Results 1 to 2 of 2

Thread: Customizing Zimbra Directory

  1. #1
    abatkin is offline Starter Member
    Join Date
    Dec 2009
    Location
    Glasgow, Scotland
    Posts
    1
    Rep Power
    5

    Default Customizing Zimbra Directory

    We have recently rolled out Zimbra 6.0.4 OSE to production, using Zimbra's own internal LDAP server for its own authentication (in other words, a standard out-of-the-box configuration).

    We have a number of other applications that are currently talking to our old LDAP server but I am slowly transitioning them across to use Zimbra's directory for authentication. The problem we have encountered is that there is often a need for those applications to use LDAP in a way that Zimbra doesn't easily support. For example, some of the applications that we run insist on searching the directory for a user before binding as that user. Other applications run in to issues because of the fact that some attributes (like zimbraMailCanonicalAddress) aren't accessible for search/read even for the user that you are bound as.

    I am aware that I can easily add additional LDAP users (service accounts) and modify ACLs but I am concerned that this might complicate upgrades; An upgrade may fail, or these manual changes may get clobbered and need to be re-applied.

    Are there any "supported" ways of dealing with service accounts and ACL changes? What's the best way to ensure that upgrades won't break and we won't have to manually apply changes every time we change something?

  2. #2
    ArcaneMagus's Avatar
    ArcaneMagus is offline Moderator
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    This article has some good examples of how to change things like ACL's: UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI 6.0 - Zimbra :: Wiki

    On my system I have that plus a few other extra ACL modifications that have so far stayed across 4 upgrades on the 6.0.x branch. This new LDAP is much easier on upgrades. I don't know if there is technically a "supported" way to do this though, other then the standard of set it up, but it could go away on upgrades. So far it hasn't happened for any of my LDAP customizations though

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Recover the mail after the crash HDD
    By MrSnaKe in forum Administrators
    Replies: 3
    Last Post: 12-02-2009, 04:38 AM
  2. postfix relay=none status=bounced for local mails
    By vdd in forum Administrators
    Replies: 1
    Last Post: 08-06-2009, 08:05 AM
  3. Zimbra spam system
    By rajahd in forum Administrators
    Replies: 9
    Last Post: 04-16-2008, 07:25 PM
  4. 4.5 Upgrade failure
    By brained in forum Installation
    Replies: 9
    Last Post: 03-03-2007, 03:30 PM
  5. Fedora Core 3, Clean Install - Not working!
    By pcjackson in forum Installation
    Replies: 17
    Last Post: 03-05-2006, 07:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •