Just came back from Madrid, where a new customer of us is giving Zimbra a try to migrate all their accounts from a classic Postfix server. Now they have 200 licenses of the ZCS and it could grow up to 5000 users in two years.
Now it turns out that they are trying to centralise all their systems and use one OpenLDAP directory for all. They have developed a tool to manage that directory, which uses standard OpenLDAP objects plus their custom objects to create the needed schema.
And they asked me whether Zimbra would integrate with that OpenLDAP. Million dollar question, I believe. So, I've been investigating this (Zimbra forums, wiki, and my own knowledge of OpenLDAP) and, so far, I have reached to these conclusions:
- It should work
- It would require a huge effort in terms of investigate and test
- Unpredictable conflicts or problems would arise.
- Data would have to be migrated from the existing Zimbra LDAP to their central LDAP (custom made script?)
- They are not the only one in this situation, but I have not found anyone on these forums that has successfully completed such endeavour.
- It would require their own tool to manage their object classes
- It would require Zimbra to manage its classes
- Or extensions for the Zimbra admin console would have to be developed.
- It would avoid having to duplicate accounts and data
- Their LDAP cluster would do great in terms of performance (instead of Zimbra LDAP), as they are specifically designing it to support tons of queries from all systems.
- It would be risky when upgrading Zimbra (I've read somewhere that Zimbra does not recommend that and won't take any responsibility)
- It would be awesome, technically speaking.
I would like to hear opinions, past experiences, recommendations, suggestions, etc, both official and unofficial. I've read several times that Zimbra aims at supporting this, but I am afraid it's not yet the case, is it?
Thanks in advance.