ZCS 5.0.12 and GAL integration with MS AD

[ypong]

Hi all, I'm trying out Zimbra as a possible new mail+colloboration solution, in an existing Windows 2003 AD+IMAP server (i.e. no exchange server).

I've managed to get Authentication to the AD working; testing authentication by creating a couple of user accounts (same name as in the AD) without any password, does allow login, so I know authentication works.

The GAL caused some problems, however I managed to work through it by searching through the forums etc. However, regardless of whatever search term I put in for the last page, I never seem to get any search results (even though this is considered "successful" and allows me to finish the configuration). Is this to be expected?

e.g. I've tried:
CN=Administrator,CN=Users,DC=mydomain,DC=com

Which you would think works, as the default Administrator login for Windows, as well as:
CN="*somename*" (which is a valid username in the AD)

If I do a ldapsearch -h mydc -x -b "dc=mydomain,dc=com" -D "validuser@mydomain.com" -W cn="*somename*"
I do get search results back for this "somename" valid user, so I know again that the DC is working and accessible from this server.

Not to confuse myself too much, my questions are:

1) During the GAL configuration, is it expected that the search returns no results? Or should I expect that it would return similar results to what I get if using ldapsearch?

2) If I login as one of the mapped users to Zimbra, would I expect to see a bunch of addresses in the GAL (coz' currently it's blank)? Or is this additional work to migrate them over from the AD?

3) When writing a new email, the address field doesn't seem to autocomplete (GAL is set to autocomplete in the admin console); again, would I expect that this autocomplete based on the mapped user accounts/GAL, or is this a cascade of (1)+(2) above where since GAL is not working, therefore autocomplete is not working?

Thanks in advance for your help.

[ypong]

Nobody has encountered this problem? Or would you recommend I shift this to a different forum, if the installation forum is the wrong place.

Thanks in advance for your advice.

[ttown]

Probably no help, but I just put online a zimbra NE server in a MS AD + IMAP situation such as yours. I have authentication against AD, but I'm using the local LDAP for the GAL. Works like a champ and no lookup problems. Perhaps worth a shot for you?

[ypong]

Thanks for your reply, ttown. So you are just using the AD purely for authentication, with the local LDAP containing all the other user information?

The current setup I'm working on could do this, since it's brand new testbed, but I'm aiming to also roll out zimbra for a 400+ user environment with a well established AD, so I'd really love to figure out the GAL issue.

[reinhard]

we are using zcs NE right now in an eval-enviroment with the local ldap and going to roll it out in one or two month - as soon as the new ad is set up. so I'm stronly interested in this topic, as for 100+ users, i'd like to have only one source to maintain.

[stegbth]

Hi ypong,

if Zimbra is your only Mailserver, why do you want GAL from AD? The eMail Adresses are listed in Zimbra not in AD. So Zimbra is looking for this? why should this be in AD?

greetings
thomas