Results 1 to 4 of 4

Thread: Zimbra + Samba as a BDC

  1. #1
    bubarooni is offline Advanced Member
    Join Date
    Mar 2007
    Location
    Indiana
    Posts
    185
    Rep Power
    8

    Default Zimbra + Samba as a BDC

    I found an excellent Zimbra + Samba PDC config guide at:

    UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI - ZimbraWiki

    ,but I need to replace an existing Exchange 5.5/NT 4.0 BDC.

    I've searched for that but come up empty. Has anyone ever tried that or could I somehow modify the steps in the link above to do so?

    Also, I think I've read in a couple of places that I really should run Zimbra by itself on the server. Would running Samba as a BDC on the same box violate that?

    Thanks In Advance for any ideas, hints or tips!

  2. #2
    Greg is offline Zimbra Employee
    Join Date
    Sep 2005
    Location
    Tucson - San Francisco - Moscow
    Posts
    127
    Rep Power
    9

    Default

    Quote Originally Posted by bubarooni View Post
    I found an excellent Zimbra + Samba PDC config guide at:

    UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI - ZimbraWiki
    Thanks!

    ,but I need to replace an existing Exchange 5.5/NT 4.0 BDC.
    What is your Primary Domain Controller? If your Primary Domain Controller is NT and you, for some reason want to keep it and do not want to replace it with Samba, than you would have to use NT for creating accounts.
    Ideally, you would can use the guide from the wiki to replace the PDC with Samba and than also configure a second Samba instance as a BDC. You can get all the information you need for configuring Samba as a BDC in Official Samba HOWTO mentioned in our wiki guide.

    Also, I think I've read in a couple of places that I really should run Zimbra by itself on the server. Would running Samba as a BDC on the same box violate that?
    While this is possible and both will work together, this is going to be very hard on your hardware, because PDC (and even more so BDC) is a very busy machine and Zimbra is even busier. So, I would recommend getting separate machines for performance purpose. If you are going to run both on the same machine and you are going to use user authentication against LDAP through pam_ldap, make sure that you configure your pam_ldap to fallback to /etc/passwd or add your zimbra user to your LDAP.


    Thanks In Advance for any ideas, hints or tips!
    You're welcome
    Last edited by Greg; 06-13-2007 at 07:49 PM.
    Bugzilla - Wiki - Downloads - Before posting... Search!
    P.S.: don't forget to vote on this bug
    add Samba LDAP entries to Exchange Migration Tool

  3. #3
    qube001 is offline Member
    Join Date
    Jul 2008
    Posts
    11
    Rep Power
    6

    Default Zimbra Samba PDC and Samba slave LDAP BDC

    Hi folks

    I also followed the wiki and I am now happy with my Samba server authenticating users against zimbra user base.

    next step in my mind would be to use others foreign offsite samba servers to auth against this very same Zimbra user base. (BDC)

    To ensure extra reliability even if the WAN link went down between Zimbra LDAP and foreign Sambas, I will use master/slave LDAP scheme, the master LDAP being Zimbra, and the slaves ldaps will be hosted on foreign samba servers. (slapd)

    I believe I'll have to add some lines to add slaves in
    /opt/zimbra/conf/slapd.conf.in like :
    Code:
    replica uri=ldap://ldap-2.example.com:389 binddn="cn=Manager,dc=example,dc=com" bindmethod=simple credentials=secret
    
    replogfile      /var/lib/ldap/replog
    I also think I'll have to add samba ldap schemas to every foreign samba ldap servers


    does it sounds good to zimbra gods?

  4. #4
    qube001 is offline Member
    Join Date
    Jul 2008
    Posts
    11
    Rep Power
    6

    Default Got it working

    I finally got a zimbra PDC + samba BDC setup working

    Primary site : zimbra 5.0.9 Centos 5.2 quad Xeon workhorse (PDC)

    Office sites : Debian Samba on stock PC computer ("BDC")

    the goal is to use the same user base from every sites AND some WAN failover security if WAN went down. (aka BDC)

    I did a "LDAP only" zimbra setup on offices following this doc
    Multiple-Server Installation

    and told the samba server to auth against its own ip adress (localhost won't work)
    following this (neat) link
    Multiple-Server Installation

    this seems to work fine except the slave zimbra LDAP keeps complaining about:

    Unable to determine enabled services from ldap.
    Unable to determine enabled services. Cache is out of date or doesn't exist.

    this is I think because no other zimbra service is running (correct?)

    Is there any way to get rid of those alerts (it fills mail and log)

    Thank you in advance

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. dspam logrotate errors
    By michaeln in forum Users
    Replies: 7
    Last Post: 02-19-2007, 12:45 PM
  2. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 10:39 AM
  3. Replies: 16
    Last Post: 09-07-2006, 06:39 AM
  4. port 7071 not listening OS X install
    By leeimber in forum Installation
    Replies: 7
    Last Post: 03-21-2006, 10:47 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •