Setting Up NTP (Network Time Protocol) Server in RHEL/CentOS 7

Step 1: Install ntp server package

#yum install ntp -y

Step 2: Get official NTP servers located near to your location. I am using Asia servers for this setup

server 0.asia.pool.ntp.org
server 1.asia.pool.ntp.org
server 2.asia.pool.ntp.org
server 3.asia.pool.ntp.org

Step 3: Open /etc/ntp.conf file

Add the servers replacing existing lines

server 0.asia.pool.ntp.org iburst
server 1.asia.pool.ntp.org iburst
server 2.asia.pool.ntp.org iburst
server 3.asia.pool.ntp.org iburst

Step 4: Allow your network for NTP sync in /etc/ntp.conf

restrict 192.168.0.0 mask 255.255.0.0 nomodify notrap

Step 5: Add log file entry in /etc/ntp.conf for troubleshooting purposes

logfile /var/log/ntp.log

Step 6: Save the file

Step 7: Add firewall rules for NTP service

# firewall-cmd –permanent –add-service=ntp
# firewall-cmd –reload

Step 8: Enable and Start NTP Service

# systemctl start ntpd
# systemctl enable ntpd
# systemctl status ntpd

[root@mail ~]# systemctl status ntpd
â ntpd.service – Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2016-08-22 21:35:11 PHT; 1h 2min ago
Process: 11184 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 11185 (ntpd)
CGroup: /system.slice/ntpd.service
ââ11185 /usr/sbin/ntpd -u ntp:ntp -g

Aug 22 21:35:11 mail.marskarthik.com systemd[1]: Starting Network Time Service…
Aug 22 21:35:11 mail.marskarthik.com systemd[1]: Started Network Time Service.
Aug 22 21:35:11 mail.marskarthik.com ntpd[11185]: proto: precision = 0.062 usec
Aug 22 21:35:11 mail.marskarthik.com ntpd[11185]: 0.0.0.0 c01d 0d kern kernel time syn…ed
Hint: Some lines were ellipsized, use -l to show in full.

Step 9: Run the following commands to verify NTP peers synchronization status and your system time

# ntpq -p
# date -R

[root@mail ~]# ntpq -p
remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
-mail.funix.net  128.199.84.169   3 u   77  128  377  218.562   96.769   5.066
*103-18-128-60.i 140.112.2.189    2 u   95  128  377   50.891   43.689   4.470
+send.mx.cdnetwo 204.123.2.5      2 u   98  128  357  126.984   52.270  10.885
+x.ns.gin.ntt.ne 249.224.99.213   2 u   90  128  377   57.621   38.352   4.129
[root@mail ~]# date -R
Mon, 22 Aug 2016 22:41:38 +0800
[root@mail ~]#

Step 10: Use this server ip address as your NTP server for your internal network devices/computers.

Posted in CentOS, Linux, RHEL | Leave a comment

A2Billing Installation and configurations in CentOS 5/6/7

A2Billing is free and open source software for Asterisk, providing telecoms customer management including admin, agent, customer and online signup pages, with flexible inline rating and billing of calls and services in real-time.

Pre-requisties:

php54w php54w-bcmath php54w-cli php54w-common php54w-devel php54w-embedded php54w-fpm php54w-gd php54w-intl php54w-ldap php54w-mbstring php54w-mcrypt php54w-mysql php54w-pecl-apc php54w-snmp php54w-soap php54w-xml php54w-xmlrpc

Before start the installation, change the apache user to asterisk user in httpd configurations

vi /etc/httpd/conf/httpd.conf
replace “user apache” and “Group apache”
with “User asterisk” and Group asterisk”

Step1:

First of all download the stable release of a2billing by executing the following command in my case it’s 2.2.0

# cd /usr/src

# wget https://github.com/Star2Billing/a2billing/archive/master.tar.gz –no-check-certificate
Unzip it.

# tar -xzf master.tar.gz

# mv a2billing-master a2billing

# cd a2billing

Copy the configurations file to /etc/

# cp /usr/src/a2billing/a2billing.conf /etc/a2billing.conf

Create and Import default a2billing database
#mysql -u root -p

> create database a2billing;

> use a2billing;

> GRANT ALL PRIVILEGES ON *.* TO ‘a2billing’@’localhost’ IDENTIFIED BY ‘a2billing’ WITH GRANT OPTION;

