Can't create new account; domain already exists in the Apache configuration.

[jndawson]

We have a domain that is used for all network servers/routers/etc. (network.tld). The domain has a website that's been running on a non-cpanel server that is finally getting decommissioned. All name servers are clustered cPanel servers.

We want to move the website to one of our cPanel boxes (all of which use network.tld hostnames). We do not have a network.tld account on any of them, so we need to create a cPanel account.

The network.tld zone is rather extensive, so we backed it up in order to restore it after the account is created since the create function removes the zone. We began the create process and received the following error:

Account Creation Status: failed

(XID yv7exg) The domain “network.tld” already exists in the Apache configuration.

The server hostname is cp1.network.tld, so obviously network.tld is in the httpd.conf file. Removing it doesn't seem like a great idea. (Also, there are about 1500 legacy network.tld customers that would be affected in some way).

Is there an easy way, or maybe a not so easy way, to add the account without having to change the server's domain?

 

[cPanelLauren]

Hi @jndawson


From what you're describing it doesn't sound like the issue is the network.tld subdomains that is the problem it's the root network.tld


In order to add the account you'd first need to remove any references to the root domain of network.tld (subdomains should be ok)

Are the customers using subdomains of network.tld or somehow using network.tld itself?

 

[jndawson]

From what you're describing it doesn't sound like the issue is the network.tld subdomains that is the problem it's the root network.tld

Yes.

In order to add the account you'd first need to remove any references to the root domain of network.tld (subdomains should be ok)

Yes, and we're asking how is the easiest way to do so with the least amount of impact, preferably without renaming the server. And if it's renamed and the network.tld account is set up, would we be able to rename the server back to it's original hostname?

Are the customers using subdomains of network.tld or somehow using network.tld itself?

The server itself is a subdomain of the network.tld. The subdomain is used for what one would assume it's used for: server access for email, ftp, etc. Many customers don't have ssl/tls certs on their accounts and use the server's url for access (please don't suggest turning on autossl for low value accounts - this is not a business practices discussion).

 

[cPanelLauren]

Yes, and we're asking how is the easiest way to do so with the least amount of impact, preferably without renaming the server. And if it's renamed and the network.tld account is set up, would we be able to rename the server back to it's original hostname?

Like I noted, the issue isn't with the subdomains (ex. cp1.network.tld, test.network.tld) the issue is that the root domain network.tld already exists in the apache configuration on the server. you can create the account subdomain.network.tld and then decide later you want the new account network.tld as well.

The server itself is a subdomain of the network.tld. The subdomain is used for what one would assume it's used for: server access for email, ftp, etc. Many customers don't have ssl/tls certs on their accounts and use the server's url for access

The hostname *should* be a subdomain this sounds like it's configured properly.

 

[jndawson]

Like I noted, the issue isn't with the subdomains (ex. cp1.network.tld, test.network.tld) the issue is that the root domain network.tld already exists in the apache configuration on the server.

Yes, hence the NAME OF THIS POST. We KNOW what the issue is.

you can create the account subdomain.network.tld and then decide later you want the new account network.tld as well.

We've already decided we want the network.tld account. We know we need to remove the network.tld domain from Apache in order to add the network.tld account to the same server.

Creating a subdomain account is an exercise in futility: create an account we don't want, nor need, nor have any use for and which doesn't resolve the issue, leaving us with the exact same question we're asking, which is, "How do we remove the domain from the Apache configuration, create an account for that domain, and then return the original hostname to the server without screwing things up?"

The hostname *should* be a subdomain this sounds like it's configured properly.

The proper configuration has not been the issue, nor was it a question.

 

[cPanelLauren]

These posts indicate that you're referencing the subdomain - I apologize for the confusion but I'm trying to clarify that the subdomain can be there in the DNS zone files and the apache configuration. Without having to change anything you should be able to add network.tld

Yes, and we're asking how is the easiest way to do so with the least amount of impact, preferably without renaming the server. And if it's renamed and the network.tld account is set up, would we be able to rename the server back to it's original hostname?

