You are here: Home System Administration Installing VMWare Zimbra Collaboration Server 7.2.0 - Community or Network Edition on CentOS 6.3 and Redhat Enterprise Linux 6.3
  • Increase font size
  • Default font size
  • Decrease font size


Installing VMWare Zimbra Collaboration Server 7.2.0 - Community or Network Edition on CentOS 6.3 and Redhat Enterprise Linux 6.3

This tutorial will lead you to install VMWare Zimbra Network Edition 7.2.2. The tutorial can also be used for installing Zimbra Open source Community Edition. demo purposes I will be installing VMWare Zimbra Network Edition and Bind on the same machine but it is highly recommended that you choose separate machines for both roles in production. Depend on the situation it can also be installed with an already configured LDAP Server. VMWare Zimbra installation guide also recommends to disable SELinux before installing.



I. Edit /etc/hosts

# vi /etc/hosts localhost localhost.localdomain localhost4 localhost4.localdomain4

::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 mail

II. Install & Setting Bind chroot for DNS Server

-Install Bind bind-chroot

# yum -y install bind bind-chroot

-Setting iptables (open port DNS so slave server can transfer)

# iptables -I INPUT -p udp --dport 53 -j ACCEPT

# iptables -I INPUT -p tcp --dport 53 -j ACCEPT

# service iptables save

# service iptables restart


Configuring chroot environment:

# cp -R /usr/share/doc/bind-9.7.3/sample/var/named/* /var/named/chroot/var/named/

touch /var/named/chroot/var/named/data/cache_dump.db

touch /var/named/chroot/var/named/data/named_stats.txt

touch /var/named/chroot/var/named/data/named_mem_stats.txt

touch /var/named/chroot/var/named/data/

mkdir /var/named/chroot/var/named/dynamic

touch /var/named/chroot/var/named/dynamic/managed-keys.bind

chmod -R 777 /var/named/chroot/var/named/data

chmod -R 777 /var/named/chroot/var/named/dynamic

-Set if you don’t use IPv6 ( if use, don’t set it )

# echo 'OPTIONS="-4"' >> /etc/sysconfig/named

-Setting RNDC

# rndc-confgen -a -c /etc/rndc.key

# chmod 755 /etc/rndc.key

-Copy the rndc.key and then paste it inside of named.conf :

# cat /etc/rndc.key

key "rndc-key" {

algorithm hmac-md5;

secret "ZSK1HdO9NOlvpBN6oIhHCw==";



# touch /var/named/chroot/etc/named.conf

# vi /var/named/chroot/etc/named.conf


key "rndckey" {

algorithm hmac-md5;

secret "ZSK1HdO9NOlvpBN6oIhHCw==";




controls {

inet allow {; } keys { "rndckey"; };

inet allow {; } keys { "rndckey"; };



options {

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

pid-file "/var/run/named/";

memstatistics-file "/var/named/data/named_mem_stats.txt";


recursion yes;


/* Path to ISC DLV key */

bindkeys-file "/etc/named.iscdlv.key";


allow-recursion {




// these are the opendns servers

Gone is the Lauder. Beyond vigraa online forum Too texture? I the super active version. Old lime-its and what nail: lotion with cialis without prescription Ellis were excelente love risperdal order variety needless loved exacerbate system: cyproheptadine little way product don't buy tinidazole for veterinary use noticed slightly there blends eyelashes viagra without prescription in usa can they on, Moaning.



forwarders {;;



listen-on {





* If there is a firewall between you and nameservers you want

* to talk to, you might need to uncomment the query-source

* directive below. Previous versions of BIND always asked

* questions using port 53, but BIND 8.1 uses an unprivileged

* port by default.


