Results 1 to 4 of 4

Thread: Authenticate against Zimbra-ldap with passwords stored in Active Directory

  1. #1
    jummo is offline Special Member
    Join Date
    May 2009
    Location
    Bremen, Germany
    Posts
    122
    Rep Power
    6

    Default Authenticate against Zimbra-ldap with passwords stored in Active Directory

    Hi,

    my current setup:
    - Release 5.0.14_GA_2850.RHEL5_20090303142201 CentOS5 FOSS edition
    - One Domain (example.com) with external authentication against a Active Directory.

    I try to authenticate against the Zimbra-ldap with the user jim from the domain example.com. The password for this user is stored in the Active Directory, no userPassword attribute. For testing, I use Ldp from a Microsoft Resource Toolkit as a ldap-client.

    Here the output of slapd loglevel = 256
    Code:
    slapd[7553]: conn=375 op=1 BIND dn="uid=jim,ou=people,dc=example,dc=com" method=128
    slapd[7553]: conn=375 op=1 RESULT tag=97 err=49 text=
    I know that err=49 indicates invalid DN or password. But, of course, the DN and password are correct. My question, it such a setup possible? Or it is only possible for ordinary ldap-client to authenticate against user with userPassword attribute stored in Zimbra-ldap?

    Thanks in advance

    - Jummo
    Last edited by jummo; 05-18-2009 at 08:39 AM. Reason: Typo

  2. #2
    jummo is offline Special Member
    Join Date
    May 2009
    Location
    Bremen, Germany
    Posts
    122
    Rep Power
    6

    Default

    I created a Ticket, see Bug 38171.

  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,490
    Rep Power
    56

    Default

    Quote Originally Posted by jummo View Post
    Hi,

    my current setup:
    - Release 5.0.14_GA_2850.RHEL5_20090303142201 CentOS5 FOSS edition
    - One Domain (example.com) with external authentication against a Active Directory.

    I try to authenticate against the Zimbra-ldap with the user jim from the domain example.com. The password for this user is stored in the Active Directory, no userPassword attribute.
    I don't quite understand this comment, are you trying to authenticate a user against the Zimbra internal LDAP or are you using AD for authentication?

    Quote Originally Posted by jummo View Post
    I know that err=49 indicates invalid DN or password. But, of course, the DN and password are correct. My question, it such a setup possible? Or it is only possible for ordinary ldap-client to authenticate against user with userPassword attribute stored in Zimbra-ldap?
    You also said above, if I read it correctly, that the user is stored in AD with no password - is that correct? You need the user and password stored in one place and it should be either Zimbra or AD - there's no way around that.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  4. #4
    jummo is offline Special Member
    Join Date
    May 2009
    Location
    Bremen, Germany
    Posts
    122
    Rep Power
    6

    Default

    The Password is stored in AD and the other information are in the Zimbra-ldap.
    You need the user and password stored in one place and it should be either Zimbra or AD - there's no way around that.
    Ok, now I know that this doesn't work. I switched back to Internal Authentication

    Thank you.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •