[GH-ISSUE #156] Can't make ldap backup with sudo -u zimbra #123

New issue

Open

opened 2026-02-27 08:14:27 +03:00 by kerem · 3 comments

kerem commented 2026-02-27 08:14:27 +03:00

Owner

Copy link

Originally created by @soniqsoft on GitHub (Jan 25, 2021).
Original GitHub issue: https://github.com/lucascbeyeler/zmbackup/issues/156

ISSUE TYPE

• Bug Report

ENVIRONMENT VERSION

• Zmbackup Version: 1.2.5
• Zimbra Version: 8.8.15
• Linux Distribution & Version: Ubuntu 18.04.5 LTS

SUMMARY

Hi,
I'm trying to run full and incremental backups with zmbackup cron included in package.
Unfortunately can't get it done due to ldap backup fail with messages:

Zmbackup: LDAP - Can't extract accounts from LDAP - Error below:
Zmbackup: ldap_start_tls: Connect error (-11)#012#011additional info: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (self signed certificate in certificate chain)#012ldap_result: Can't contact LDAP server (-1)
Zmbackup: Mail sent to admin@email to notify about the backup routine conclusion.
Zmbackup: Excluding the temporary files before close.

However I can:

telnet mail.server 389

without any issue.

I've got letsencrypt certificate deployed on my zimbra server.

The problem does not exist when I'm running full or incremental backup in following sequence:

su - zimbra
zmbackup -f -ldp
or
zmbackup -f
or
zmbackup -i`

Any idea how to get it working with cron?

Thanks in advance.
M@riusz

STEPS TO REPRODUCE

Install zimbra
Install and deploy letsencrypt certificate based on this: https://github.com/VojtechMyslivec/letsencrypt-zimbra
Install zmbackup following this: https://github.com/Zmbackup/zmbackup
sudo -u zimbra zmcontrol -ldp

ACTUAL RESULTS

In syslog file I can see:

Zmbackup: LDAP - Can't extract accounts from LDAP - Error below:
Zmbackup: ldap_start_tls: Connect error (-11)#012#011additional info: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (self signed certificate in certificate chain)#012ldap_result: Can't contact LDAP server (-1)
Zmbackup: Mail sent to admin@email to notify about the backup routine conclusion.
Zmbackup: Excluding the temporary files before close.

and I'm receiving an email confirming proper result of the backup task:

Greetings Administrator,
    

This is an automatic message to inform you that the process for Account - Only LDAP BACKUP that you scheduled ended right now.
    
Here some information about this session:

Size: 0
Accounts: 0
Status: SUCCESS

Regards,
Zmbackup Team
    

Summary of files:

