Results 1 to 2 of 2

Thread: Having trouble setting up GAL with Active Directory or LDAP - GUID's showing up

  1. #1
    heyheyash is offline Intermediate Member
    Join Date
    Mar 2012
    Location
    Phoenix, AZ
    Posts
    17
    Rep Power
    3

    Default Having trouble setting up GAL with Active Directory or LDAP - GUID's showing up

    Disclaimer: I don't know what I'm doing when it comes to LDAP.

    A new Windows domain has been created on Windows 2008 in order to converge a few other domains we have. All users will have their accounts on this domain and the goal is to have LDAP correctly populated. On a Zimbra test server, I've attempted to configure the GAL for this domain via LDAP (because I couldn't get AD to work) and am getting a lot of extra trash from Active Directory including GPO's, etc. The thing I'd most like to do is get AD working instead of figuring out LDAP.

    I ripped my LDAP filter, Autocomplete filter and LDAP search base from a post I found here.

    LDAP URL: domaincontroller.company.net - port 3268

    LDAP filter: (&(|(cn=%s*)(sn=%s*)(gn=%s*)(mail=%s*)))
    Autocomplete filter: (|(cn=%s*)(sn=%s*)(gn=%s*)(mail=%s*))
    LDAP search base: dc=company,dc=net

    I have the option checked to "Use GAL search settings for GAL sync" which could be setup poorly as well since I didn't know what I was doing. I did get the LDAP service turned on so results are being delivered but they're filled with gibberish.

  2. #2
    ypong is offline Senior Member
    Join Date
    Jan 2009
    Posts
    66
    Rep Power
    6

    Default

    You can have a look at what I did in this thread: GALsync LDAP query in AD; mailnickname=Bug?

    I did eventually trim the filters down by factoring out the "(!(userAccountControl:1.2.840.113556.1.4.803:=2)) ", so they ended up looking like this:

    Code:
    (&(|(displayName=*%s*)(cn=*%s*)(sn=*%s*)(givenName=*%s*)(mail=*%s*))(|(&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))(objectCategory=group)(objectCategory=publicFolder)(objectCategory=msExchDynamicDistributionList))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
    and autocomplete filter is:
    Code:
    (&(|(displayName=%s*)(cn=%s*)(sn=%s*)(givenName=%s*)(mail=%s*))(|(&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))(objectCategory=group)(objectCategory=publicFolder)(objectCategory=msExchDynamicDistributionList))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
    The filters make a lot more sense when you add some whitespace, e.g.:
    Code:
    LDAP Filter=(&
    	(|(displayName=*%s*)(cn=*%s*)(sn=*%s*)(givenName=*%s*)(mail=*%s*))
    	(|
    		(&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))
    		(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))
    		(&(objectCategory=person)(objectClass=contact))
    		(objectCategory=group)
    		(objectCategory=publicFolder)
    		(objectCategory=msExchDynamicDistributionList)
    	)
    	(!(userAccountControl:1.2.840.113556.1.4.803:=2))
    )
    Release 7.2.0_GA_2669.UBUNTU10_64 UBUNTU10_64 FOSS edition

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. LDAP or Active Directory?
    By sadams@bigrocksports.com in forum /etc
    Replies: 1
    Last Post: 05-09-2010, 03:58 PM
  2. New Users - Not showing up in GAL (Active Directory)
    By sternfan in forum Administrators
    Replies: 8
    Last Post: 06-28-2007, 01:09 PM
  3. Active Directory/LDAP
    By dgcarter in forum Installation
    Replies: 1
    Last Post: 03-05-2007, 10:33 AM
  4. Replies: 5
    Last Post: 01-20-2007, 12:25 AM
  5. Active Directory ldap GAL help.
    By Splat in forum Administrators
    Replies: 1
    Last Post: 01-19-2006, 08:28 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •