Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 26

Thread: Zimbra as Active Directory replacement

  1. #11
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    How about 'install.log' which I think should be in the /tmp directory.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  2. #12
    Robert Mortimer is offline Active Member
    Join Date
    Apr 2006
    Posts
    31
    Rep Power
    9

    Default

    The log pointed me to /opt/zimbra/.saveconfig/config.save and it was there.

    Thanks.

  3. #13
    lfarkas is offline Active Member
    Join Date
    Nov 2005
    Location
    Hungary
    Posts
    38
    Rep Power
    9

    Default

    Quote Originally Posted by Robert Mortimer
    I already have an integrated SAMBA/MAIL system.

    I use sendmail, dovecot, openldap, LAM, SAMBA and milters for vacation, anti-virus & mail archiving. Apart from the fact that it lacks polish it all works quite well. I would jump to Zimbra in a flash if I could have some pointers on the following:-

    Integrating the samba schemas with Zimbra
    Setting the Zimbra LDAP password
    Accessing the Zimbra LDAP server using SAMBA
    just simple copy samba schema file into /opt/zimbra/openldap/etc/openldap/schema/

    /opt/zimbra/bin/zmlocalconfig -s| grep password

    it's lisining on the normal ldap port!

    Quote Originally Posted by Robert Mortimer
    As a start a quick hint on where to get the passwords so I can connect with connecting using phpLDAPadmin would be a start (the default is hashed in slapd.conf and I think it is randomly generated as part of the install)

    There are guides on how to do this for kolab but they arrived after I went through this process the first time.

    Rob
    what have you already implement?
    how do you keep in sync the samba and non samba people's ldap accounts?
    and how do you manipulate them?

  4. #14
    Robert Mortimer is offline Active Member
    Join Date
    Apr 2006
    Posts
    31
    Rep Power
    9

    Default

    Quote Originally Posted by lfarkas
    what have you already implement?
    how do you keep in sync the samba and non samba people's ldap accounts?
    and how do you manipulate them?
    My Fedora core 4 authenticates against the LDAP server

    Users update password from windows machines (SAMBA syncs unix password)

    LDAP config had to be changed so Dovecott (IMAP POP) could use the passwords

    Apache LDAP auth module is used for internal web based apps

    LAM (LDAP Account manager) does most of the account management along with the IDEALIX scripts

    Sendmail checks valid users and aliases against the LDAP

    We have an LDAP aware vacation milter for sendmail

    It's short on gloss but I have a single sign-on for intranet, webmail, IMAP, POP & Windows +(VPN if I want to configure RAIDIUS)

    Robert

  5. #15
    lfarkas is offline Active Member
    Join Date
    Nov 2005
    Location
    Hungary
    Posts
    38
    Rep Power
    9

    Default

    Quote Originally Posted by Robert Mortimer
    My Fedora core 4 authenticates against the LDAP server

    Users update password from windows machines (SAMBA syncs unix password)

    LDAP config had to be changed so Dovecott (IMAP POP) could use the passwords

    Apache LDAP auth module is used for internal web based apps

    LAM (LDAP Account manager) does most of the account management along with the IDEALIX scripts

    Sendmail checks valid users and aliases against the LDAP

    We have an LDAP aware vacation milter for sendmail

    It's short on gloss but I have a single sign-on for intranet, webmail, IMAP, POP & Windows +(VPN if I want to configure RAIDIUS)

    Robert

    ok that's the case now, but how do you would like to manage users with zimbra? you can't continue to use lam since it's not add zimbra account attribs, but you can't use zibra admin since it's not add posix and samba attribs. otherwise you are in a mixed enviroment and just have problems.

  6. #16
    mintra is offline Special Member
    Join Date
    Nov 2005
    Location
    UK
    Posts
    117
    Rep Power
    9

    Default Zimbra as Active Directory Replacement

    Hi

    We have a customer with Samba and Zimbra both authenticating against active directory running on the same machine. Zimbra was very easy to make Authenticate against AD 20 minutes work. Samba took more than two days to get right (well done DaveM).

    This may be fixed by Samba 4.

