There are a few cases in which the backup is not working correctly. We discuss those cases here.

  1. Restore of an active account on a new account should NOT be done using the latest state available. Suppose that a user by mistake deletes all of his emails or that for any reason (like e.g., a server failure) the emails in an account are lost. The user wants them back and asks the admin. If the admin restores the status of the account to the latest state available, the result is that the new account will contain the latest state available, which is an empty account, since in the latest state the email have already been deleted. Therefore, in order to correctly restore the account, it is necessary to restore it at a point in time which is antecedent the emails were deleted.

  1. When using the POP3/POP3S protocol, if the email client is configured to download email messages and delete them immediately from the server, these messages may not be included in the backup. This does not happen if the Zextras Powerstore component is installed.

  2. When sending an email directly through an SMTP connection (e.g., using a multipurpose device or connecting to the STMP server using telnet), then that email will not be part of the backup.

  3. When sending email using an IMAP/SMTP client, the IMAP client must be configured to store the send email in a remote folder (using the IMAP STORE command) after the send operation, otherwise the email may not be included in the backup.

The last two cases do not apply when using a browser to connect to the Mailbox. In this case is it the Mailbox that contacts the SMTP server to send the email and automatically passes the email to mailboxd.

Troubleshooting LDAP Backup

In some cases, when backing up a mailbox server, the backup of only the LDAP data may fail and completes with a warning:

Unable to backup LDAP config schema: missing `ldap_root_password` in localconfig.

In this section we provide some suggestions to tackle this problem.

Increase Log Verbosity

Depending on the mailbox server configuration, a number of log messages are saved in the log file. In case an LDAP backup fails and the log file does not report enough messages to identify the root cause of the failure, a first solution is to increase the verbosity of the log file.

zxsuite config server set $(zmhostname) attribute ZxCore_LogLevel value 0

Now, run a backup using the following command (that only backs up the LDAP data) and check again the log file.

zxsuite --json backup doBackupLDAP start

After the command completes and you have finished analysing the log file, remember to restore the verbosity to the previous level:

zxsuite config server set $(zmhostname) attribute ZxCore_LogLevel value 1
Increasing log verbosity can prove useful whenever troubleshooting a problem or searching for more information about a problem.

Missing root credentials

To be able to back up LDAP data, Zextras Suite needs to establish a remote connection to the LDAP server using LDAP root credentials.

In particular, the password is saved in the Zimbra localconfig, but on a mailbox server where the LDAP component is not installed, the LDAP root password is empty. Therefore, the LDAP connection fails with an invalid credentials error and the backup of the LDAP data is not produced.

This situation can be verified by using the following sequence of commands on a mailbox server:

su - zimbra
source bin/zmshutil
zmsetvars
ldapwhoami -x -D $zimbra_ldap_userdn -w $zimbra_ldap_password -H $ldap_master_url

The last command should complete with output

dn:uid=zimbra,cn=admins,cn=zimbra

Now, running the command

ldapwhoami -x -D "cn=config" -w $ldap_root_password -H $ldap_master_url

should output dn:cn=config. If this is not the case, then the LDAP root password is either wrong or not stored in the local configuration.

To fix the problem, follow this three step procedure.

1. Discover the ldap master server
zmlocalconfig ldap_master_url
2. Connect to the ldap master server and obtain the root password
zmlocalconfig -s ldap_root_password

This command will output the password that you need then to store on all mailbox servers on which either zxsuite is running, LDAP backup is enabled, or both.

3. Save password on all mailstores
su - zimbra
zmlocalconfig -e -f ldap_root_password="Password From Previous command"
restart the mailbox service to avoid cached credentials problems
zmmailboxdctl restart

Disable LDAP Backup

In case you do not want to backup LDAP data together with Zextras suite, you can disable it entirely. On each mailbox server, to disable LDAP Backup, run this command.

zxsuite config set server $(zmhostname) ldapDumpEnabled false