The server itself is a subdomain of the network.tld

As far as wanting to remove references to just network.tld so you can add it to the server, this is a little more complicated and would require many steps so it's not really something I can tell you the easiest way, the only way is the following:

First you'd need to ensure network.tld (not subdomains) is not listed as an account or addon/parked domain of any of the domains on the server - you should be able to do this by checking

/var/cpanel/users/$user files
/var/cpanel/userdata/$user/ files

Once you're sure it's not referenced here run:

/scripts/updateuserdomains   
/scripts/updateuserdatacache
mv /etc/apache2/conf/httpd.conf /etc/apache2/conf/httpd.conf.bk
/scripts/rebuildhttpd.conf
/scripts/restartsrv_httpd

Just to be safe you might also want to check:

/etc/userdomains
/etc/trueuserdomains
/etc/userdatadomains
/etc/localdomains

And you may also want to ensure that the following are ON in WHM>>Server Configuration>>Tweak Settings:

Allow cPanel users to create subdomains across accounts
Allow WHM users to create subdomains across accounts
Allow Remote Domains

 

[jndawson]

These posts indicate that you're referencing the subdomain - I apologize for the confusion but I'm trying to clarify that the subdomain can be there in the DNS zone files and the apache configuration. Without having to change anything you should be able to add network.tld

I mentioned the subdomain/hostname because that's what's assigned to the server, but the issue has always been not being able to add the account due to the domain already being used. Obviously, it's being used as the domain for the name of the server.

As far as wanting to remove references to just network.tld so you can add it to the server, this is a little more complicated and would require many steps so it's not really something I can tell you the easiest way, the only way is the following:

First you'd need to ensure network.tld (not subdomains) is not listed as an account or addon/parked domain of any of the domains on the server - you should be able to do this by checking

/var/cpanel/users/$user files
/var/cpanel/userdata/$user/ files

Once you're sure it's not referenced here run:

/scripts/updateuserdomains  
/scripts/updateuserdatacache
mv /etc/apache2/conf/httpd.conf /etc/apache2/conf/httpd.conf.bk
/scripts/rebuildhttpd.conf
/scripts/restartsrv_httpd

Again, there is no existing account, and we already ran through all of those files and determined that the domain is in the Apache configuration because the hostname is the name of the server and the installation process for the server requires a hostname be assigned, which is why the network.tld domain was used because all of our servers/routers use that domain.

Just to be safe you might also want to check:

/etc/userdomains
/etc/trueuserdomains
/etc/userdatadomains
/etc/localdomains

Here's what we found, which was expected:

/etc/localdomains:cp1.network.tld
/etc/remotedomains:network.tld
/etc/remotedomains:list.network.tld <=== No idea why this is in here as that's another server entirely.
/etc/ssldomains:network.tld: 123.123.123.123
/etc/ssldomains:cp1.network.tld: 123.123.123.123

So, do we remove those entries? Sounds a bit sketchy. Do we use WHM > Networking Setup > Change Hostname? Instructions clearly state, "It is important to choose a hostname that you will not be using for any account."

And you may also want to ensure that the following are ON in WHM>>Server Configuration>>Tweak Settings:

Allow cPanel users to create subdomains across accounts
Allow WHM users to create subdomains across accounts
Allow Remote Domains

How would that help?

 

[cPanelLauren]

Again, there is no existing account, and we already ran through all of those files and determined that the domain is in the Apache configuration because the hostname is the name of the server and the installation process for the server requires a hostname be assigned, which is why the network.tld domain was used because all of our servers/routers use that domain.

You are able to use a subdomain of a domain as the hostname though, this is what I've been trying to explain. The only caveat is that subdomain which is used as the hostname cannot be used for anything else, the root domain can be used though. So I can have my hostname as server.cptest.com and an account on my server for cptest.com which does not cause conflict. Something else is happening here there's something else causing the conflict to occur I don't believe it's the hostname. Otherwise, no one would be able to create a server with one domain, they'd need to own two which is not the standard.

Here's what we found, which was expected:

/etc/localdomains:cp1.network.tld
/etc/remotedomains:network.tld
/etc/remotedomains:list.network.tld <=== No idea why this is in here as that's another server entirely.
/etc/ssldomains:network.tld: 123.123.123.123
/etc/ssldomains:cp1.network.tld: 123.123.123.123

I tested this thoroughly on my server using the domain cptest.com, I added it into /etc/remotedomains, /etc/ssldomains and then rebuilt the apache configuration then tried to create the account cptest.com, which completed successfully. There is no purpose for the domain network.tld to be listed in /etc/ssldomains and /etc/remotedomains. All this does is further enforce that the root domain is referenced within and acccount or in the configuration on the server somewhere.