    However the orginal post was Zimbra as Active directory replacement.

    I am not sure how this would be done, but I want to be able to set this all up in less than an hour.

    This pdf (Thanks IBM) give some pointers http://ploug.eu.org/doc/smb-ldap-a4.pdf how to do it with the idealx scripts mentioned earlier.

    If Zimbra was to do the whole Job then groups and share management would need to be added.

    I am just setting a system up now for a charity, they have six windows servers, at different sites and I want a single user name and password for
    Windows Logon, Zimbra logon, samba Logon.

    The only things that can deliver this are a mixture of Novell products (eDirectory and identity management) or Fedora active directory.

    I think both of these can absorb an Active directory setup, Borg style (as in start trek), and be the directory service in charge so to speak.

    I wish I had more than a grasshopper brain, else would do some coding myself.

    John

  7. #17
    lfarkas is offline Active Member
    Join Date
    Nov 2005
    Location
    Hungary
    Posts
    38
    Rep Power
    9

    Default

    Quote Originally Posted by mintra
    Hi

    We have a customer with Samba and Zimbra both authenticating against active directory running on the same machine. Zimbra was very easy to make Authenticate against AD 20 minutes work. Samba took more than two days to get right (well done DaveM).

    This may be fixed by Samba 4.

    However the orginal post was Zimbra as Active directory replacement.

    I am not sure how this would be done, but I want to be able to set this all up in less than an hour.

    This pdf (Thanks IBM) give some pointers http://ploug.eu.org/doc/smb-ldap-a4.pdf how to do it with the idealx scripts mentioned earlier.

    If Zimbra was to do the whole Job then groups and share management would need to be added.

    I am just setting a system up now for a charity, they have six windows servers, at different sites and I want a single user name and password for
    Windows Logon, Zimbra logon, samba Logon.
    imho we think different think here. what i called ad replacement is one 'database' for users (and computers) and on kind of admin ui to manage them. of course if you have a fixed number of users and you already setup an ldap server the it has nothing to do with zimbra. what i like to see is an ui which able to manage an ldap server (which is used by zimbra, samba, etc..) ans never need to manualy edit the ldap server ie. only manage through this ui.
    that would be nice, easily manageable and consistent (! which is currently not soo easy). and can be setup in an hour....
    that's my dream.

  8. #18
    Robert Mortimer is offline Active Member
    Join Date
    Apr 2006
    Posts
    31
    Rep Power
    9

    Default

    Setting up a SAMBA PDC is not hard - see http://qvtech.cc/smbldap/ or other locations for the fantastic smbldap-installer script (10 min to get a PDC if you know where to turn on the ACLs and turn off roaming profiles).

    I used this and other components to get my single sign on as stated earlier in this thread.

    A next step would be to integrate Zimbra in place of my Dovecot, squirrel mail, Sendmail, Procmail and Milter elements. Just that extra bit of user management for SAMBA attributes added into Zimbra and I would be at it like a flash. As it is I am waiting for an available window.

    Robert

  9. #19
    Robert Mortimer is offline Active Member
    Join Date
    Apr 2006
    Posts
    31
    Rep Power
    9

    Default

    Had there been any progress on the samba PDC code?

  10. #20
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    Quote Originally Posted by Robert Mortimer
    Had there been any progress on the samba PDC code?
    The best place to file enhancement requests is in bugzilla, the Zimbra team can keep track of them better in there. If you want to file this in bugzilla (if it's not in there already) don't forget to vote on it.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Page 2 of 3 FirstFirst 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 26
    Last Post: 04-19-2011, 09:24 AM
  2. [SOLVED] Clamav problem ? What's happening ?
    By aNt1X in forum Installation
    Replies: 23
    Last Post: 02-14-2008, 05:43 AM
  3. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 10:39 AM
  4. port 7071 not listening OS X install
    By leeimber in forum Installation
    Replies: 7
    Last Post: 03-21-2006, 10:47 AM
  5. Monitoring : Data not yet avalaible
    By s3nz3x in forum Installation
    Replies: 7
    Last Post: 11-30-2005, 07:18 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •