries and compilation), GD ( development libraries) on other package
sudo apt-get install build-essential apache2 php5-gd wget libgd2-xpm libgd2-xpm-dev libapache2-mod-php5 libssl-dev
Step 3. Create users and groups for Nagios:
sudo mkdir -p /etc/nagios /var/nagios
sudo groupadd --system --gid 9000 nagios
sudo groupadd --system --gid 9001 nagcmd
sudo adduser --system --gid 9000 --home /usr/local/nagios nagios
sudo usermod --groups nagcmd nagios
sudo usermod --append --groups nagcmd www-data
sudo chown nagios:nagios /usr/local/nagios /etc/nagios /var/nagios
Step 4. Download the source code of both compressed Nagios and the Nagios plugins (visit http://www.nagios.org/download/ for links to the latest versions). At time of writing, the latest versions of Nagios 3.4.4 and the Nagios plugins 1.4.16
cd /usr/local/src/
wget http://sourceforge.net/projects/nagios/files/nagios-3.x/nagios-3.4.4/nagios-3.4.4.tar.gz
wget http://sourceforge.net/projects/nagiosplug/files/nagiosplug/1.4.16/nagios-plugins-1.4.16.tar.gz
Step 5. Extract, Compile and Install source of nagios 3.4.4
sudo tar -xzvf /usr/local/src/nagios-3.4.4.tar.gz
cd /usr/local/src/nagios
sudo ./configure --sysconfdir=/etc/nagios --localstatedir=/var/nagios --prefix=/usr/local/nagios --with-nagios-user=nagios --with-nagios-group=nagios --with-command-group=nagcmd --with-openssl=/usr/bin/openssl --enable-perl-modules --with-mail=/usr/bin/sendemail
sudo make all
sudo make install
sudo make install-init
sudo make install-config
sudo make install-commandmode
Step 6. Edit file /etc/objects/contacts.cfg to change the email address that is associated with nagiosadmin contact with the email address where you want to be alerted.
sudo nano /etc/objects/contacts.cfg
Example:
define contact{
               contact_name   nagiosadmin ;
               use            generic-contact ;
               alias          Ubuntu Precise ;
               email          admin@ubuntuprecise.net ;
}
Step 7. Edit file /etc/nagios/objects/commands.cfg to change both sendemail references to match the correct sendemail syntax:
sudo nano /etc/nagios/objects/commands.cfg
define command{
 command_name notify-host-by-email
 command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/sendemail -s srv-mail:25 -f "admin <admin@ubuntuprecise.net>" -t $CONTACTEMAIL$ -u "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **"
}
define command{
command_name notify-service-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | /usr/bin/sendemail -s srv-mail:25 -f "admin <admin@ubuntuprecise.net>" -t $CONTACTEMAIL$ -u "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **"
}
Step 7. Now we need to configure Nagios to access it via web interface.
  • Install the web configuration file in the Apache conf.d directory:
cd /usr/local/src/nagios
sudo make install-webconf
  • Create password for Account nagiosadmin to enter the Nagios web interface. Remember the password you assign to this account – you will need it later. then restart apache2 daemon
sudo htpasswd -c /etc/nagios/htpasswd.users nagiosadmin
sudo /etc/init.d/apache2 reload
  • Edit file /etc/apache2/apache2.conf and add the following line:
sudo nano /etc/apache2/apache2.conf
DirectoryIndex index.html index.php index.cgi
Step 8. Check your Nagios 3.4.4 configuration file for errors by typing following command. Look for errors in red
sudo /usr/local/nagios/bin/nagios -v /etc/nagios/nagios.cfg
Step 9. Extract, Compile and install Nagios Plugins 1.4.16
cd /usr/local/src
wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.16.tar.gz
sudo tar -zxvf /usr/local/src/nagios-plugins-1.4.16.tar.gz
cd /usr/local/src/nagios-plugins-1.4.16
sudo ./configure --sysconfdir=/etc/nagios --localstatedir=/var/nagios --with-nagios-user=nagios --with-nagios-group=nagios
sudo make
sudo make install
Step 10. Set Nagios is started whenever the system boots up, then restart nagios daemon
sudo /usr/sbin/update-rc.d -f nagios defaults 99
sudo ln -s /etc/init.d/nagios /etc/rcS.d/S99nagios
sudo /etc/init.d/nagios restart
If all goes well, we should now be able to enter a Web browser to access Nagios administrator panel. Open a web browser and enter:
http://domain/nagios/
We ask for the username (nagiosadmin) with the password you have chosen in step 7.  If all went well you should see the home page of Nagios Administrator Panel
Link Reference:

ZCS 8.0.7 has been rebuilt to include fix for OpenSSL Heartbleed Vulnerability


Zimbra Collaboration Suite 8.0.7 - both the Network Edition and Open-Source Edition - have been rebuilt to include the fix for the OpenSSL Heartbleed Vulnerability.

If you haven't yet upgraded to 8.0.7, the current versions up on the Download site now disable TLS Heartbeat and protect against the OpenSSL Heartbleed Vulnerability:


In short:

  • If you downloaded ZCS 8.0.7 prior to Thursday, April 10, then your version DOES NOT include the OpenSSL fix. This would be ZCS 8.0.7 build 6020. -> Vulnerable, you would still need the OpenSSL patch: https://www.zimbra.com/forums/announ...erability.html
  • If you downloaded ZCS 8.0.7 Thursday, April 10 or after, then your version DOES include the OpenSSL fix. This would be ZCS 8.0.7 build 6021. -> Not Vulnerable

There are a few ways you can confirm:

1. Check your version tarball for the build number 6021. For example:

http://files2.zimbra.com/downloads/8...WORK-8.0.7_GA_6021.RHEL6_64.20140408123937.tgz

2. Check zmcontrol for the build number:

# su - zimbra
$ zmcontrol -v
Release 8.0.7_GA_6021.RHEL6_64_20140408123937 RHEL6_64 NETWORK edition.


3. Check the libssl shared library

Vulnerable:
$ strings /opt/zimbra/openssl/lib/libssl.so | grep dtls1_heartbeat
dtls1_heartbeat
$


Not Vulnerable:
$ strings /opt/zimbra/openssl/lib/libssl.so | grep dtls1_heartbeat
$

OpenSSL Patch Update for ZCS 8.0.3 Only


If you patched for the OpenSSL Heartbleed vulnerability for Zimbra Collaboration Server 8.0.3 prior to Wed April 09, 2014, 11:00 Eastern/08:00 Pacific, you will need to re-patch.

Please note: this is ONLY for ZCS 8.0.3. All other patches were fine, but the 8.0.3 openssl builds were still vulnerable. Repeating, this is only for ZCS 8.0.3.

Here is how you can check your build version:
$ zmcontrol -v
(look for "8.0.3")

Here is how you can check your OpenSSL version - only un-patched versions of OpenSSL 1.0.1 that are compiled with TLS Heartbeat support are vulnerable:
$ ls -ld /opt/zimbra/openssl*
lrwxrwxrwx 1 root root 26 Jan 17 16:04 /opt/zimbra/openssl -> /opt/zimbra/openssl-1.0.1d
drwxr-xr-x 6 root root 4096 Jan 17 16:03 /opt/zimbra/openssl-1.0.1d


Here is how you can confirm if your libssl library is vulnerable or not:

Vulnerable:
$ strings /opt/zimbra/openssl/lib/libssl.so | grep dtls1_heartbeat
dtls1_heartbeat
$


Not Vulnerable:
$ strings /opt/zimbra/openssl/lib/libssl.so | grep dtls1_heartbeat
$


In order to re-patch, please download the latest version of the updater script and re-patch all Zimbra nodes (particularly those Internet-accessible, but all nodes should be patched):

(as root)
1) wget http://files.zimbra.com/downloads/se...ssl-updater.sh
2) chmod a+rx zmopenssl-updater.sh
3) ./zmopenssl-updater.sh
(as user zimbra)
4) su - zimbra
5) zmcontrol restart


The results should show the updater re-patching the system:

# ./zmopenssl-updater.sh
Downloading patched openssl
Validating patched openssl: success
Backing up old openssl: complete
Installing patched openssl: complete
OpenSSL patch process complete.
Please restart Zimbra Collaboration Suite as the Zimbra user via zmcontrol restart


If you were to run the updater again, it should then show the system as patched:
# ./zmopenssl-updater.sh
Error: Already patched
openssl-1.0.1e.brokenheart.46302


All 8.0.3 patching after Wed April 09, 2014, 11:00 Eastern/08:00 Pacific, should be fine, as the openssl builds on files.zimbra.com were updated to disable TLS Heartbeat. To double check, please use the “strings” method shown above.

For additional information, please reference these instructions:
https://www.zimbra.com/forums/announ...erability.html

How to Setup Zimbra Collaboration Suite Open Source Edition 8.0.2 in Ubuntu Server 12.04

This guide shown you how to installing and configure Zimbra Collaboration Suite (ZCS) Open Source Edition 8 as web mail server on Ubuntu Server 12.04 LTS machine. Zimbra Collaboration Suite an open source mail server is not just to send and receive emails but it’s a fully featured which includes easily manage and search large inboxes of emails using folders, tags, filters and conversation views in a rich, innovative user interface.  It also have feature-rich AJAX web interface and is compatible with clients such as Microsoft Outlook, Apple Mail, and Novell Evolution so that mail, contacts, and calendar items can be synchronised from these to the Zimbra Collaboration Suite open source edition.


Zimbra is my email server solution of choice, because it’s very easy to install and configure, and the features you get are unmatched by other open source email solutions.  Ubuntu Server 12.04 is the current Ubuntu Server Edition LTS, which will be supported for servers until 2017, so this is a great time to use it on a server you don’t want to have to take offline for frequent updates, like a mail server

Installing and Configure Zimbra Collaboration Suite (ZCS) Open Source Edition 8

Login into your server using SSH, Make sure your package repositories and installed programs are up to date:
sudo apt-get update
sudo apt-get upgrade --show-upgraded
Install some necessary packages
sudo apt-get install libgmp3c2 libperl5.14 sqlite3 sysstat -y
Install BIND9 dns server, it for Network Address translator (NAT)
sudo apt-get install bind9 -y
After install bind9 DNS Server reboot your server with following command
sudo init 6
After rebooting the server login again into your server then setup DNS records. edit file /etc/bind/named.conf.options
sudo nano /etc/bind/named.conf.options
options {
 directory "/var/cache/bind";

 // If there is a firewall between you and nameservers you want
 // to talk to, you may need to fix the firewall to allow multiple
 // ports to talk. See http://www.kb.cert.org/vuls/id/800113 
 // If your ISP provided one or more IP addresses for stable
 // nameservers, you probably want to use them as forwarders.
 // Uncomment the following block, and insert the addresses replacing
 // the all-0's placeholder. 
 forwarders {
            8.8.8.8;
    }; 
    auth-nxdomain no; # conform to RFC1035
    listen-on-v6 { any; };
}; 
zone "zimbra.tricksvan.com" {
      type master;
      file "db.zimbra.tricksvan.com";
};
Save and exit. and Now, Create file /var/cache/bind/db.zimbra.tricksvan.com don’t forget to change filename to match with zone file
sudo touch /var/cache/bind/db.zimbra.tricksvan.com
sudo nano /var/cache/bind/db.zimbra.tricksvan.com
Copy and paste following configuration into file /var/cache/bind/db.zimbra.tricksvan.com :
$ttl 38400
@       IN   SOA     webmail.zimbra.tricksvan.com. webmail.zimbra.tricksvan.com. (
                     2013012011
                     10800
                     3600
                     604800
                     38400 )
        IN     NS      ns1.zimbra.tricksvan.com.
        IN     NS      ns2.zimbra.tricksvan.com.
        IN     A       192.168.40.2
        IN     MX      10 webmail.zimbra.tricksvan.com.

