- Michael Monnerie
- IP: 22.214.171.124
I've first-time setup Kerio now, in multiserver setup. I followed your guide
which I like because it's good and short for advanced admins. What is missing though, is some introduction about the concepts (though the picture explains a lot, some text would be nice).
I used dhcp for the servers as needed, which I immediately setup to give a fixed IP to the various VMs. This messes up the setup obviously, as IPs changed. As I don't know the concept behind, I recreated the VMs and installed new, ensuring the correct IP is assigned before installation this time. There should be a possibility to re-install a VM (reset into fresh mode from CLI) in case it stopped in the setup process, so that an error isn't that hard.
Even better: provide a menu to setup a fixed IP. We would never run a KCMS environment where the servers need a DHCP.
It was also not clear that the name of the puppet master should be DNS resolvable.
When Kerio asks for the Admin password, it mentions that it needs to be at least 8 chars I took one that is 7 chars, and was accepted. Either change docu or program.
Now I have the VMs installed. But there are some questions open:
It seems the backend on port 4040 has the config interface, and I licensed it.
I can see „Instant Messaging" is red, so not running. I didn't configure it until now. When trying to access it on port 4040, it asks for the „Internet hostname" again. Should this be a different one than the one from frontend? I went through the process, it was the same than on „backend". I don't understand the difference of backend and IM. Can you elaborate? I found no docs of IM in multiserver setup. How do we get IM running in KCMS?
Now I configured a lot in the backend interface already, and had to change IPs for the servers again. On the puppetmaster and backend the mysql/mariadb doesn't start up anymore. I have no idea how to fix that, the error log is very uninformative. What do I need to do?
When trying to send e-mail into KCMS on port 25, we get "internal error", is that because of the not running DBs?
Maybe we should re-install again. How can we save the config we already did, to import it in the new installation?
To sum up: Many small annoying things that could be improved, especially the setup process and the docu for the concepts, and what the different roles are for and what they need.
- Michael Monnerie
- IP: 126.96.36.199
I found the "hosting guide" in the KB, which provides a nice overview:
- IP: 188.8.131.52
I hope this helps.
Back-End Server(s) - at least on here, more can be installed later
Set primary domain
Needed in our setup as our DNS domain (ad.foo.org) is not the same as our email domain (foo.gov)
The primary domain needs to be set on the Back-End server under Configuration widget > Domains
Right click domain that you want to be primary and click 'Set as primary', repeat process on each Back-End server
For IM you go to the first Back-End server and choose the Configuration widget > Domains
Right-click any white space in the main window and choose 'Distributed Domains'. You should see any other Back-End servers (if you have them) and the IM server as 'Available'.
Login to the web console on your IM server (http://kerio-im:4040 for example) and choose the Configuration widget > Domains
Right click any white space in the main window and choose Add > Distributed Domain
Choose the domain that you want to enable IM for and then 'OK'
Set the target domain as your primary domain on the IM server if you are in a single domain setup and your DNS domain is different than your email domain.
Note that your load balancer will use the same service side VIP but will send XMPP/XMPPS traffic to the IM server and not to the Front-End Server(s) or Back-End Server(s) if that makes sense.
In our environment we have a single VIP that targets all services (HTTP, HTTPS, IMAP, IMAPS, POP, POPS, SMTP, SMTPS, SMTP Submission) to the Front-End Servers except for XMPP and XMPPS which target the IM server.
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of