> GRANT ALL PRIVILEGES ON a2billing.* TO a2billing@localhost IDENTIFIED BY ‘a2billing’;

> FLUSH PRIVILEGES

> exit

# cd /usr/src/a2billing/DataBase/mysql-5.x

# ./install-db.sh

Copy the AGI file

# ln -s /usr/src/a2billing/AGI/a2billing.php /var/lib/asterisk/agi-bin/

Change the ownership permission for the asterisk files

# chown asterisk:asterisk /var/lib/asterisk/agi-bin/a2billing.php

# chmod +x /var/lib/asterisk/agi-bin/a2billing.php

# chown -R asterisk:asterisk /var/lib/asterisk/

Create an asterisk manager user for accessing the cli from a2billing

# vi /etc/asterisk/manager.conf
[myasterisk]
secret = mycode
deny=0.0.0.0/0.0.0.0
permit=127.0.0.1/255.255.255.0
read = system,call,log,verbose,command,agent,user
write = system,call,log,verbose,command,agent,user

Create web directories

# mkdir /var/www/html/a2billing
# ln -s /usr/src/a2billing/common /var/www/html/a2billing/common
# ln -s /usr/src/a2billing/admin /var/www/html/a2billing/admin
# ln -s /usr/src/a2billing/agent /var/www/html/a2billing/agent
# ln -s /usr/src/a2billing/customer /var/www/html/a2billing/customer

# chown -R asterisk:asterisk /var/www/html/a2billing/
# chown -R asterisk:asterisk /var/www/html/a2billing/common
# chown -R asterisk:asterisk /var/www/html/a2billing/admin
# chown -R asterisk:asterisk /var/www/html/a2billing/customer
# chown -R asterisk:asterisk /var/www/html/a2billing/agent

Add files into crontab
# Automatically added for A2Billing
0 * * * * php /usr/src/a2billing/Cronjobs/a2billing_alarm.php
0 12 * * * php /usr/src/a2billing/Cronjobs/a2billing_archive_data_cront.php
0 10 21 * * php /usr/src/a2billing/Cronjobs/a2billing_autorefill.php
#Batch process at 00:20 each day
20 0 * * * php /usr/src/a2billing/Cronjobs/a2billing_batch_process.php
#Bill DID usage at 00:00 each day
0 0 * * * php /usr/src/a2billing/Cronjobs/a2billing_bill_diduse.php
#Remind users of low balance every day at 06:00
0 6 * * * php /usr/src/a2billing/Cronjobs/a2billing_check_account.php
#Generate Invoices at 7am everyday
0 7 * * * php /usr/src/a2billing/Cronjobs/a2billing_invoice2_cront.php
0 7 * * * php /usr/src/a2billing/Cronjobs/a2billing_invoice_cront.php
#Check if balance below preset value, and email user if so.
1 * * * * php /usr/src/a2billing/Cronjobs/a2billing_notify_account.php
#Charge subscriptions at 06:05 on the 1st of each month
0 6 1 * * php /usr/src/a2billing/Cronjobs/a2billing_subscription_fee.php
#Update currencies at 01:00 each day
0 1 * * * php /usr/src/a2billing/Cronjobs/currencies_update_yahoo.php

Create log files
# touch /var/log/asterisk/a2billing-daemon-callback.log
# touch /var/log/a2billing/a2billing-daemon-callback.log
# touch /var/log/a2billing/cront_a2b_alarm.log
# touch /var/log/a2billing/cront_a2b_autorefill.log
# touch /var/log/a2billing/cront_a2b_batch_process.log
# touch /var/log/a2billing/cront_a2b_bill_diduse.log
# touch /var/log/a2billing/cront_a2b_subscription_fee.log
# touch /var/log/a2billing/cront_a2b_currency_update.log
# touch /var/log/a2billing/cront_a2b_invoice.log
# touch /var/log/a2billing/cront_a2b_check_account.log
# touch /var/log/a2billing/a2billing_paypal.log
# touch /var/log/a2billing/a2billing_epayment.log
# touch /var/log/a2billing/api_ecommerce_request.log
# touch /var/log/a2billing/api_callback_request.log
# touch /var/log/a2billing/a2billing_agi.log

Update the following fields of /etc/a2billing.conf

[database]
hostname = localhost
port = 3306
user = a2billing
password = a2billing
dbname = a2billing
; dbtype setting can either be mysql or postgres
dbtype = mysql

Restart the mysql service

# service mysqld stop
# service mysqld start

 

Give all permissions to a2billing folder

# chmod -R 777 /usr/src/a2billing/

Add the following lines in extensions.conf

[a2billing]
exten => _X.,1,NoOp(A2Billing Start)
exten => _X.,n,DeadAgi(a2billing.php,1,predictivedialer)
exten => _X.,n,Hangup

Now you open the browser and point to http://your-server-ip-address/a2billing/admin default username/password is root/changepassword.

