Zimbra SPNEGO Single Sign-On for ZCS
We are currently testing Zimbra BETA 8 installed on Centos 6.2 64-Bit. The whole excercise is to see if we could integrate Zimbra with our excisting Active Directory 2008 domain and also implement SSO to ZImbra through Kerberos.
I have followed the ZCS Administration Guide 7.2 Network Edition, since there not a manual available for BETA version 8. The steps in Appendix B "Configuring SPNEGO Single Sign-On for ZCS" was followed but I can still not login successfully with the "HTTP/servername.example.com" kerberos key. I have previously configured "Squid-Cache" proxies and other HTTP services for "kerberos Authentication" and know my way around Windows AD 2008 KDC and UNIX/Linux Kerberos.
1. What should I lookout for and in which logfiles?
2. Where can I look at the "global config attributes" that I have configured with "zmprov mcf" command?
3. For this to work, I believe that the username in Zimbra and in AD must be exactly the same?
Secondly, I am a bit worried that the AD integration is not seamless as we've expected. The external authentication mechanism is a duplication of efforts for me. It seems as if we will not be able to just "pull-in" accounts already created in AD?
Thank you all for any advice.