Results 1 to 8 of 8

Thread: External LDAP Problem

Hybrid View

  1. #1
    Join Date
    Nov 2006
    Posts
    5
    Rep Power
    8

    Default External LDAP Problem

    I'm new to zimbra and need some help.

    I want to have Zimbra authenticate to our ldap server. My set up is as follows:

    zimbra.oddcast.com (10.0.0.90)
    ldappdc.oddcast.com (10.3.1.200) - Centos 4.4 LDAP Server

    My current slapd.conf configuration is as follows:

    include /etc/openldap/schema/core.schema
    include /etc/openldap/schema/cosine.schema
    include /etc/openldap/schema/inetorgperson.schema
    include /etc/openldap/schema/nis.schema
    include /etc/openldap/schema/misc.schema

    allow bind_v2

    pidfile /var/run/slapd.pid
    argsfile /var/run/slapd.args

    database bdb
    suffix "dc=oddcast,dc=com"
    rootdn "cn=Manager,dc=oddcast,dc=com"
    rootpw **********************************
    directory /var/lib/ldap

    QUESTION:

    My GAL is as follows:


    GAL mode:
    External
    Most results returned by GAL search:
    100
    Server type:
    LDAP
    LDAP filter:*
    (cn=*%s*)
    Autocomplete filter:
    externalLdapAutoComplete
    LDAP search base:
    dc=oddcast,dc=com
    LDAP URL:
    ldap://10.3.1.200:389
    Bind DN:
    cn=Manager,dc=oddcast,dc=com

    After testing this setup, it works.

    When I use the following for Authentication:

    Authentication mechanism:
    External LDAP
    LDAP bind DN template:
    LDAP URL::
    LDAP bind DN template:
    LDAP URL::
    ldap://10.3.1.200:389
    LDAP filter:
    (cn=%n)
    LDAP search base:
    ou=People,dc=oddcast,dc=com
    Use DN/Password to bind to external server:
    Yes
    Bind DN: cn=Manager,dc=oddcast,dc = com

    This authenticates as well.

    Is this right and if not, how do I correct it? I want to use the LDAP server to create and authenticate the accounts. The LDIF files are as shown:

    oddcast.com.ldif:

    dn: dc=oddcast,dc=com
    dc: oddcast
    description: Root LDAP entry for oddcast.com
    objectClass: dcObject
    objectClass: organizationalUnit
    ou: rootobject

    dn: ou=People, dc=oddcast,dc=com
    ou: People
    description: All people in organisation
    objectClass: organizationalUnit


    ldapusers.ldif:

    dn: uid=wfacer,ou=People,dc=oddcast,dc=com
    uid: wfacer
    cn: wfacer
    objectClass: account
    objectClass: posixAccount
    objectClass: top
    objectClass: shadowAccount
    userPassword: ----------------------------------------------------------
    shadowLastChange: 13465
    shadowMax: 99999
    shadowWarning: 7
    loginShell: /bin/bash
    uidNumber: 500
    gidNumber: 500
    homeDirectory: /home/wfacer

    dn: uid=charles,ou=People,dc=oddcast,dc=com
    uid: charles
    cn: charles
    objectClass: account
    objectClass: posixAccount
    objectClass: top
    objectClass: shadowAccount
    userPassword: --------------------------------------
    shadowLastChange: 13466
    shadowMax: 99999
    shadowWarning: 7
    loginShell: /bin/bash
    uidNumber: 502
    gidNumber: 502
    homeDirectory: /home/charles

  2. #2
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Are you having a problem? If so what is the error?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  3. #3
    Join Date
    Nov 2006
    Posts
    5
    Rep Power
    8

    Default

    I have no error but here's what I want to do. I would like to have it so my LDAP box is the one that has the account information so that I don't have to create the accounts on my Zimbra box. We want to use the LDAP box do do that.

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    You'll have to provision the accounts in Zimbra, if you need to do it with a script then look in the wiki for some details.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    Join Date
    Mar 2007
    Posts
    11
    Rep Power
    8

    Default

    Hi Phoenix,

    do you mean that in order to authenticate with external LDAP users we should first introduce them in Zimbra?

    regards,

    Felipe

  6. #6
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by gigapipe View Post
    do you mean that in order to authenticate with external LDAP users we should first introduce them in Zimbra?
    Yes, that's correct.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. external ldap authentication over SSL problem
    By eyablon in forum Administrators
    Replies: 2
    Last Post: 05-05-2014, 03:44 AM
  2. Replies: 0
    Last Post: 06-04-2007, 03:48 PM
  3. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM
  4. Authentication to external ldap stop working.
    By jahaj in forum Installation
    Replies: 3
    Last Post: 12-05-2006, 02:17 PM
  5. External LDAP - Users can't log in
    By bjimerson in forum Administrators
    Replies: 4
    Last Post: 08-20-2006, 01:27 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •