Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page Migrating to External LDAP questions and directions

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 06-01-2007, 02:51 PM
Active Member
  
Posts: 44
Default Migrating to External LDAP questions and directions
So I initially installed Zimbra with Internal authentication and am now looking to have it auth against an external ldap server as the samba/posix options now available within Zimbra (Thanks Greg) have certain requirements that do not fit our environment properly.

I've tried searching through the admin guide and quick start and even the wiki, but I just haven't found exactly what I need to change to properly reconfigure zimbra to use external authentication as most information seems to be based from the point of initial installation.

I found these entires in my zmlocalconfig, and I am assuming these are the ones I need to change:
Code:
ldap_host = zimbra.domain.com
ldap_is_master = true
ldap_master_url = ldap://zimbra.domain.com:389
ldap_root_password = *
ldap_url = ldap://zimbra.domain.com:389
But then maybe not as I also see this information in the wiki:
Zimbra Directory Service (LDAP) - ZimbraWiki

regarding external Active Directory authentication.

Or is it just a matter of defining these two attributes via zmprov, and by defining these attributes does this change the authentication mode to External and/or Both?

zimbraAuthLdapURL zimbraAuthLdapBindDn

As explained on this page:

LDAP - ZimbraWiki

which then makes it seem I may need to run the following commands to confiure those attributes:
Code:
zmprov md MYDOMAIN.COM zimbraAuthMech external
zmprov md MYDOMAIN.COM zimbraAuthLdapURL ldap://extldap.mydomain.com:389
zmprov md MYDOMAIN.COM zimbraAuthLdapBinddn cn=admin,dc=mydomain,dc=com
zmprov md MYDOMAIN.COM zimbraAuthLdapFilter "%n, %D"
Or do I set the zimbraAuthMech option to something else for external LDAP?

Or am I totally overcomplicating things and should use the "Configure Authentication" option within the admin GUI under @ Domains in the configuration section?

Lastly I see options for ldaps or "use SSL". From my experience TLS should always be used with OpenLDAP instead of SSL. Is there a way to allow zimbra to use TLS instead of SSL or what looks like the default of no security?
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.