Results 1 to 5 of 5

Thread: External ldap, friend or foe?

  1. #1
    greavr is offline New Member
    Join Date
    Nov 2007
    Posts
    3
    Rep Power
    7

    Cool External ldap, friend or foe?

    Hi everyone,

    We're looking into implenting a complete overall of the IT systems in place. Taking everything from M$ to linux based. From the email server, PDC and file server. However the users will still be using XP.

    To make things easier i am trying to create a central LDAP from which everything authenicates against.

    So I was wondering is it possible to do this with zimbra, if so can it:
    a) auto create users in zimbra when they are created in Samba
    b) be able to link to a secondary LDAP server should the first fail

    Im looking forward to setting this system up and have high hopes from zimbra.

    Thanks for your help on this.

    Rick

  2. #2
    kirme3 is offline Trained Alumni
    Join Date
    Apr 2006
    Location
    Illinois
    Posts
    194
    Rep Power
    9

    Default

    Using external ldap for Zimbra authentication definitely works. However, it would be up to you to figure out how to have user's auto created in Zimbra. The usual recommended option is to have the ldap server do a SOAP call to the Zimbra server to create new users as is needed. Another option is to have the ldap server ssh to the zimbra server to run the zmprov command and create/edit/delete...etc.. users.

    As for linking to a secondary ldap server, that is also doable. I'm not sure if the auth only tries the second upon a failure of the first, or if both of them are used, though.

    Here's more info from the wiki:
    LDAP Authentication - Zimbra :: Wiki

  3. #3
    shideg is offline Intermediate Member
    Join Date
    Oct 2006
    Posts
    19
    Rep Power
    8

    Default Multiple External Authentication

    Quote Originally Posted by kirme3 View Post
    As for linking to a secondary ldap server, that is also doable. I'm not sure if the auth only tries the second upon a failure of the first, or if both of them are used, though.

    Here's more info from the wiki:
    LDAP Authentication - Zimbra :: Wiki
    There is nothing on that Wiki page describing secondary external authentication & failover, nor have I found a way to do this in the admin web GUI.

    Is this actually an option?

    We will soon be migrating from an LDAP server to Active Directory, and I need to be able to have Zimbra try AD then LDAP in succession for user authentication.

    Thanks.

    --Steve Hideg
    Saint Mary's College

  4. #4
    rsharpe is offline Elite Member & Volunteer
    Join Date
    Nov 2005
    Location
    London, ON
    Posts
    255
    Rep Power
    9

    Default

    In the admin console you can setup the domain to do external authentication, its very easy just follow the wizard.

  5. #5
    shideg is offline Intermediate Member
    Join Date
    Oct 2006
    Posts
    19
    Rep Power
    8

    Default

    Quote Originally Posted by rsharpe View Post
    In the admin console you can setup the domain to do external authentication, its very easy just follow the wizard.
    I need to set up more than one external server. I see an "Add URL" button. That would let me point zimbra to multiple LDAP servers, but what if one is an Active Directory server and one is an iPlanet LDAP server?

    There's only one field for an LDAP filter and one field for search base, but the DITs and schemas of the two servers are necessarily different. It doesn't appear that such a situation can be accommodated in that part of the GUI.

    Can this scenario be accommodated? Two external servers:

    Try authenticating against an Active Directory Server.

    If that fails, try authenticating against an LDAP server (with a different DIT structure and schema).

    Thanks.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. About external LDAP problem, urgent!
    By bylong in forum Administrators
    Replies: 5
    Last Post: 08-24-2007, 07:10 PM
  2. Zimbra Install Problem - getDirectContext
    By bsimzer in forum Installation
    Replies: 27
    Last Post: 07-19-2007, 10:12 AM
  3. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM
  4. External LDAP Problem
    By facerw in forum Installation
    Replies: 7
    Last Post: 05-08-2007, 04:29 AM
  5. Authentication to external ldap stop working.
    By jahaj in forum Installation
    Replies: 3
    Last Post: 12-05-2006, 03:17 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •