Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: Active Directory integration

  1. #11
    Join Date
    Jun 2007
    Location
    Brisbane
    Posts
    17
    Rep Power
    8

    Default

    I posted my importing procedure into this thread http://http://www.zimbra.com/forums/...tml#post123127 but declare my linux scripting skills null and void.

    Did you use ldapsearch in linux, or the perl script mentioned here http://http://www.zimbra.com/forums/...html#post58377. I ran the perl a few times, but found I could more easily just extract the information required with csvde.exe

    It would be interesting to see if there's a automated way to keep zimbra and AD in sync.

    Dallas

  2. #12
    Join Date
    Jan 2009
    Posts
    10
    Rep Power
    6

    Default

    Quote Originally Posted by enterprisetoday View Post
    I posted my importing procedure into this thread http://http://www.zimbra.com/forums/...tml#post123127 but declare my linux scripting skills null and void.

    Did you use ldapsearch in linux, or the perl script mentioned here http://http://www.zimbra.com/forums/...html#post58377. I ran the perl a few times, but found I could more easily just extract the information required with csvde.exe


    It would be interesting to see if there's a automated way to keep zimbra and AD in sync.

    Dallas
    if you have jabber account add me iclubpjc[at]gmail[dot]com or skype yurix_. It was so comfortable than forum

  3. #13
    Join Date
    Nov 2007
    Location
    HSP NC
    Posts
    77
    Rep Power
    7

    Default

    What would be great is to have an installer for Windows Servers that would enable creation of a Zimbra mailbox, filling in all contact info, email addresses and aliases, setting CoS, etc. from within ADUC to simplify the process of adding new AD users/mailboxes, just like what is available when running MS Exchange.

    Having to add the user in AD and then creating the mailbox in Zimbra as a separate task is a pain.

  4. #14
    Join Date
    Sep 2009
    Posts
    3
    Rep Power
    6

    Default Zimbra needs Winbind

    Developers, here's your new feature request. C'mon now, it can't be _that_ difficult.

  5. #15
    Join Date
    Jan 2010
    Posts
    2
    Rep Power
    5

    Default

    Quote Originally Posted by jamesregional View Post
    We have just been setting this today:

    install zimbra using all the defaults, then;
    in the admin control panel select "Domains"
    and configure GAL (Global Address List)
    and Authentication, and set both to external/AD
    configure GAL to use external only (otherwise you will end up with duplicate users).
    The ldap server is the IP of one of your AD servers.
    you will then use the search filter found on page 31 and 32 of the admin guide, add an extra ")" at the end of this filter because of a typo in the manual.
    At the bottom change the DC to match your AD domain: eg: DC=domain,DC=local
    Create a user on your AD, that you will not use, eg: zimbrauser, and with a password, use this account to BIND to active directory.
    This will pull in the user list.
    Configure "Authentication" in the same way.
    WARNING: if you do this, you will also need to enable fallback authentication, otherwise the admin user will FAIL
    on the server, su to zimbra user
    and use this command:
    zmprov md zimbraAuthFallbackToLocal TRUE
    (replacing domain with the email domain you are using
    Obrigado, ajudou bastante.

  6. #16
    Join Date
    Sep 2010
    Posts
    3
    Rep Power
    5

    Default

    Quote Originally Posted by jamesregional View Post
    We have just been setting this today:

    install zimbra using all the defaults, then;
    in the admin control panel select "Domains"
    and configure GAL (Global Address List)
    and Authentication, and set both to external/AD
    configure GAL to use external only (otherwise you will end up with duplicate users).
    The ldap server is the IP of one of your AD servers.
    you will then use the search filter found on page 31 and 32 of the admin guide, add an extra ")" at the end of this filter because of a typo in the manual.
    At the bottom change the DC to match your AD domain: eg: DC=domain,DC=local
    Create a user on your AD, that you will not use, eg: zimbrauser, and with a password, use this account to BIND to active directory.
    This will pull in the user list.
    Configure "Authentication" in the same way.
    WARNING: if you do this, you will also need to enable fallback authentication, otherwise the admin user will FAIL
    on the server, su to zimbra user
    and use this command:
    zmprov md zimbraAuthFallbackToLocal TRUE
    (replacing domain with the email domain you are using

    Hello there, I follow your steps, but every time when I try to configure GAL I get this Authentication Failed

    Code:
    javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3041)
    	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
    	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
    	at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
    	at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:293)
    	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
    	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
    	at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
    	at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
    	at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
    	at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
    	at javax.naming.InitialContext.init(InitialContext.java:223)
    	at javax.naming.ldap.InitialLdapContext.(InitialLdapContext.java:134)
    	at com.zimbra.cs.account.ldap.ZimbraLdapContext.(ZimbraLdapContext.java:488)
    	at com.zimbra.cs.account.ldap.ZimbraLdapContext.(ZimbraLdapContext.java:433)
    	at com.zimbra.cs.account.ldap.LdapUtil.searchLdapGal(LdapUtil.java:849)
    	at com.zimbra.cs.account.ldap.LdapUtil.searchLdapGal(LdapUtil.java:835)
    	at com.zimbra.cs.account.ldap.Check.checkGalConfig(Check.java:204)
    	at com.zimbra.cs.service.admin.CheckGalConfig.handle(CheckGalConfig.java:78)
    	at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEngine.java:420)
    	at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:274)
    	at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:158)
    	at com.zimbra.soap.SoapServlet.doWork(SoapServlet.java:291)
    	at com.zimbra.soap.SoapServlet.doPost(SoapServlet.java:212)
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
    	at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:181)
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    	at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
    	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
    	at com.zimbra.cs.servlet.SetHeaderFilter.doFilter(SetHeaderFilter.java:79)
    	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    	at org.mortbay.servlet.UserAgentFilter.doFilter(UserAgentFilter.java:81)
    	at org.mortbay.servlet.GzipFilter.doFilter(GzipFilter.java:132)
    	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    	at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
    	at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
    	at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
    	at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
    	at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
    	at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
    	at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
    	at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    	at org.mortbay.jetty.handler.rewrite.RewriteHandler.handle(RewriteHandler.java:230)
    	at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    	at org.mortbay.jetty.handler.DebugHandler.handle(DebugHandler.java:77)
    	at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    	at org.mortbay.jetty.Server.handle(Server.java:326)
    	at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:543)
    	at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:939)
    	at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:755)
    	at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
    	at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:405)
    	at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:413)
    	at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:451)

  7. #17
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by groenator View Post
    Hello there, I follow your steps, but every time when I try to configure GAL I get this Authentication Failed
    It usually means exactly what it says, there's a problem Authenticating. Please give exact details on the steps you've taken to get the authentication working.

    You should also have a look at some of these threads: site:zimbra.com "LDAP: error code 49" - Yahoo! Search Results
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  8. #18
    Join Date
    Sep 2010
    Posts
    3
    Rep Power
    5

    Default

    Thank you for your help, now is working, but I still when I want to authenticate with a user from AD is not working, do I need also to create the users in Zimbra?

    Regards,

  9. #19
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by groenator View Post
    Thank you for your help, now is working, but I still when I want to authenticate with a user from AD is not working, do I need also to create the users in Zimbra?
    Yes you do, provisioning a user does more than just create the mailbox.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. Replies: 1
    Last Post: 05-28-2008, 04:18 AM
  2. GAL not working with Active Directory
    By ardiederich in forum Installation
    Replies: 13
    Last Post: 02-12-2008, 07:01 PM
  3. centos 5 zimbra 4.5.6 no statistics
    By rutman286 in forum Installation
    Replies: 9
    Last Post: 08-14-2007, 09:30 AM
  4. Integration between zimbra & Windows Active Directory
    By mansuper in forum Administrators
    Replies: 1
    Last Post: 08-17-2006, 09:27 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •