Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
 
Go Back   Zimbra - Forums > Zimbra Collaboration Suite > Administrators
Reload this Page Authenticate against Zimbra-ldap with passwords stored in Active Directory

Welcome to the Zimbra - Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 05-18-2009, 09:34 AM
Active Member
  
Posts: 26
Default Authenticate against Zimbra-ldap with passwords stored in Active Directory
Hi,

my current setup:
- Release 5.0.14_GA_2850.RHEL5_20090303142201 CentOS5 FOSS edition
- One Domain (example.com) with external authentication against a Active Directory.

I try to authenticate against the Zimbra-ldap with the user jim from the domain example.com. The password for this user is stored in the Active Directory, no userPassword attribute. For testing, I use Ldp from a Microsoft Resource Toolkit as a ldap-client.

Here the output of slapd loglevel = 256
Code:
slapd[7553]: conn=375 op=1 BIND dn="uid=jim,ou=people,dc=example,dc=com" method=128
slapd[7553]: conn=375 op=1 RESULT tag=97 err=49 text=
I know that err=49 indicates invalid DN or password. But, of course, the DN and password are correct. My question, it such a setup possible? Or it is only possible for ordinary ldap-client to authenticate against user with userPassword attribute stored in Zimbra-ldap?

Thanks in advance

- Jummo
Last edited by jummo : 05-18-2009 at 09:39 AM. Reason: Typo
Reply With Quote
  #2 (permalink)  
Old 05-20-2009, 07:42 AM
Active Member
  
Posts: 26
Default
I created a Ticket, see Bug 38171.
Reply With Quote
  #3 (permalink)  
Old 05-26-2009, 01:00 AM
Zimbra Consultant & Moderator
  
Posts: 11,508
Default
Quote:
Originally Posted by jummo View Post
Hi,

my current setup:
- Release 5.0.14_GA_2850.RHEL5_20090303142201 CentOS5 FOSS edition
- One Domain (example.com) with external authentication against a Active Directory.

I try to authenticate against the Zimbra-ldap with the user jim from the domain example.com. The password for this user is stored in the Active Directory, no userPassword attribute.
I don't quite understand this comment, are you trying to authenticate a user against the Zimbra internal LDAP or are you using AD for authentication?

Quote:
Originally Posted by jummo View Post
I know that err=49 indicates invalid DN or password. But, of course, the DN and password are correct. My question, it such a setup possible? Or it is only possible for ordinary ldap-client to authenticate against user with userPassword attribute stored in Zimbra-ldap?
You also said above, if I read it correctly, that the user is stored in AD with no password - is that correct? You need the user and password stored in one place and it should be either Zimbra or AD - there's no way around that.
__________________
Regards


Bill
Reply With Quote
  #4 (permalink)  
Old 05-26-2009, 01:15 AM
Active Member
  
Posts: 26
Default
The Password is stored in AD and the other information are in the Zimbra-ldap.
Quote:
You need the user and password stored in one place and it should be either Zimbra or AD - there's no way around that.
Ok, now I know that this doesn't work. I switched back to Internal Authentication

Thank you.
Reply With Quote

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

Zimbrablog.com


Home - Blog - Contact Us - Archive - Top


 

Search Engine Optimization by vBSEO 3.1.0