Originally created by @soniqsoft on GitHub (Jan 25, 2021). Original GitHub issue: https://github.com/lucascbeyeler/zmbackup/issues/156 <!-- Before open an issue, please remember to check our Google Group (link in README.md) and the other issues. Maybe what you want is already answered. You don't need to answer all the questions below, just answer what is pertinent to what you want (You don't need to explain the steps to reproduce and the results if your issue is about the documentation) --> <!-- ISSUE TYPE: Inform what kind of issue we are talking about. Choose only one option. --> ##### ISSUE TYPE - Bug Report <!-- ENVIRONMENT VERSION: Describe the environment you are using the Zmbackup and its version. --> ##### ENVIRONMENT VERSION - Zmbackup Version: 1.2.5 - Zimbra Version: 8.8.15 - Linux Distribution & Version: Ubuntu 18.04.5 LTS <!-- SUMMARY: Describe your issue in this field. The more detailed you gave us, more easy and fast will be for us to debug and fix the software. --> ##### SUMMARY Hi, I'm trying to run full and incremental backups with zmbackup cron included in package. Unfortunately can't get it done due to ldap backup fail with messages: ``` Zmbackup: LDAP - Can't extract accounts from LDAP - Error below: Zmbackup: ldap_start_tls: Connect error (-11)#012#011additional info: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (self signed certificate in certificate chain)#012ldap_result: Can't contact LDAP server (-1) Zmbackup: Mail sent to admin@email to notify about the backup routine conclusion. Zmbackup: Excluding the temporary files before close. ``` However I can: ``` telnet mail.server 389 ``` without any issue. I've got letsencrypt certificate deployed on my zimbra server. The problem does not exist when I'm running full or incremental backup in following sequence: ``` su - zimbra zmbackup -f -ldp or zmbackup -f or zmbackup -i` ``` Any idea how to get it working with cron? Thanks in advance. M@riusz <!--- SUMMARY:For bugs, show exactly how to reproduce the problem, using a minimal test-case. For new features, show how the feature would be used. --> ##### STEPS TO REPRODUCE ``` Install zimbra Install and deploy letsencrypt certificate based on this: https://github.com/VojtechMyslivec/letsencrypt-zimbra Install zmbackup following this: https://github.com/Zmbackup/zmbackup sudo -u zimbra zmcontrol -ldp ``` <!-- ACTUAL RESULTS: What happened when you did the steps before. --> ##### ACTUAL RESULTS In syslog file I can see: ``` Zmbackup: LDAP - Can't extract accounts from LDAP - Error below: Zmbackup: ldap_start_tls: Connect error (-11)#012#011additional info: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (self signed certificate in certificate chain)#012ldap_result: Can't contact LDAP server (-1) Zmbackup: Mail sent to admin@email to notify about the backup routine conclusion. Zmbackup: Excluding the temporary files before close. ``` and I'm receiving an email confirming proper result of the backup task: ``` Greetings Administrator, This is an automatic message to inform you that the process for Account - Only LDAP BACKUP that you scheduled ended right now. Here some information about this session: Size: 0 Accounts: 0 Status: SUCCESS Regards, Zmbackup Team Summary of files: ```

kerem added the

Bug Report

label 2026-02-27 08:14:27 +03:00

kerem commented 2026-02-27 08:14:28 +03:00

Author

Owner

Copy link

@lucascbeyeler commented on GitHub (Feb 6, 2021):

I will take a look at this

<!-- gh-comment-id:774530993 --> @lucascbeyeler commented on GitHub (Feb 6, 2021): I will take a look at this

kerem commented 2026-02-27 08:14:28 +03:00

Author

Owner

Copy link

@soniqsoft commented on GitHub (Feb 8, 2021):

Great! Thanks!

<!-- gh-comment-id:774794130 --> @soniqsoft commented on GitHub (Feb 8, 2021): Great! Thanks!

kerem commented 2026-02-27 08:14:28 +03:00

Author

Owner

Copy link

@lucascbeyeler commented on GitHub (Mar 14, 2021):

Could you try executing this command before zmbackup?

export LDAPTLS_REQCERT=never

<!-- gh-comment-id:798890688 --> @lucascbeyeler commented on GitHub (Mar 14, 2021): Could you try executing this command before zmbackup? export LDAPTLS_REQCERT=never

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

1.2-version

devel

1.2.6

1.2.5

1.2.4

1.2.3

1.2.1

1.2.0

1.2.0-RC2

1.2.0-RC

1.2.0-BETA-5

1.1.9

1.1.8

1.2.0-BETA-4

1.1.7

1.2.0-BETA-3

1.1.6

1.2.0-BETA-2

1.2.0-BETA

1.1.5

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.2

1.0.1

1.0.0

1.0.0-RC2

1.0.0-RC

Labels

Clear labels   

Bug Report

  

Enhancement

  

Enhancement

  

Feature Idea

  

Feature Idea

  

Not Implemented

  

Question

  

Question

  

Task

  

Wontfix

  

pull-request

Mirrored from GitHub Pull Request

No labels

Bug Report

Enhancement

Enhancement

Feature Idea

Feature Idea

Not Implemented

Question

Question

Task

Wontfix

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/zmbackup#123

No description provided.