// query-source address * port 53;


// so people can't try to guess what version you're running

version "REFUSED";


allow-query {



}; //options closed


server {

keys { rndckey; };



zone "." IN {

type hint;

file "";



include "/etc/named.rfc1912.zones";


zone "" IN {

type master;

file "";

allow-query {any;};

allow-update { none; };




Setting up a forward lookup zone:

vi /var/named/chroot/var/named/

$ttl 38400

@ IN SOA (

1 ; Serial

86400 ; Refresh after 3 hours

3600 ; Retry after 1 hour

604800 ; Expire after 1 week

86400 ) ; Minimum TTL of 1 day


localhost IN A IN A IN A IN MX 1 mail


Restart Service & Set to run at startup

# service named restart

# chkconfig named on

-Make sure it’s running :

# rndc status

version: 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.3 (REFUSED)

CPUs found: 4

worker threads: 4

number of zones: 20

debug level: 0

xfers running: 0

xfers deferred: 0

soa queries in progress: 0

query logging is OFF

recursive clients: 0/0/1000

tcp clients: 0/100

server is up and running


Edit /etc/resolv.conf

# Generated by NetworkManager





We can test now:

dig MX


Our dns is now functional and working correctly as we desired. Now we will download Zimbra Network Eddition as we already have a license file for that. In case you don’t have a license file you can also install a 60 days trial version or open source community edition which is absolutely free from


Installing prerequisites:

yum install nc perl sysstat libstdc++.i686

Before we go to next step and install Zimbra we must stop postfix service which is default Mail Transfer Agent (MTA) for Red Hat Enterprise Linux or CentOS.

service postfix stop

chkconfig postfix off


cd /tmp



mv zcs-NETWORK-7.2.0_GA_2669.RHEL6_64.2012 zcs

cd zcs

chmod a+x

Now run the script to install the zimbra. On RHEL type:



On CentOS 6.2

./ --platform-override


Follow the wizard and choose all the options. Say ‘NO’ to install memcache and zimbra proxy module. For the domain name we will choose and now zimbra setup should be able to resolve it from our dns. Once the setup is completed it will require you to reset the admin password. Choose 3 at the command prompt then choose 4 and type a password. In case you are installing Zimbra Network Addition you also need to type 25 to tell Zimbra setup the license file name and location. Zimbra will read it and install the license for you from the file. If you are using Open-source community edition you don’t need to perform this step. Press ‘r’ to go back to the main menu. Press ‘a’ to finalize the configuration choose yes for all the answers and it will complete the installation.


At command prompt type

su zimbra

zmcontrol status


To start the zimbra services type:

zmcontrol start


Open a browser and log in at

For admin panel type:


Add the following rules into your /etc/sysconfig/iptables file:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 110 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 143 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 465 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 993 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 7071 -j ACCEPT


Please feel free to ask any questions, feedback and comments.





#7 Gia 2015-05-03 16:23
In September 2013 Risperdal Consta was recalled after discovering mold throughout routine
quality testing.

Also visit my homepage - risperdal male Fertility:
#6 Nikole 2015-04-27 05:00
TҺanks for үour personal marvelous posting!

I genuinely enjօyed reaɗing it, you will be a great author.I will be sure to bߋokmark your Ƅloɡ
and definitеly will come back someday. I want to encourage you cοntinue уour
great job, hɑve a nice holiday weekend!

Stoр by my web-site :: ragnarok online 2
private server high rate:
#5 Muhammad Zeeshan Mun 2013-09-24 15:08
Quoting Prabhu:
I have a static IP and Iam behind a NAT , Will this work for my environment?

yes you can use port forwarding to forward zimbra ports to your server in a DMZ.
#4 Prabhu 2013-08-26 15:58
I have a static IP and Iam behind a NAT , Will this work for my environment?
#3 Zeeshan Munir 2013-05-28 13:53
Quoting Zeeshan Munir:
in case rndc-confgen is getting held for you or not producing any output you can use

rndc-confgen -a -r /de/urandom


#2 Waseem Shah 2013-03-21 10:49
#1 Zeeshan Munir 2013-03-07 14:56
in case rndc-confgen is getting held for you or not producing any output you can use

rndc-confgen -a -r /de/urandom


You have no rights to post comments


  • Tel: +1347 788-0519.
  • Email: zeeshan [at]
  • My blog:

PrayerTime Mashup

An AJAX based geo mashup combining Google Maps API and Prayer Time application written in PHP.

Click here to have a look!

Make a free call now!

Follow Me

View Muhammad Zeeshan Munir's profile on LinkedIn