@       A      192.168.40.2
ns1     A      192.168.40.2
ns2     A      192.168.40.2
webmail A      192.168.40.2
Edit file /etc/resolv.conf and change nameserver to 127.0.0.1
sudo nano /etc/resolv.conf
search zimbra.tricksvan.com
nameserver 127.0.0.1
Restart bind9
sudo /etc/init.d/bind9 restart
Now the DNS server is set. To check DNS server works try with following command:
nslookup zimbra.tricksvan.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: zimbra.tricksvan.com
Address: 192.168.40.2
nslookup webmail.zimbra.tricksvan.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: webmail.zimbra.tricksvan.com
Address: 192.168.40.2
dig zimbra.tricksvan.com mx
; <<>> DiG 9.8.1-P1 <<>> zimbra.tricksvan.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18531
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;;
;; QUESTION SECTION:
;zimbra.tricksvan.com. IN MX
;;
;; ANSWER SECTION:
zimbra.tricksvan.com. 38400 IN MX 10 webmail.zimbra.wingfoss.com.
;;
;; AUTHORITY SECTION:
zimbra.tricksvan.com. 38400 IN NS ns1.zimbra.tricksvan.com.
zimbra.tricksvan.com. 38400 IN NS ns2.zimbra.tricksvan.com.
;;
;; ADDITIONAL SECTION:
ns1.zimbra.tricksvan.com. 38400 IN A 192.168.40.2
ns2.zimbra.tricksvan.com. 38400 IN A 192.168.40.2
;;
;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jan 28 21:14:40 2013
;; MSG SIZE rcvd: 153
Download latest version ZCS Open Source Editon
wget http://files2.zimbra.com/downloads/8.0.2_GA/zcs-8.0.2_GA_5569.UBUNTU12_64.20121210115059.tgz
tar -xzvf zcs*
cd zcs*
Install Zimbra Collaboration Suite Open Source Edition 8 by executing script install.sh
sudo ./install.sh
  • License Agree = Y
  • Install zimbra-ldap = Y
  • Install zimbra-logger = Y
  • Install zimbra-mta = Y
  • Install zimbra-snmp = Y
  • Install zimbra-store = Y
  • Install zimbra-apache = Y
  • Install zimbra-spell = Y
  • Install zimbra-memchached = N
  • Install zimbra-proxy = N
  • System will be modified? = Y
  • Change domain name = Y = webmail.zimbra.tricksvan.com
    Main menu
    1) Common Configuration: 
    2) zimbra-ldap: Enabled 
    3) zimbra-store: Enabled 
         +Create Admin User: yes 
         +Admin user to create: admin@zimbra.tricksvan.com
         ******* +Admin Password UNSET 
         +Anti-virus quarantine user: virus-quarantine.rfi7ocq4@zimbra.tricksvan.com
         +Enable automated spam training: yes 
         +Spam training user: spam.fr5ekeowkp@zimbra.tricksvan.com
         +Non-spam(Ham) training user: ham.ubskg1jvt@zimbra.tricksvan.com
         +SMTP host: webmail.zimbra.tricksvan.com
         +Web server HTTP port: 80 
         +Web server HTTPS port: 443 
         +Web server mode: https 
         +IMAP server port: 7143 
         +IMAP server SSL port: 7993 
         +POP server port: 7110 
         +POP server SSL port: 7995 
         +Use spell check server: yes 
         +Spell server URL: http://webmail.zimbra.tricksvan.com:7780/aspell.php
         +Enable version update checks: TRUE 
         +Enable version update notifications: TRUE 
         +Version update notification email: admin@tricksvan.com 
         +Version update source email: admin@tricksvan.com
    4) zimbra-mta: Enabled 
    5) zimbra-snmp: Enabled 
    6) zimbra-logger: Enabled 
    7) zimbra-spell: Enabled 
    8) zimbra-proxy: Enabled 
    9) Default Class of Service Configuration: 
    r) Start servers after configuration yes 
    s) Save config to file 
    x) Expand menu 
    q) Quit
    Address unconfigured (**) items (? - help)
    To change admin password enter number 3 then enter number 4,  r to return and put a to apply Zimbra configuration
  • 4 = Admin password set = ******
  • r for previous menu
  • a to apply
  • Save config = Y and Enter
  • System will be modified? = Y
After done installing ZCS Open Source Editon 8. Access web admin panel ZCS Open Source Editon 8 by opening your favorite browser from computer on your network and navigate to [ https://192.168.40.2:7071 ] and Enter the user admin with password.
How to Setup Zimbra Collaboration Suite Open Source Edition 8.0.2 in Ubuntu Server 12.04

Link reference:

Thursday, May 29, 2014

Install Self-Signed Certificate in Zimbra Mail Server

When we install zimbra mail server, then automatically performs zimbra generate Self-Signed Certificate for webmail clients, webmail console, smtp, pop and imap. Self-Signed Certificate valid for one year from installation zimbra mail server. If the expiry date Self-Signed Certificate is not renewed automatically zimbra mail server can not be used to send and receive e-mail because it is considered less safe by zimbra.

To check the validity period on a Self-Signed Certificate zimbra mail server, please do the following :
 mail:~ # su - zimbra
zimbra@mail:~> su
Password:
mail:/opt/zimbra # zmcertmgr viewdeployedcrt

To install the Self-Signed Certificate on the mail server zimbra is already expired, please run the step-by-step below :

Before installing the Self-Signed Certificate is new, we should first backup the Self-Signed Certificate old with the command :
 mail:~ # cp -rf /opt/zimbra/ssl /opt/zimbra/backup

The next is to generate a new Certificate Authority (zmssl.cnf, ca.key, and ca.pem) :
 mail:~ # cd /opt/zimbra/bin
mail:/opt/zimbra/bin # ./zmcertmgr createca -new

Then we request the validity period of the Self-Signed Certificate for zimbra mail server, for example for 1 year (365 days) or 2 years (730 days) :
 mail:/opt/zimbra/bin # ./zmcertmgr createcrt -new -days 730

Then install deploycrt self & deploy ca :
 mail:/opt/zimbra/bin # ./zmcertmgr deploycrt self
mail:/opt/zimbra/bin # ./zmcertmgr deployca

Restart daemon zimbra mail server :
 mail:~ # su - zimbra
zimbra@mail:~> zmcontrol restart

Finally It's finished installation Self-Signed Certificate on the mail server zimbra.