Steps to setup the a2billing

1) Create Call Plan
2) Create Rate Card
3) Create Rates
4) Now again click on CallPlan and add the RateCard, you just created.
5) Add the Trunk and you can put the trunk name of the FreePBX or you give the IP address of the service provider directly.
6) Now Generate Customers, but before that, you should go to system settings Modify the following settings in Global list
Change value to “Yes” for use_dnid
Change value to “No” for use_realtime
Change value to “1_8” for asterisk_version

7) After creating the customer click on VoIP-settings you will see some red panels on the top of the browser so for generating the additional_a2billing_sip.conf and additional_a2billing_iax.conf click on these panels and reload asterisk, it will add the user in that file. Now you should include these files into sip.conf
#include additional_a2billing_sip.conf

Posted in Asterisk, Telephony | Leave a comment

Zimbra: Get mailbox size with status, created and last login date

Shell script to get mailbox size with status, created and last login date in Zimbra Server

zmaccts | grep “@” | awk ‘{print $1}’ > /tmp/mboxes.list
date > /tmp/mboxsize.txt
#echo “\n” >> /tmp/mboxsize.txt
for mb in `cat /tmp/mboxes.list`;
do
status=`zmaccts | grep $mb | awk ‘{print $1,”,”$2,”,”$3,”,”$5}’`;
msize=`zmmailbox -z -m $mb gms`;
echo “$status,$msize” >> /tmp/mboxsize.txt
done
echo “Completed”

Posted in Zimbra | Leave a comment

Zimbra fix: A network service error has occurred on Zimbra web client

By default Zimbra uses DoSFilter Throttling Mechanism to avoid large number of request over a short period of time. So if the Zimbra server see requests more than safe amount from an specific IP address / user that will be throttled and the user may face the “A network service error has occurred” error.

This feature is available in 8.5+ to prevent a malicious IP from trying brute force attacks.
For ZCS 8.7 or above

zmprov mcf zimbraHttpThrottleSafeIPs 10.1.1.2/32 zimbraHttpThrottleSafeIPs 192.168.9.0/24

or to append to an existing list of multi-valued zimbraHttpThrottleSafeIPs

zmprov mcf +zimbraHttpThrottleSafeIPs 10.1.1.2/32
zmprov mcf +zimbraHttpThrottleSafeIPs 192.168.9.0/24

For ZCS 8.6, 8.5 or previous

zmprov mcf zimbraHttpThrottleSafeIPs 10.1.1.2 zimbraHttpThrottleSafeIPs 192.168.9.5

or to append to an existing list of multi-valued zimbraHttpThrottleSafeIPs

zmprov mcf +zimbraHttpThrottleSafeIPs 10.1.1.2
zmprov mcf +zimbraHttpThrottleSafeIPs 10.1.1.50
zmprov mcf +zimbraHttpThrottleSafeIPs 192.168.9.5
zmprov mcf +zimbraHttpThrottleSafeIPs 192.168.9.6

Mailbox server restart is required when modifying these attributes.

zmmailboxdctl restart

Check these links below for more parameters on blocking

https://wiki.zimbra.com/wiki/DoSFilter
https://wiki.zimbra.com/wiki/Users_get_%27Network_service_error%27,_and_mailbox.log_shows_%27Access_to_IP_x.x.x.x_suspended,_for_repeated_failed_login%27

Posted in Zimbra | Leave a comment

Assign COS rights to user in Zimbra Server

zmprov grr global usr yourmail@yourdomain.com getCos
zmprov grr global usr yourmail@yourdomain.com listCos
zmprov grr global usr yourmail@yourdomain.com assignCos

