Single GAL for multiple domains

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
bakkerl
Posts: 5
Joined: Sat Sep 13, 2014 3:30 am

Single GAL for multiple domains

Postby bakkerl » Sat Feb 08, 2014 3:34 pm

Hi All,
I created 2 domains and a admin user for the first domain. Used

NE_admin_guide_8.Creating_Delegated_Administrator_Roles

to give the admin rights to created users for both domains.
With the admin user created 2 users for each domain.
If a created user now logs in and searches in the addressbook, only

users from his own domain are returned. Where i would expected that

users from both domains are listed.
How can i config this?


bakkerl
Posts: 5
Joined: Sat Sep 13, 2014 3:30 am

Single GAL for multiple domains

Postby bakkerl » Tue Feb 11, 2014 5:01 pm

Till https://bugzilla.zimbra.com/show_bug.cgi?id=7426 is implemented, i can live with the following script...
#! /bin/sh
domains1=( domainA.eu domainB.eu)

domains2=( domainC.eu domainD.eu domainE.eu )
for j in {1..2}

do

n="domains$j[@]"

arr=("${!n}")

echo "Share GAL Domains: ${!n}"

for (( k = 0 ; k
do

echo "Processing: ${arr[$k]}"

for (( d = 0 ; d
do

sourcedomain=`echo ${arr[$k]} | cut -f1 -d'.'`

sourceext=`echo ${arr[$k]} | cut -f2 -d'.'`
if [ ${arr[$k]} != ${arr[$d]} ]; then

echo " ${arr[$k]} --> ${arr[$d]}"
targetdomain=`echo ${arr[$d]} | cut -f1 -d'.'`

targetext=`echo ${arr[$d]} | cut -f2 -d'.'`
zmgsautil addDataSource -a galsync@${arr[$k]}

-n ${sourcedomain}${sourceext}${targetdomain}${targetext}Gal

--domain ${arr[$k]}

-t ldap

-f _${sourcedomain}${sourceext}${targetdomain}${targetext}Gal

-p 1m

2>/dev/null 1>&2


zmprov mds galsync@${arr[$k]} ${sourcedomain}${sourceext}${targetdomain}${targetext}Gal

zimbraGalSyncLdapBindDn

zimbraGalSyncLdapBindPassword

zimbraGalSyncLdapFilter '(&(|(sn=%s*)(gn=%s*)(mail=%s*)))'

zimbraGalSyncLdapSearchBase dc=${targetdomain},dc=${targetext}

zimbraGalSyncLdapURL ldap://:389
zmgsautil forceSync -a galsync@${arr[$k]} -n ${sourcedomain}${sourceext}${targetdomain}${targetext}Gal

fi

done

done

echo

done


GAL should be set to both in the admin interface.
This wil make that DomainA and DomainB see each other users, the same for DomainC, DomainD and DomainE.

Drawback (for which i can find at this moment) is that resources from DomainB are shown as users at DomainA

Return to “Administrators”

Who is online

Users browsing this forum: Alexa [Bot], virtarch and 15 guests