Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page openldap - different sets of schemas on different servers?

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 03-20-2007, 11:10 AM
Intermediate Member
  
Posts: 16
Default openldap - different sets of schemas on different servers?
If I want to tie in Zimbra to our existing openldap servers, do i have to modify the zimbra slapd.conf to contain the same set of schema files? We use the nis.schema and a custom schema.

Based on some googling and thinking it over, it looks like you don't have to - that you could have a setup like this:

- zimbra machine (with zimbra schema)
- openldap server A (with nis.schema)
- oepnldap server B (with custom.schema)


...is my understanding correct?
Reply With Quote
  #2 (permalink)  
Old 03-20-2007, 11:21 AM
zaf zaf is offline
Partner (VAR/HSP)
  
Posts: 80
Default
Right, You can have Zimbra authenticate against any existing LDAP server, without modifying the schemas. When you configure a domain in Zimbra, you tell it how you want it to do LDAP lookups to authenticate its users.
Reply With Quote
  #3 (permalink)  
Old 03-20-2007, 05:12 PM
OpenSource Builder & Moderator
  
Posts: 1,166
Default
if you use external auth on a domain to chain the user auth against another ldap server, then you have to 'synch' the accounts manually, in that you have to run some script to create accounts on both ldap servers as they're not linked.

altering the zimbra ldap to deal with custom schema is not recommended, there's no guarantee it will be preserved or understood across upgrades - the upgrade scripts are quite complex and likely will break if they come across unexpected constraints.
Reply With Quote
  #4 (permalink)  
Old 03-21-2007, 11:25 AM
Intermediate Member
  
Posts: 16
Default
Let me check if I understood you right or if you explained what you meant clearly - are you saying that I can have this scenario:

- custom schema on SERVER1 but NOT on SERVER2
- sync accounts between SERVER1 and SERVER2

Then if I were to do an LDAP search on SERVER2 it will be smart enough to join across to find data out of SERVER1's custom schema?

So, I'm not modifying the zimbra.schema, just adding into the mix, my own custom schema.


Quote:
Originally Posted by dijichi2 View Post
if you use external auth on a domain to chain the user auth against another ldap server, then you have to 'synch' the accounts manually, in that you have to run some script to create accounts on both ldap servers as they're not linked.

altering the zimbra ldap to deal with custom schema is not recommended, there's no guarantee it will be preserved or understood across upgrades - the upgrade scripts are quite complex and likely will break if they come across unexpected constraints.
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.