Posted in Zimbra | Leave a comment

Enable Global Admin in Zimbra Server except “View Mail” option

zmprov ma admin@yourdomain.com zimbraAdminConsoleUIComponents accountListView  zimbraAdminConsoleUIComponents DLListView zimbraAdminConsoleUIComponents aliasListView zimbraAdminConsoleUIComponents resourceListView zimbraAdminConsoleUIComponents COSListView zimbraAdminConsoleUIComponents domainListView zimbraAdminConsoleUIComponents serverListView zimbraAdminConsoleUIComponents zimletListView zimbraAdminConsoleUIComponents adminZimletListView zimbraAdminConsoleUIComponents globalConfigView zimbraAdminConsoleUIComponents globalServerStatusView zimbraAdminConsoleUIComponents helpSearch zimbraAdminConsoleUIComponents saveSearch zimbraAdminConsoleUIComponents mailQueue zimbraAdminConsoleUIComponents backupsView zimbraAdminConsoleUIComponents certsView zimbraAdminConsoleUIComponents softwareUpdatesView zimbraAdminConsoleUIComponents bulkProvisionTasksView zimbraAdminConsoleUIComponents perServerStatisticsView zimbraAdminConsoleUIComponents globalPermissionView zimbraAdminConsoleUIComponents rightListView

Note: Below are list of Admin view’s available which can be assigned to delegated admin account.

Account List View           :    accountListView
Distribution List View      :    DLListView
Alias List View             :    aliasListView
Resource List View          :     resourceListView
Class of Service LIst View  :     COSListView
Domain List View            :    domainListView
Server List View            :    serverListView
Zimlet List View            :     zimletListView
Admin Zimlet List View      :    adminZimletListView
Global Settings View        :     globalConfigView
Global Server Status View   :    globalServerStatusView
Help Search View            :    helpSearch
Saved Searches View         :     saveSearch
Mail Queue View             :     mailQueue
Backups  View               :     backupsView
Certificates View           :     certsView
Software Updates            :     softwareUpdatesView
Account Migration           :    bulkProvisionTasksView
Per Server Statistics View  :     perServerStatisticsView
Global ACL View             :     globalPermissionView
Right List View             :    rightListView

Posted in Zimbra | Leave a comment

Revoke Rights for an admin user in Zimbra Server

zmprov revokeRight domain yourdomain.com usr email@yourdomain.com domainAdminRights
zmprov revokeRight domain yourdomain.com usr email@yourdomain.com domainAdminDistributionListRights

 

Posted in Zimbra | Leave a comment

Restrict admin access to specified domain in Zimbra Server using zimbraIsDelegatedAdminAccount

zmprov ma yourname@yourdomain.com zimbraAdminConsoleUIComponents accountListView zimbraAdminConsoleUIComponents DLListView
zmprov ma yourname@yourdomain.com zimbraIsDelegatedAdminAccount TRUE
zmprov ma yourname@yourdomain.com +zimbraAdminConsoleUIComponents accountListView
zmprov grr domain yourdomain.com usr yourname@yourdomain.com domainAdminRights
zmprov grr domain yourdomain.com usr yourname@yourdomain.com +deleteAccount
zmprov grr domain yourdomain.com usr yourname@yourdomain.com +listAccount
zmprov grr domain yourdomain.com usr yourname@yourdomain.com +renameAccount
zmprov grr domain yourdomain.com usr yourname@yourdomain.com +setAccountPassword
zmprov grr domain yourdomain.com usr yourname@yourdomain.com createAccount
zmprov grr domain yourdomain.com usr yourname@yourdomain.com listDomain
zmprov grr domain yourdomain.com usr yourname@yourdomain.com set.account.zimbraAccountStatus
zmprov grr domain yourdomain.com usr yourname@yourdomain.com set.account.sn
zmprov grr domain yourdomain.com usr yourname@yourdomain.com set.account.displayName
zmprov grr domain yourdomain.com usr yourname@yourdomain.com set.account.zimbraPasswordMustChange

Posted in Zimbra | Leave a comment

How to change admin account password in Zimbra Server

#zmprov sp admin@yourdomain.com YOURNEWPASSWORD

Posted in Zimbra | Leave a comment

How to create an Admin account in Zimbra Server

# zmprov ca accountname@yourdomain.com yourpassword zimbraIsAdminAccount TRUE

Posted in Zimbra | Leave a comment