Need settings for Zimbra OpenLDAP

[fajarpri]

I try to manually query the zimbra ldap from openfiler, it works:

Code:

[root@localhost ~]# ldapsearch -h cnt5.example.com -xLLL -b "dc=example,dc=com"
dn: dc=example,dc=com
zimbraMailStatus: enabled
zimbraId: 1c6b995a-4734-45d2-8b6a-39dce29fbfc4
dc: example
zimbraDomainName: example.com
zimbraDomainType: local
objectClass: dcObject
objectClass: organization
objectClass: zimbraDomain
o: example.com domain

dn: ou=people,dc=example,dc=com
ou: people
objectClass: organizationalRole

dn: uid=admin,ou=people,dc=example,dc=com
zimbraMailTransport: lmtp:cnt5.example.com:7025
zimbraMailDeliveryAddress: admin@example.com
sn: admin
zimbraId: 8d686a54-cba4-432a-aef6-df66cc359650
zimbraMailStatus: enabled
mail: admin@example.com
mail: root@example.com
mail: postmaster@example.com
uid: admin
objectClass: organizationalPerson
objectClass: zimbraAccount
objectClass: amavisAccount
zimbraMailHost: cnt5.example.com
zimbraMailAlias: root@example.com
zimbraMailAlias: postmaster@example.com

dn: uid=root,ou=people,dc=example,dc=com
zimbraId: 54c747f5-279d-4c89-ba30-0d6ac3f51c94
uid: root
objectClass: zimbraAlias

dn: uid=postmaster,ou=people,dc=example,dc=com
zimbraId: f74a0404-bc2c-422e-8c83-6f85dd545024
uid: postmaster
objectClass: zimbraAlias

dn: uid=wiki,ou=people,dc=example,dc=com
objectClass: organizationalPerson
objectClass: zimbraAccount
objectClass: amavisAccount
zimbraId: 784c908c-8ef7-4b91-b340-69bb5d630664
zimbraMailStatus: enabled
zimbraMailDeliveryAddress: wiki@example.com
zimbraMailTransport: lmtp:cnt5.example.com:7025
zimbraMailHost: cnt5.example.com

dn: uid=spam.oxfsdtwb,ou=people,dc=example,dc=com
objectClass: organizationalPerson
objectClass: zimbraAccount
objectClass: amavisAccount
zimbraId: 1681ddcd-bada-456f-810b-f22a186f8cc9
zimbraMailStatus: enabled
zimbraMailDeliveryAddress: spam.oxfsdtwb@example.com
zimbraMailTransport: lmtp:cnt5.example.com:7025
zimbraMailHost: cnt5.example.com

dn: uid=ham.x51izzua,ou=people,dc=example,dc=com
objectClass: organizationalPerson
objectClass: zimbraAccount
objectClass: amavisAccount
zimbraId: 18c2bde5-d499-4132-b4d4-c0b1822a27bf
zimbraMailStatus: enabled
zimbraMailDeliveryAddress: ham.x51izzua@example.com
zimbraMailTransport: lmtp:cnt5.example.com:7025
zimbraMailHost: cnt5.example.com

dn: ou=groups,dc=example,dc=com
ou: groups
objectClass: organizationalRole

dn: ou=machines,dc=example,dc=com
ou: machines
objectClass: organizationalRole

[fajarpri]

Seems like there's no cn=config?
I will try with the admin.

[fajarpri]

Sorry for the delay.
Using uid=admin,ou=people,dc=example,dc=com, from Openfiler admin now I can click on the Accounts admin menu. But with this error when I tried to add group / user:

Code:

An error has occured:
Error adding new group.
ldap_add: No such object (32)
matched DN: dc=example,dc=com

Verify that the settings on the Authentication page are correct.



An error has occured:
Error adding new user.
ldap_add: Insufficient access (50)
additional info: no write access to parent

Verify that the settings on the Authentication page are correct.

Also, in Zimbra UI, there's no Samba Domain visible. Seems like Openfiler's samba cannot update the LDAP.

I wish Zimbra and Openfiler can be make to work at this point. It would be an awesome combination.

[fajarpri]

Hold on,
I think I make a mistake.

[fajarpri]

Ok I made a mistake in setting up the authentication Sorry. I guess it's because of burnout from working. I really need a vacation.

Greg's instruction is here:
UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI - Zimbra :: Wiki
Watch out for the ldap.conf and smb.conf:

Code:

host cnt5.example.com
base dc=cnt5,dc=example,dc=com
binddn cn=config
bindpw randomgenerate
rootbinddn uid=zimbra,cn=admins,cn=zimbra

Make sure you check the password as zimbra user:

Code:

zimbra@gregzimbra1:$ zmlocalconfig -s ldap_root_password
zimbra@gregzimbra1:& zmlocalconfig -s zimbra_ldap_password

Restart Samba
After all that Samba Domain is automatically created in Zimbra LDAP.

There are several glitches though:
1. We cannot create user and group from Openfiler. Error about object not found. I guess it's related to the schema.
2. We need to create user and group from Zimbra WebUI.
3. Openfiler webUI sometimes return blank page, but the values are saved though.
4. We can create volumes, quota, etc in Openfiler.
5. The shares we create in Openfiler dont show in Samba (smb.conf)
6. We need to sync user password's to samba password from Openfiler (I think it's because I haven't use the SambaPassword extension. Will try soon).

[Costa-101]

Does it work or not ?

I am trying to setup OpenFiler and cannot for the life of me understand the Zimbra ldap hierarchical structure.

Its very frustrating - I hope someone can help as I am sure this is a simple matter once explained clearly enough.

Many thanks in advance

Costa

[fajarpri]

Hi Costa,
Sorry I haven't continued my research on this as I'm working on another subject.
Anyway, I really want to make Zimbra and Openfiler work together too.
Hopefully I can tunnel my resources into this matter again soon.
Please let me know if you have any news.

[cyberdex]

I'm interested in seeing this work as well, with minimal backflips and opportunity for you-are-screwed after updating either product. I want the world :-)