Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: external auth

  1. #1
    Join Date
    May 2006
    Posts
    81
    Rep Power
    9

    Default external auth

    Hi ,

    Can anyone tell me , a novice , how to set up external authentication against
    OpenLDAP ? I want to use my own openLDAP server instead of the one that ships with zimbra ... AND i want it to be on the same server machine as zimbra ... so I need different ports I guess .

    I don't understand all the fields in the admin console for external auth ... can someone post what exactly they have entered there for each field . I am stuck and any help/advice appreciated .

  2. #2
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Check out the admin guide the docs are pretty clear on how to setup external auth.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  3. #3
    Join Date
    May 2006
    Posts
    81
    Rep Power
    9

    Default admin guide

    No I am afraid the admin guide won't do it ... if someone can please post what they have entered into those fields ... there is no mention of that in the guide as far as I can tell . What I have tried up to now has not worked . Thanks . Any help much appreciated .

  4. #4
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    What have you tried? What error are you getting? Can you connect to your LDAP server with ldapsearch?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  5. #5
    Join Date
    May 2006
    Posts
    81
    Rep Power
    9

    Default external auth

    Thanks , I will get back to tommorrow with more info if you think it might help but this is the error I get in admin console when I run test .


    I get
    'javax.naming.AuthenticationException LDAP : error code 49 : Invalida Credentials' when I run Test ( Authentication in Admin console )

    In my LDAP ( openLdap ) I have
    rootdn : dn : cn=Manager,dc=localhost,dc=localdomain .
    rootpw : qwerty

    So in LDAP Authentication in zimbra's admin console :

    Authentication mechanism : External LDAP
    LDAP Url : ldap://localhost:389
    LDAP Filter : (cn = %u)
    LDAP Search base : dc=localhost,dc=localdomain

    Bind DN : cn=Manager,dc=localhost,dc=localdomain

  6. #6
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Well from the error it's clear the password or bind dn is wrong. Can you validate you've got the password right by binding first with ldapsearch?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  7. #7
    Join Date
    May 2006
    Posts
    81
    Rep Power
    9

    Default openldap

    I just checked ldapsearch and it works fine with
    ldapsearch -x -b 'dc=localhost,dc=localdomain' '(objectclass=*)'

    however ... I have to shut off my ldap service when I install zimbra otherwise zimbra doesn't install and start properly ... when I install zimbra I specify a different port for ldap ... then after I start zimbra I also start my own openldap service ... BUT then when I run ldapsearch it is showing content from zimbra's ldap !

    So the question is how do I tell zimbra , or ldapsearch for that matter , to use another ldap that is running on the same machine ? I though by changing the port number for zimbra's ldap that that would be enough .

  8. #8
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    At this time you can't change the Zimbra LDAP port. There are hardcoded scripts that still look at 389. ldapsearch should have a way to pass it an alternate port.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  9. #9
    Join Date
    May 2006
    Posts
    81
    Rep Power
    9

    Default different error now

    I changed it so that my own ldap is running on different port ... still problem starting zimbra when I have my own ldap running ( zimbra's ldap fails to start ) . So I start zimbra first then my ldap .

    Now in admin console I get javax.naming.InvalidSearchFilterException : Missing 'equals' : remaining name 'dc=localhost,dc=localdomain' ..

    I used the same field values like last time ...

    Do I need to add the zimbra schema to my ldap ... anything else I need to add ?

  10. #10
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    If you changed the port the start order shouldn't matter. What error do you get starting Zimbra?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

Similar Threads

  1. Switching from Internal Auth to External Active Directory
    By MindexAdmin in forum Installation
    Replies: 5
    Last Post: 07-19-2007, 11:14 AM
  2. Migrating to External LDAP questions and directions
    By DVan in forum Administrators
    Replies: 0
    Last Post: 06-01-2007, 01:51 PM
  3. LDAP External Auth Fedora Directory Services
    By prpatrol in forum Administrators
    Replies: 3
    Last Post: 08-14-2006, 06:00 PM
  4. External authentification within a local network
    By Nico in forum Administrators
    Replies: 2
    Last Post: 06-06-2006, 04:02 AM
  5. Enable SMTP Auth to external users
    By VictorMedina in forum Administrators
    Replies: 1
    Last Post: 05-24-2006, 10:06 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •