Zimbra mail server using LDAP as default account database, but we may also use external LDAP/AD as Zimbra user authentication. This tutorial will cover how to use openSUSE/SLESÂ PDC+OpenLDAP user as Zimbra user authentication.
SAMBA PDC CONFIGURATION
I’m using openSUSE 11.2 with Samba PDC+OpenLDAP but tutorial may also applied on another openSUSE version or on SLES. In this example, server hostname is host pdc.vavai.info (192.168.0.6), with bind DN cn=Administrator, dc=vavai, dc=info and using 2 LDAP ports : standard port 389 and SSL port 636. Don’t forget to add these ports as an allowed port on firewall.
ZIMBRA CONFIGURATION
- Login to Zimbra Admin
- Go to Domain on left pane menu
- Choose domain to be configure. If we have multi domain schema on Zimbra, we must configuring external authentication for each domain, even if all domain using same LDAP server
- Choose Configure Authentication menu.
- On Authentication Mode choose External LDAP
- Fill in the configuration of Samba LDAP. Take a look on the following picture for a configuration example
Adjust the configuration with your own setting and then click Next. - Next wizard are LDAP bind DN configuration. Bind DN is the configuration of admin user/manager used for accessing LDAP data. Click on Use DN/Password to bind to external server check box and then fill the bind DN text box. I’m using cn=Administrator,dc=vavai,dc=info as Samba PDC+openLDAP bind DN. Don’t forget to fill in the bind DN password (admin user/LDAP manager password)
- On next wizard, use Samba PDC user account as user name and password and then click Test for testing Samba PDC+OpenLDAP connection. Zimbra will response with Authentication Test Result : Authentication test successful message if Samba PDC+OpenLDAP has connected successfully.
`
Please remember that the above configuration still need an inbox account on Zimbra mail server so you must create the appropriate account with no password on Zimbra to map user on Samba PDC with their mailbox. Zimbra account do not need password because password will be pass to LDAP account on Samba PDC.
If you wish to integrating Samba & Zimbra user as fully single user name, mailbox and password, please refer to UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI
I’m using this external authorization against LDAP (Samba + LDAP domain) for a year already. Works perfect, but it is time to upgrade my samba server, because of Win7. Right now i have 3.0.28a (Ubuntu LTS 8.04.3). Win7 is not allowed to authorize against Samba domain, that is built on older releases than 3.3.4 i guess.
Keep on writing 😉 Great manuals 🙂