Results 1 to 10 of 10

Thread: active directory and a bucket

  1. #1
    preston is offline Intermediate Member
    Join Date
    May 2006
    Location
    Philadelphia
    Posts
    18
    Rep Power
    9

    Default active directory and a bucket

    I promise I have read all the posts, and the manual, I am missing something here.

    Running VMware version, on server1. MS2000 on server2.

    Lets say my email domain is zzz.com, and my active directory domain is yyy.

    I configure gal first
    activedirectory
    ldap://pingable hostname from server1
    ldap filter defaults to "AD" and greyed out
    Ldap search base dc=zzz, dc=yyy
    my zimbra user works

    When I test it, I get a fail and a long list of errors, but the first line says "missing 'equals'"

    If I go a step further to the "configure authentication" screens, I can actually authenticate. Although inside the gal I can't get it to test successfully or import any users.

    Any ideas on what I am doing wrong? Thanks in advance.

  2. #2
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    What are the rest of the errors? Zimbra doesn't automatically create the accounts. You still need to create an account in Zimbra so we have a place to hang config/prefs in LDAP.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  3. #3
    preston is offline Intermediate Member
    Join Date
    May 2006
    Location
    Philadelphia
    Posts
    18
    Rep Power
    9

    Default

    Maybe I am asking it to do something it can't.

    If I have 20 user accounts set up on a MS2000 server running ad, no accounts other than admin setup on zimbra.

    I configure the GAL setting, will Zimbra import all of my accounts, username password etc?

  4. #4
    Coilcore is offline Senior Member
    Join Date
    Nov 2005
    Posts
    55
    Rep Power
    9

    Default Accounts?

    You have to create individual user accounts. You can't just expect them to be made from the fact theres an account in the GAL.

    Most of the time you wouldn't want accounts to be automagically made like this because of an entry in LDAP/AD, because what about that 1 user who you don't want using email (that intern or the shady seeming contractor). Plus the GAL will often have non-corporate users and 'psuedo' users (the printer for example).

    You could write a script that crawls your GAL and creates accounts.
    Last edited by Coilcore; 05-18-2006 at 10:00 AM.

  5. #5
    preston is offline Intermediate Member
    Join Date
    May 2006
    Location
    Philadelphia
    Posts
    18
    Rep Power
    9

    Default

    Ah, so now I get it.

    Tested it out, the password work off my server but I do have to create the usernames.

    Is there a quick and dirty way to import accounts off a passwd file, or if I do an ldap export file and place all the user names in a txt file.

  6. #6
    Coilcore is offline Senior Member
    Join Date
    Nov 2005
    Posts
    55
    Rep Power
    9

    Default Scripting account creation

    You can create accounts using the command line tool 'zmprov'. Its a pretty useful tool.

    The basic idea would be to write a script that parses the file (whatever format) for the usernames, and call 'zmprov CreateAccount ${username}' (or 'zmprov ca ${username}') for each user.

  7. #7
    preston is offline Intermediate Member
    Join Date
    May 2006
    Location
    Philadelphia
    Posts
    18
    Rep Power
    9

    Default

    Coil I am asking a lot here, but is there a sample I could follow. I am not a scripter.

    Although if you ever need help with a Cisco Config of any type I could return the favor.

    I could pull the name out of either a passwd file or Active Directory, honestly I wouldn't mind knowing how to do both.

    VPN, Firewall, Switch, anything in that realm........

  8. #8
    swallac2 is offline Intermediate Member
    Join Date
    Oct 2005
    Posts
    16
    Rep Power
    9

    Default

    Preston, Check out the admin docs. There is a lot of detail about zmprov in there. I also heard that an automatic user provisioning feature is coming to Zimbra, but I don't knwo a timeline.

  9. #9
    zaf
    zaf is offline Partner (VAR/HSP)
    Join Date
    Jan 2006
    Location
    Lafayette, LA
    Posts
    81
    Rep Power
    9

    Default

    I made a quick and dirty script to import users from our own AD domains using the "net" commands on Linux to create a list of users on the Domain, then running the necessary 'zmprov' commands off that list. It's not a real-time sync (runs in a cron), but it does the job.

    This creates the necessary Zimbra accounts, and authentication is done by lookups against the AD server

  10. #10
    preston is offline Intermediate Member
    Join Date
    May 2006
    Location
    Philadelphia
    Posts
    18
    Rep Power
    9

    Default

    Zaf, any chance you could send it to me?

    Thats just the kind of thing I am looking for. So far I am only using Zimbra in the VMware appliance. Its doing ok so far, my next phase is I want the mail store to be kept on a NAS appliance outside of the VM. If I can pull that off, it gives me a lot of options.

    Thanks in advance for the script, if you ever need some cisco help, let me return the favor, you can find me at allsystemsup.net

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 1
    Last Post: 05-28-2008, 04:18 AM
  2. External Authentication with Active Directory via LDAPS
    By merrill in forum Administrators
    Replies: 1
    Last Post: 10-21-2007, 01:13 PM
  3. centos 5 zimbra 4.5.6 no statistics
    By rutman286 in forum Installation
    Replies: 9
    Last Post: 08-14-2007, 09:30 AM
  4. GAL with Active Directory
    By robrusso in forum Installation
    Replies: 1
    Last Post: 07-31-2006, 10:34 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •