Samba + zimbra

[enephal]

So... i have a fedora core 4 with zimbra installed with ldap
it works ok.

i also have samba installed with swat and i'm trying to install the system for a few days now.

I just can't get to make samba work with the openldap that zimbra comes with. If an auth fails when i try to log on a samba share on that machine, i find no trace of my action in /var/log/zimbra.log or in any log in /opt/zimbra/log or in /var/log/messages

I've installed phpldapadmin and i can't log in with the user zimbra and with the password i've set using the zimbra tools. I can authenticate myself with any registered user there but it does not see the ldap tree and i can't get samba to do the same.

One more thing. Can anyone guide me thru the whole samba.schema file integration in the zimbra openldap? I'm totally lost there because i just can't see exactly what to modify

Thank you in advance

Alex

[dijichi2]

don't. use a seperate openldap or FDS instance running on another socket or port. use external auth to point zimbra domains at this other ldap instance.

[hwinkel]

Hi, Any reason for not using, extending the Zimbra LDAP schema ? we also want
to include the samba.schema into our master LDAP (which is Zimbra currently)

Thanks for any advise,

Holger

[phoenix]

It's recommmended that you do not use the Zimbra LDAP instance for anything else. It may get hosed in an ugrade or if you need to restore your system and it's set-up for Zimbra only. Use another LDAP server on a different machine for authentication.

[hwinkel]

Thanks for the fast reply, using a external OpenLDAP now running on the same maschine but different IP. This works so far...

BTW: if recommended unser the ZimbraLDAP ONLY for zimbra why not changing the LDAP port to something different as default 389 like zimbra has done with the "internal" mySQL ?

[phoenix]

Thanks for the fast reply, using a external OpenLDAP now running on the same maschine but different IP. This works so far...

BTW: if recommended unser the ZimbraLDAP ONLY for zimbra why not changing the LDAP port to something different as default 389 like zimbra has done with the "internal" mySQL ?

Running your LDAP on a different port shouldn't be a problem. As for the Zimbra LDAP on a different port, I have a recollection that it was going to be implemented. I can't remember if it's in this version (4.0.2) or due in a later release, perhaps you could do a quick forum and bugzilla search.

[kogo]

What port can I run LDAP on for SAMBA so that it does not step on Zimbra's?

[robbyt]

netstat is your friend

[kogo]

netstat is your friend

OK, I've got that - but it appears as though our WinXP desktops won't be able to log in if LDAP is on a non-standard port - correct?

It's looking like I'll need another box for net admin - and make the current box as strictly a mail server.

[samdm]

Well, I'm really wondering.

Guys, if your LDAP is not really standard LDAP, please mention it in the installation notes, manual, whatever.

I spent half of the day trying to marry Zimbra LDAP with ssh.

I'm using latest 4.5 RC1 on Fedora 6