[SOLVED] symantec brightmail & zimbra ldap sync

[ustoun]

Hello All
I have installed
zimbra-ldap-5.0.7_GA_2450.RHEL5-20080630192737
zimbra-store-5.0.7_GA_2450.RHEL5-20080630192737
zimbra-core-5.0.7_GA_2450.RHEL5-20080630192737
zimbra-logger-5.0.7_GA_2450.RHEL5-20080630192737
zimbra-snmp-5.0.7_GA_2450.RHEL5-20080630192737
zimbra-apache-5.0.7_GA_2450.RHEL5-20080630192737
zimbra-mta-5.0.7_GA_2450.RHEL5-20080630192737
zimbra-spell-5.0.7_GA_2450.RHEL5-20080630192737

on my RHEL5 box

I also have mailrelay "Symanntec Brightmail Gateway " Current software version: 9.0.2-9

mail relay have option to make sync through LDAP with mailserver (in my case, ZIMBRA ), in order to determine wich users and groups already exist on my zimbra server


I am looking for parameters which I have to put in mailrelay (brighmail ) concerning zimbra parametrs like:


Data source name: ???
Directory type: ???
Port: 389
Enable SSL: ???


Anonymous bind ???


Name (Bind DN): ???


I have options to choose directory type:
Active Directory
Active Directory Global Catalog
iPlanet/Sun ONE/Java Directory Server
Domino
Other



Does anyone know if it possible to have this kind of syncronization?
It's work perfect with MS exchange server...

Thanks

[cerber]

We are using the symantec brightmail gateway with the following settings for recipient validation.

Directory type: Domino
Host Name: Ldap.domain.com
port: 389
SSL not enabled
Bind with the following uid=zimbra,cn=admins,cn=zimbra

The recipient validation along with reputation grading to curb directory harvest attacks has worked well.

[ustoun]

@cerber

Thanks for reply..
I guess, I am missing something here..
Actualy, I want to query ldap server on zimbra server, in order to verify, if exact emails are exist on my zimbra server, my respond from brighmail is

"Authentication to LDAP server unsuccessful. Invalid bind credentials. DDS error code: 800206"

my auth string is "uid=zimbra,cn=admins,cn=zimbra"
Directory type is "Domino"
hostname "ip address of the zimbra server"

It looks like username or password is incorrect, but I am sure it is.
Is this any other cli tools to do checks, in order to resolve this issue?



Thanks

[phoenix]

Quote:

Originally Posted by ustoun

"Authentication to LDAP server unsuccessful. Invalid bind credentials. DDS error code: 800206"

That error usually means exactly what it says. Where is that highlighted error code coming form and what does it mean?

Quote:

Originally Posted by ustoun

It looks like username or password is incorrect, but I am sure it is.
Is this any other cli tools to do checks, in order to resolve this issue?

Try an ldapsearch against the Zimbra server with the credentials you're using in your example above and see what the results are.

[ustoun]

OK,

My 'ldapsearch' is succsesful from command line from zimbra user envirement, so I don't need to type the password of the zimbra user ( just clicking ENTER after string of ldapsearch .... command, and it's succesful)

My quetion is, if I will change password for user zimbra ( # passwd zimbra ), does it affect my running configuration?


Or, is it possible to use another user, to make a query zimbra ldap db, is this user should be, linux user ( useradd zimbra_ldap_user for example ) or just account which I could add through zimbra administration interface? (mail user )

and how could CN based query should looks like ?( if I will create an additinal user )





Thanks

[ustoun]

Got it, with another user configured for ldap query

[rhorist]

Quote:

Originally Posted by ustoun

Got it, with another user configured for ldap query

Can someone explain or point me in the right direction on how to add another user for ldap query? As I am also trying to setup Symantec Messaging Gateway(Brightmail) to do the same thing.