Zimbra with MailArchiva LDAP authentication

[amorgan]

Ok we recently had an issue with our zimbra server. We did a clean install and decided to try to set up our MailArchiva server to connect to our zimbra ldap to allow everyone to pull whatever e-mail they needed back over. So far we haven't been able to get this working. I hope somone can tell me what I'm doing wrong....

Here is what mail archiva needs and what we've got it set to

LDAP Server Address: mail.ourdomain.com:389 (FQDNort)
Base DN: dc=ourdomain,dc=com
Service DN: cn=config
Service Account Password: randompassword
Bind Attribute: uid
Email Attribute: mail

I have also tried setting the Base DN to dc=mail,dc=ourdomain,dc=com
When I try to test the login I get...
Authentication failed. the user amorgan@ourdomain.com does exist in the LDAP repository. is the login name or bind attribute correct?

This makes me think that it is hitting the ldap server but can't find my address. I thought that maybe it was that the uid when I try to query the server comes back as amorgan and not my full e-mail address, so I tried setting the Bind Attrib to mail and it still doesn't work.

[amorgan]

the more I work with it, I'm thinking its that the Service DN is wrong or the Service Account Password is wrong, but I have no idea what it should be set to.

[mek1]

I remember LDAP login being a bit tricky for Zimba GAL. Perhaps this may shed light on MailArchive (which I've no experience with).

Here's our search base example which contained 'administrator';
LDAP search base: ou=Users,ou=company,dc=domain,dc=ourdomain,dc=com'

We ended up tracking the user down through it's LDAP OU's like this 'Bind DN: cn=administrator,cn=users,dc=domain,dc=ourdomain,d c=com'.

So, amorgan might be situated in LDAP like 'cn=amorgan,cn=users,dc=domain,dc=ourdomain,dc=com '

[amorgan]

I can use ldap search to search and see all of my users....

from another server I can

Code:

ldapsearch -h mail.ourdomain.com -xLLL -b "dc=ourdomain,dc=com"

And it will list all users and distribution lists.

I can change it to

Code:

ldapsearch -h mail.brantley.k12.ga.us -xLLL -b "uid=amorgan,ou=people,dc=brantley,dc=k12,dc=ga,dc=us"

and it returns just my information.

Code:

dn: uid=amorgan,ou=people,dc=ourdomain,dc=com
zimbraMailTransport: lmtp:mail.ourdomain.com:7025
zimbraMailDeliveryAddress: amorgan@ourdomain.com
givenName: My
sn: Name
zimbraMailStatus: enabled
zimbraId: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
mail: amorgan@ourdomain.com
displayName: My Name
uid: amorgan
objectClass: organizationalPerson
objectClass: zimbraAccount
objectClass: amavisAccount
cn: My Name
zimbraMailHost: mail.ourdomain.com

I'm beginning to think that just a standard zimbra install will not work and that it may be looking for something that's not currently in ldap, but I'm far from being even remotely ldap savvy.

[alessio]

Hi all,
I have sam problem with mailarchiva and zimbra
MailArchiva people siuggetst this conf:
LDAPConnectionToZimbra < Main < MailArchiva Knowledge Base

But there's something wrong...
If I set "Service DN: cn=config"
and try "login" I have:
"Authentication failed. the user alessio@mailz.oaknet.it does exist in the LDAP repository. is the login name or bind attribute correct?. "

exactly like amorgan :-(
Does anybody have news about it?
Thanks in advance...

[alessio]

Hi All
thanks to Jamie from Stimulus Soft i solve the problem:
"I think the problem may be that zimbra stores username's and not email
addresses.
Try to set the default domain to an empty value. That why when you
authenticate it will pass "alessio" and not "alessio@mailz.oaknet.it"
"
Now it works :-)
more...
it's possbile tu use the full mail account for login simply changing the field "Bind Attribute" fron uid to mail
I hope this can help someone.....

LDAP Server Address: mail.ourdomain.com:389 (FQDNort)
Base DN: dc=ourdomain,dc=com
Service DN: cn=config
Service Account Password: randompassword
Bind Attribute: mail
Email Attribute: mail