So, do we remove those entries? Sounds a bit sketchy. Do we use WHM > Networking Setup > Change Hostname? Instructions clearly state, "It is important to choose a hostname that you will not be using for any account."

A hostname that will not be used for any account, meaning the subdomain.domain.tld this does not mean domain.tld can't be used.

How would that help?

When you do add the domain, if you want to add other subdomains of it you'll need to have this set to on or WHM will deny them as well.

Here is my test using the domain test.com:

]# hostname
v70.test.com

We can clearly see it exists in the apache configuration as well as other configurations in /etc/ including /etc/localdomains:

# grep -r test.com /etc/
/etc/hosts:172.16.0.122        v70.test.com v70
/etc/sysconfig/network:HOSTNAME=v70.test.com
/etc/sysconfig/network:DOMAINNAME=test.com
/etc/hostname:v70.test.com
/etc/apache2/conf/httpd.conf:ServerName v70.test.com
/etc/apache2/conf/httpd.conf:    ServerAlias v70.test.com
/etc/apache2/conf/httpd.conf:    ServerName v70.test.com
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    RewriteCond %{HTTP_HOST} !^v70.test.com$
/etc/apache2/conf/httpd.conf:    ServerName v70.test.com
Removed other domain references in datastore
/etc/dovecot/sni.conf:local_name "v70.test.com" {

/etc/wwwacct.conf:NS ns1.v70.test.com
/etc/wwwacct.conf:NS2 ns2.v70.test.com
/etc/wwwacct.conf:HOST v70.test.com

/etc/localdomains:v70.test.com
removed wwwacct.conf entries

Check Userdata:

[root@v70 ~]# grep -r test.com /var/cpanel/users/
[root@v70 ~]#
[root@v70 ~]# grep -r test.com /var/cpanel/userdata/
/var/cpanel/userdata/nobody/main:main_domain: v70.test.com
/var/cpanel/userdata/nobody/main.cache:{"addon_domains":{},"sub_domains":[],"main_domain":"v70.test.com","parked_domains":[]}

Looking for apache includes:

[root@v70 ~]# grep -r test.com /etc/apache2/conf.d/
[root@v70 ~]#

Now Because I don't have an SSL on my hostname (because it doesn't resolve to a real IP) I'll manually add it into /etc/ssldomains:

[root@v70 ~]# cat /etc/ssldomains
v70.test.com: 123.45.67.89

I've also added a subdomain to /etc/remotedomains:

[root@v70 ~]# cat /etc/remotedomains
test.test.com

I've also added the domain test.com to /etc/ssldomains and /etc/remotedomains

[root@v70 ~]# cat /etc/remotedomains
test.test.com
test.com

[root@v70 ~]# cat /etc/ssldomains
v70.test.com: 172.16.0.122
test.com: 172.16.0.122

So to summarize so far:

1. We have the hostname setup to be v70.test.com
2. We have the hostname present in the Apache Configuration, /etc/localdomains, /etc/ssldomains
3. We have the test.com domain added to /etc/remotedomains /etc/ssldomains but not present anywhere else on the server.

Now I create the account:

# /scripts/createacct test.com cptest <PASSWORD>
+===================================+
| New Account Info                  |
+===================================+
| Domain: test.com
| UserName: cptest
| PassWord: <PASSWORD>
+===================================+

This ok? y
Checking input data...Validating Username......Done
Validating IP......Done
Validating Contact Email......Done
...Done
Validating system setup......Done
Checking for database conflicts......Done
WWWAcct 12.6.0 (c) 2018 cPanel, Inc.......Done
Running pre creation script (/usr/local/cpanel/scripts/prewwwacct)......Done
Adding User......Done
Adding Entries to userdata......Done
Setting up Mail & Local Domains......Done
Configuring DNS......Done
Verifying MX Records and Setting up Databases......Done
Setting up Proxy Subdomains......Done
Updating Authentication Databases......Done
Adding Entries to httpd.conf......Done
Setting passwords......Done
Updating the userdata cache......Done
Setting up Horde database in the background.......Done
Creating bandwidth datastore......Done
Updating the dedicated IP address usage cache......Done
Generating and installing DKIM keys......Done
Enabling Apache SpamAssassin™......Done
Sending Account Information......Done
Running post creation scripts (/usr/local/cpanel/scripts/legacypostwwwacct, /usr/local/cpanel/scripts/postwwwacct, /usr/local/cpanel/scripts/postwwwacctuser)......Done
Setting up Domain Pointers......Done
Setting Reseller Privs......Done
Account Creation Complete!!!......Done
Account Creation Ok
Dns Zone check is enabled.


+===================================+
| New Account Info                  |
+===================================+
| Domain: test.com
| Ip: 10.18.17.250 (n)
| HasCgi: y
| UserName: cptest
| PassWord: <PASSWORD>
| CpanelMod: paper_lantern
| HomeRoot: /home
| Quota: 0 bytes
| NameServer1: ns1.v70.test.com
| NameServer2: ns2.v70.test.com
| NameServer3:
| NameServer4:
| Contact Email:
| Package: default
| Feature List: default
| Language: en
+===================================+
Custom Account Data Provided: no
Adding Shell Access (y)
Successlocaldomains...valiases ...vdomainaliases ...vfilters ...Bind reconfiguring on v70 using rndc
Zone test.com has been successfully added
Reconfiguring Mail Routing:
LOCAL MAIL EXCHANGER: This server will serve as a primary mail exchanger for test.com's mail.:
 This configuration has been manually selected.

Bind reloading on v70 using rndc zone: [test.com]
wwwacct creation finished
Account Creation Ok

As we can see that was completed successfully with the hostname of the server being v70.test.com which I hope shows you that the issue must be something other than the hostname. The network.tld domain must be referenced on the server somewhere else.

So references to just network.tld are what need to be removed, the references to the subdomain (hostname) don't.

I know you have the hostname DNS zone present in /var/named are there any references to just network.tld? Please also check /etc/apache2/conf.d/includes

 

[jndawson]

Lauren - Thanks, this is what we were looking for. We'll go through it and report back.

 

[cPanelLauren]

Hi @jndawson

I'm really happy that helped, please let us know what you find!


Thanks!

 

[jndawson]

Here's what we did.

We re-checked all of the obvious Apache-related build files - no instance of network.tld except in the /etc/*domains files as previously noted. Rebuilding httpd.conf still resulted in httpd.conf entries:

/etc/apache2/conf/httpd.conf:ServerAdmin [email protected]
/etc/apache2/conf/httpd.conf:ServerName cp1.network.tld
/etc/apache2/conf/httpd.conf:    ServerAlias cp1.network.tld
/etc/apache2/conf/httpd.conf:    ServerAdmin [email protected]
/etc/apache2/conf/httpd.conf:    ServerName cp1.network.tld
/etc/apache2/conf/httpd.conf:    ServerAdmin [email protected]
/etc/apache2/conf/httpd.conf:  ServerName network.tld
/etc/apache2/conf/httpd.conf:  ServerAlias www.network.tld
/etc/apache2/conf/httpd.conf:  ServerAdmin [email protected]

Reminder on the /etc/*domains:

[ root@cp1 ~># grep network.tld /etc/*domains
/etc/localdomains:cp1.network.tld
/etc/remotedomains:network.tld
/etc/remotedomains:list.network.tld <=== Still no idea why this is in here as that's another server entirely.
/etc/ssldomains:network.tld: 123.123.123.123
/etc/ssldomains:cp1.network.tld: 123.123.123.123

We edited those:

/etc/localdomains:cp1.network.tld
/etc/remotedomains:network.tld
/etc/ssldomains:cp1.network.tld: 123.123.123.123

Rebuilt httpd.conf:

[ root@cp1 ~># /scripts/rebuildhttpdconf
Built /etc/apache2/conf/httpd.conf OK

Resulted in httpd.conf:

[ root@cp1 ~># grep network.tld /etc/apache2/conf/httpd.conf
ServerAdmin [email protected]
ServerName cp1.network.tld
   ServerAlias cp1.network.tld
   ServerAdmin [email protected]
   ServerName cp1.network.tld
   ServerAdmin [email protected]
  ServerName cp1.network.tld
  ServerAlias www.cp1.network.tld
  ServerAdmin [email protected]

We were then able to create the network.tld account. The only hiccup came when named wouldn't read the restored zone record, which took about 15 minutes to fix, causing some temporary routing issues.

Thanks for the help.

 

[cPanelLauren]

HI @jndawson

Thanks for the detailed step by step on what you did, this is great and thank you for updating us on what did end up working. I'm glad it's all sorted out for you now!

Thanks!