Sync openLDAP / Zimbra LDAP after account provisioning

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
gerardsd
Posts: 6
Joined: Sat Sep 13, 2014 3:04 am

Sync openLDAP / Zimbra LDAP after account provisioning

Postby gerardsd » Thu Mar 21, 2013 5:15 am

Hi there,
I am using ZCS 8.0.2 with external LDAP connection which is working fine.

When I login to ZCS with an existing openLDAP account, ZCS is getting all configured information via zimbraAutoProvAttrMap from openLDAP.
But if I change anything in openLDAP after the account is provisioned to ZCS, ZCS is not getting the changes from openLDAP until I delete this existing account in ZCS and use the autoprov-mech again.
Is there a way to sync account information from openLDAP->Zimbra for existing accounts?
When I do a "zmprov syg xyz.com" zimbra is getting the new information, but doesn't update the account.
Thanks in advance,
rg Dom


gerardsd
Posts: 6
Joined: Sat Sep 13, 2014 3:04 am

Sync openLDAP / Zimbra LDAP after account provisioning

Postby gerardsd » Mon Mar 25, 2013 2:53 am

Good morning,
anyone? :(
GlobalAdvisorsIT
Posts: 11
Joined: Sat Sep 13, 2014 3:18 am

Sync openLDAP / Zimbra LDAP after account provisioning

Postby GlobalAdvisorsIT » Wed Jan 08, 2014 3:33 pm

Hi Dom
You wrote:
gerardsd wrote:Hi there,
I am using ZCS 8.0.2 with external LDAP connection which is working fine.

When I login to ZCS with an existing openLDAP account, ZCS is getting all configured information via zimbraAutoProvAttrMap from openLDAP.
But if I change anything in openLDAP after the account is provisioned to ZCS, ZCS is not getting the changes from openLDAP until I delete this existing account in ZCS and use the autoprov-mech again.
Is there a way to sync account information from openLDAP->Zimbra for existing accounts?
When I do a "zmprov syg xyz.com" zimbra is getting the new information, but doesn't update the account.
Thanks in advance,
rg Dom

I am on ZCS 8.0.6 FOSS and my accounts auto provision, but attribute changes do not.
Release 8.0.6.GA.5922.UBUNTU12.64 UBUNTU12_64 FOSS edition.
Regards
Marc
jorgemop
Posts: 15
Joined: Sat Sep 13, 2014 3:27 am

Sync openLDAP / Zimbra LDAP after account provisioning

Postby jorgemop » Tue Apr 01, 2014 3:51 pm

i'm on the same path, openldap/samba server fully functional and a new server Zimbra, configure the authentication method to external ldap, (the bind test works fine), but my users account are on openldap/samba server. according understand is necessary:
1- create the accounts on zimbra server

2- establish some kind of synchronization
the first topic i think that make it by creation a file with all accounts and later "zmprov ca
the second topic i don't know how to make it. A key functionality of zimbra should be "integration" and i dont see it.
thanks for all your opinions and corrections
jorgemop
Posts: 15
Joined: Sat Sep 13, 2014 3:27 am

Sync openLDAP / Zimbra LDAP after account provisioning

Postby jorgemop » Tue Apr 01, 2014 10:17 pm

hi, you wrote "I am using ZCS 8.0.2 with external LDAP connection which is working fine."
how do you that please, my hair is falling.
A key functionality of zimbra should be "integration" but i don't find the path.
I configure the authentication method to external ldap and works fine, but my user still in the openldap/samba server. you know how to do this first syncro?...
the next step its manage the mailbox / account on the zimbra server from openldap/samba server, but one step at time.
thanks for help, greetings



PD: excuse my English, my natal language is Spanish
JOvalles P.
Posts: 27
Joined: Thu Jun 18, 2015 3:00 pm

Sync openLDAP / Zimbra LDAP after account provisioning

Postby JOvalles P. » Thu Jul 02, 2015 3:44 pm

you can did the AutoProv with zimbra and openldap in eager mode, like this:


First External auth:


zimbraAdminConsoleLDAPAuthEnabled: FALSE
zimbraAuthFallbackToLocal: FALSE
zimbraAuthLdapSearchBase: ou=Personas,ou=Usuarios,dc=mydomain.com,dc=com
zimbraAuthLdapSearchBindDn: cn=Admin,dc=mydomain.com,dc=com
zimbraAuthLdapSearchBindPassword: 123456
zimbraAuthLdapSearchFilter: (&(uid=%u)(objectClass=OrganizationalPerson))
zimbraAuthLdapStartTlsEnabled: FALSE
zimbraAuthLdapURL: ldap://10.5.5.4:389
zimbraAuthMech: ldap



Second AutoProv:  example: 


zmprov md mydomain.com zimbraAutoProvAccountNameMap uid
zmprov md mydomain.com zimbraAutoProvLdapBindDn %u@mydomain.com
zmprov md mydomain.com zimbraAutoProvLdapSearchFilter "(&(|(objectclass=inetOrgPerson)))"
zmprov md mydomain.com zimbraAutoProvBatchSize 500
zmprov md mydomain.com zimbraAutoProvLastPolledTimestamp 20150702100000Z
zmprov md mydomain.com zimbraAutoProvLdapAdminBindDn "cn=Admin,dc=mydomain.com,dc=com"
zmprov md mydomain.com zimbraAutoProvLdapAdminBindPassword "123456"
zmprov md mydomain.com zimbraAutoProvLdapSearchBase "dc=mydomain,dc=com"
zmprov md mydomain.com zimbraAutoProvLdapURL "ldap://10.5.5.4:389"
zmprov md mydomain.com zimbraAutoProvMode EAGER
zmprov md mydomain.com zimbraAutoProvAuthMech LDAP
zmprov ms zimbrapro.innotech.com zimbraAutoProvPollingInterval 5 minutes
zmprov ms zimbrapro.innotech.com +zimbraAutoProvScheduledDomains mydomain.com
zmprov md mydomain.com zimbraAutoProvAttrMap cn=displayName
zmprov md mydomain.com +zimbraAutoProvAttrMap sn=sn
zmprov md mydomain.com +zimbraAutoProvAttrMap title=description
zmprov md mydomain.com +zimbraAutoProvAttrMap givenName=givenName



Now, the sync post AutoProv process is a mystery. 


Is really useful when i did a delete / create / modify a user of my external ldap automatically been deletes in zimbra


Anyone know how did this? 

daniele.antolini
Posts: 33
Joined: Fri Jul 08, 2016 7:41 am

Re: Sync openLDAP / Zimbra LDAP after account provisioning

Postby daniele.antolini » Thu May 03, 2018 11:54 am

Hello,

I need a sync post-provisioning too. I am on ZIMBRA NE 8.8.8
daniele.antolini
Posts: 33
Joined: Fri Jul 08, 2016 7:41 am

Re: Sync openLDAP / Zimbra LDAP after account provisioning

Postby daniele.antolini » Fri Jun 15, 2018 6:27 pm

Hello,

check my topic "Sync from external ldap attribute to zimbra attribute after auto-provisioning".
I've just written a bash script to do this job. Please, test it

On the script, on commented lines, there is only a function to automatically delete Zimbra User when you delete from LDAP. Check it!

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 25 guests