External LDAP GAL help (please)

[dlochart]

We are considering installing an LDAP server on another machine to be used to augment our GAL. We have a list of contacts that we need to treat as external recipients (they cannot have accounts). We have these people in a data file and there is NO WAY to access the AD/LDAP server they were exported from. So what I need to do (and I am a newb to LDAP ) is setup an ldap instance with the data we have in the csv file. We will then change the GAL configuration for teh domain from internal to Both and then add this LDAP server.

My question is what is the structure (if that is the right word) in LDAP I need to coerce this data into so that it is picked up by the GAL?

Or is it a matter of setting the proper filters etc in the configuration to pull what you want? If so I still need to know the internal attributes etc that need to be assigned data so that things are picked up.

Is what we need to do possible or has been done before?

Any and all help is most appreciated!

regards,

Doug Lochart
Cape Computing Corp

[prosenbl]

Bump... this is exactly what we need to accomplish as well.

[dlochart]

Quote:

Originally Posted by prosenbl

Bump... this is exactly what we need to accomplish as well.

Well I was able to accomplish this with the help of jason in Support. The hardest thing was coming in cold to LDAP and having to get up to speed on it fast.

Let me know what you need and I will be glad to help

[prosenbl]

A copy of the schema you are using would be extremely helpful. I've had some success on my own at modifying the stock OpenLDAP schemas but I could certainly benefit from looking at one that is already working well.
Thanks,
Pete

[dlochart]

Quote:

Originally Posted by prosenbl

A copy of the schema you are using would be extremely helpful. I've had some success on my own at modifying the stock OpenLDAP schemas but I could certainly benefit from looking at one that is already working well.
Thanks,
Pete

I did not need to modify any schemas. I started to at first but that is because I did not know that OpenLDAP came with many schemas. I include these and they support all that I need.

Code:

include         /usr/local/openldap/etc/openldap/schema/core.schema
include         /usr/local/openldap/etc/openldap/schema/cosine.schema
include         /usr/local/openldap/etc/openldap/schema/inetorgperson.schema

There is a WIKI page that shows the mapping of LDAP attributes to zimbra contact attributes.

Here is a sample entry:

Code:

dn: cn=Jane Doe,ou=TenonUK,dc=capesafe,dc=com
objectclass: person
objectclass: organizationalPerson
objectclass: inetorgPerson
givenName: Jane
cn: Jane Doe
sn: Doe
mail: jane.doe@mymail.com
telephoneNumber: 410-555-1212
fax: 410-555-1214
mobile: 410 431 5341
title: IT MANAGER
physicalDeliveryOfficeName: Stockholm

These attributes seem to work fine

[prosenbl]

Thank you, that was very helpful.

[dlochart]

Quote:

Originally Posted by prosenbl

Thank you, that was very helpful.

You are most welcome !

[folioguru]

Quote:

Originally Posted by dlochart

Well I was able to accomplish this with the help of jason in Support. The hardest thing was coming in cold to LDAP and having to get up to speed on it fast.

Let me know what you need and I will be glad to help

I want to do the same exact thing you did.

Is there some kind of step by step tutorial available on how you do this (put contact list into ldap server and have Zimbra access it as external GAL)?

An LDAP server is already installed on the Zimbra server. Can I use this, or do I need to install an external one on another server?

Thanks for any help!

[dlochart]

Quote:

Originally Posted by folioguru

I want to do the same exact thing you did.

Cool

Quote:

Originally Posted by folioguru

Is there some kind of step by step tutorial available on how you do this (put contact list into ldap server and have Zimbra access it as external GAL)?

No I did not write a tutorial. I spent so much time learning LDAP and troubleshooting sasl authentication that I barely had enough time to complete the task.

I can help you as best I can in the forum.

You need to know LDAP. If you do not know it you should learn it. If you need me too I will post a tutorial I used that helped me tremendously.

Take a look at post#5 in this thread for tips on the ldap setup / attributes.

Quote:

Originally Posted by folioguru

An LDAP server is already installed on the Zimbra server. Can I use this, or do I need to install an external one on another server?

Thanks for any help!

You should NOT use the Zimbra LDAP server for various reasons. You need to set up your own individual one. It is not that hard Just make sure that if you do it on a machine with sasl libraries that you either know how to use sasl with ldap or you build openldap without sasl.

It is working great for me.

[folioguru]

Quote:

Originally Posted by dlochart

I can help you as best I can in the forum.

You need to know LDAP. If you do not know it you should learn it. If you need me too I will post a tutorial I used that helped me tremendously.

Really appreciate it.

Could you please post the tutorial that you used? That would be a great start as I am beginning from ldap ground zero.

Thanks!