Results 1 to 7 of 7

Thread: LDAP autentification for user mailbox

  1. #1
    rayg00n is offline Junior Member
    Join Date
    Jun 2011
    Posts
    9
    Rep Power
    4

    Default LDAP autentification for user mailbox

    Good day dear forum.
    We have the ZCS 7.1 and active directory on Windows Server 2003.
    Zimbra autentification is changed to External Active Directory. Everything is fine: domain users can logon to zimbra web.
    But how can i do next - some users must logon to the mailbox with other AD account. Did anyone help me to make correct settings for this window?

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,499
    Rep Power
    56

    Default

    Quote Originally Posted by rayg00n View Post
    But how can i do next - some users must logon to the mailbox with other AD account. Did anyone help me to make correct settings for this window
    I don't understand what you mean by that question, what exactly are you trying to do? If you're trying to use multiple login credentials with one mail account then that's not possible.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    rayg00n is offline Junior Member
    Join Date
    Jun 2011
    Posts
    9
    Rep Power
    4

    Default

    Quote Originally Posted by phoenix View Post
    I don't understand what you mean by that question, what exactly are you trying to do? If you're trying to use multiple login credentials with one mail account then that's not possible.
    Sorry for my bad english.
    I have account "user@domain" in AD 2003.
    And i have zimbra account "zimbrauser@domain.ru" in Zimbra.
    Can i login into the "zimbrauser@domain.ru" with credentials from "user@domain" ?
    User from AD and user from Zimbra have different name(uid).
    Field on the screen - What is it? How it is working?

  4. #4
    rayg00n is offline Junior Member
    Join Date
    Jun 2011
    Posts
    9
    Rep Power
    4

    Red face

    For example:
    win2003AD - an02@domain.local
    zimbra - tds@domain.ru
    Look up first post.
    How can i compare these accounts? I want to use user/pass from an02@domain.local to login to zimbra tds@domain.ru usermailbox. It is possible?

    PS: premoderation is too slooooow
    Last edited by rayg00n; 07-28-2011 at 02:26 AM.

  5. #5
    rayg00n is offline Junior Member
    Join Date
    Jun 2011
    Posts
    9
    Rep Power
    4

    Default

    up.anybody know?

  6. #6
    PhD
    PhD is offline Senior Member
    Join Date
    Jun 2011
    Posts
    68
    Rep Power
    4

    Default

    we had a similar situation... we have a user (user01) who went on leave, and a temp user (user02) is filling in the role, and needs to log into to user01's mailbox with user02's credentials.

    We use external ldap as our backend.. so we went around the problem by doing the following:

    on user01's zimbra account, it maps to user01 ldap... so we added user02's password as a 2nd userPassword to user01's ldap account, and then also created a user02 ldap account as normal. (so they can log into their pc as themselves)

    Then on the zimbra side, we added user02@domain.com as an alias to user01's account. Because we worked out that, you can log in to an account with either the username of the account, or any alias of the account, and it will match authenticate against the user01's ldap account, and with the 2nd password in there, the temp is now able to log into user01's account using her "username" (user02) and her password (and it auth's against user01's ldap account)

    So, because you use active directory, i would say the only way this would be possible if you use adsiedit and edit the properties of the user account and add a second password field to the user..

    @phoenix, you can have multiple login credentials for the one account (by using the method above) and it works - im not sure if this will work in AD, or using zimbra's own ldap auth.. but definately using an external ldap system this works.. both the "temp" and the original user, can log into the one account at the same time and with personas, they can sent emails as their own username..

  7. #7
    rayg00n is offline Junior Member
    Join Date
    Jun 2011
    Posts
    9
    Rep Power
    4

    Default

    PhD
    It is great! But, i can not use the alias, because we allready have a mailbox with this name.
    PS: I still do not understand why we have in the Zimbra 7 field on the screen above if that not working correctly.

    I find other solve for this problem, but its not fully satisfied me:
    In a field on the screen type the name of account (example an02) from Active Directory. In the Active Directory we must fiill field "Display Name" for some user (example: an02). Know, we can login to the zimbra using the name of mailbox zimbra (example tds@zimbra.com) and password from Active directory our user (example: <an02password>)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. LDAP Cannot bind on migration to new server
    By neekster in forum Migration
    Replies: 23
    Last Post: 03-09-2009, 02:08 AM
  2. can't you help me
    By iwan siahaan in forum Administrators
    Replies: 6
    Last Post: 12-17-2007, 06:53 PM
  3. Zimbra Install Problem - getDirectContext
    By bsimzer in forum Installation
    Replies: 27
    Last Post: 07-19-2007, 10:12 AM
  4. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •