Zimbra

Grejao · #1 (**permalink**) 01-09-2008, 10:58 AM

Hi, I'm trying to install ZCS 5 with an external LDAP Database, it's because my company already have an LDAP database for users. How do i can set it on install? its because at first configuration i have only ldap hostname, ldap admin user and password. Where i can specify my DN ?

My LDAP are structured to be an Domain controller with SAMBA. Today i have the following structure at my ldap database and users:

Directory Structure:

Code:

dn: dc=my-company,dc=com,dc=br
objectClass: dcObject
objectClass: organization
o: mycompany
dc: mycompany

Users and Groups OU:

Code:

dn: ou=Usuarios,dc=my-company,dc=com,dc=br
objectClass: top
objectClass: organizationalUnit
ou: Usuarios

dn: ou=Grupos,dc=my-company,dc=com,dc=br
objectClass: top
objectClass: organizationalUnit
ou: Grupos

Users Objects:

Code:

dn: uid=username,ou=Usuarios,dc=my-company,dc=com,dc=br
uid: username
objectClass: top
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
objectClass: person
loginShell: /bin/bash
uidNumber: 1504
gidNumber: 513
homeDirectory: /home/username
mail: username@mycompany.com.br
title: Estagiaria
o: mycompany
ou: Financeiro
sn: username complete name
cn: username complete name
l: Matriz

How do i use this users, that already exists at my LDAP database to be Zimbra users?

Can i create an Posix group and zimbra allow only group users to have zimbra account?

brian · #2 (**permalink**) 01-09-2008, 11:01 AM

ZCS isn't designed to be used with the primary ldap being external to ZCS. You'll need to install the zimbra ldap, and then setup external authentication.

mmorse · #3 (**permalink**) 01-09-2008, 11:02 AM

Don't change anything on install, after you get it setup in the admin console go to domains > external authentication & GAL buttons.

Grejao · #4 (**permalink**) 01-10-2008, 02:18 AM

OK, i understand how do i can authenticate with an external Openldap Database

. Thanks.

and if i have an existent Zimbra (with internal authentication) with some users, can i put it to authenticate at external openldap database without lost existents users? i need to have the same users at ldap database, right? only this?

Klug · #5 (**permalink**) 01-10-2008, 02:26 AM

AFAIK, you can only choose the auth type (internal or external) on a domain base.

Grejao · #6 (**permalink**) 01-10-2008, 02:52 AM

Ok Ok, but i already have an existent domain and users at this domain. This zimbra server was running at least 7 months and now i want to put then to authenticate at an external LDAP database. Can i do thi chage for an existent domain?

phoenix · #7 (**permalink**) 01-10-2008, 03:13 AM

Quote:

Originally Posted by Grejao

Can i do thi chage for an existent domain?

Yes, you can.

Grejao · #8 (**permalink**) 01-10-2008, 05:02 AM

Ok.
to do this i need to have the same user object at external ldap database, right?

what attribute zimbra will go get at user object at external ldap database to authenticate user?
"UID" and "userPassword" ?

can zimbra authenticate users by "mail" and "userPassword" attributes?

phoenix · #9 (**permalink**) 01-10-2008, 05:08 AM

Details for External Authentication are here in the wiki.

Grejao · #10 (**permalink**) 01-11-2008, 06:09 AM

Ok, i do all steps and now my ZCS can authenticate at my external ldap database

.

The problem now are that all users can login with 2 passwords, from zimbra internal database and password from external database.

its normal? how do i correct this???

Zimbra

Downloads

Product Information

Toolbox

Why Join?