Zarafa Novell eDirectory integration

From Zarafa wiki

(Difference between revisions)
Jump to: navigation, search
(New page: The following ldap configuration file can be used to integrate Zarafa with a Novell eDirectory. <nowiki> ############################################################## # LDAP/ACT...)
 
(10 intermediate revisions not shown)
Line 1: Line 1:
The following ldap configuration file can be used to integrate Zarafa with a Novell eDirectory.
The following ldap configuration file can be used to integrate Zarafa with a Novell eDirectory.
-
<nowiki>
+
<pre>
-
    ##############################################################
+
ldap_host = localhost
-
    #  LDAP/ACTIVE DIRECTORY USER PLUGIN SETTINGS
+
ldap_port = 389
-
    #
+
ldap_protocol = ldap
-
    # Any of these directives that are required, are only required if the
+
ldap_server_charset = utf-8
-
    # userplugin parameter is set to ldap.
+
ldap_bind_user =  cn=zarafa,ou=tu,o=be
 +
ldap_bind_passwd =  password
 +
ldap_network_timeout = 30
 +
ldap_search_base = o=be
 +
ldap_object_type_attribute = objectClass
 +
ldap_user_type_attribute_value = zarafa-user
 +
ldap_group_type_attribute_value = zarafa-group
 +
ldap_contact_type_attribute_value = zarafa-contact
 +
ldap_company_type_attribute_value = organizationalUnit
 +
ldap_addresslist_type_attribute_value = zarafa-addresslist
 +
ldap_dynamicgroup_type_attribute_value = zarafa-dynamicgroup
 +
ldap_user_search_filter =  (objectClass=zarafa-user)
 +
ldap_user_unique_attribute =  uid
 +
ldap_user_unique_attribute_type = text
 +
ldap_fullname_attribute = fullname
 +
ldap_loginname_attribute = uid
 +
ldap_password_attribute = userPassword
 +
ldap_authentication_method = bind
 +
ldap_emailaddress_attribute = mail
 +
ldap_emailaliases_attribute = zarafaAliases
 +
ldap_isadmin_attribute = zarafaAdmin
 +
ldap_nonactive_attribute =
 +
ldap_resource_type_attribute = zarafaResourceType
 +
ldap_resource_capacity_attribute = zarafaResourceCapacity
 +
ldap_sendas_attribute = zarafaSendAsPrivilege
 +
ldap_sendas_attribute_type = text
 +
ldap_sendas_relation_attribute =
 +
ldap_user_certificate_attribute = userCertificate
 +
!propmap /etc/zarafa/ldap.propmap.cfg
 +
ldap_group_search_filter = (objectClass=group)
 +
ldap_group_unique_attribute = cn
 +
ldap_group_unique_attribute_type = text
 +
ldap_groupname_attribute = cn
 +
ldap_groupmembers_attribute = member
 +
ldap_groupmembers_attribute_type = dn
 +
ldap_groupmembers_relation_attribute = 
 +
ldap_group_security_attribute = zarafaSecurityGroup
 +
ldap_group_security_attribute_type = boolean
 +
ldap_company_search_filter =
 +
ldap_company_unique_attribute = ou
 +
ldap_company_unique_attribute_type = text
 +
ldap_companyname_attribute = ou
 +
ldap_company_view_attribute = zarafaViewPrivilege
 +
ldap_company_view_attribute_type = text
 +
ldap_company_view_relation_attribute =
 +
ldap_company_admin_attribute = zarafaAdminPrivilege
 +
ldap_company_admin_attribute_type = text
 +
ldap_company_admin_relation_attribute =
 +
ldap_company_system_admin_attribute = zarafaSystemAdmin
 +
ldap_company_system_admin_attribute_type = text
 +
ldap_company_system_admin_relation_attribute =
 +
ldap_dynamicgroup_search_filter =
 +
ldap_dynamicgroup_unique_attribute = cn
 +
ldap_dynamicgroup_unique_attribute_type = text
 +
ldap_dynamicgroup_filter_attribute = zarafaFilter
 +
ldap_dynamicgroup_search_base_attribute = zarafaBase
 +
ldap_dynamicgroup_name_attribute = cn
 +
ldap_quota_userwarning_recipients_attribute = zarafaQuotaUserWarningRecipients
 +
ldap_quota_userwarning_recipients_attribute_type = text
 +
ldap_quota_userwarning_recipients_relation_attribute =
 +
ldap_quota_companywarning_recipients_attribute = zarafaQuotaCompanyWarningRecipients
 +
ldap_quota_companywarning_recipients_attribute_type = text
 +
ldap_quota_companywarning_recipients_relation_attribute =
 +
ldap_quotaoverride_attribute = zarafaQuotaOverride
 +
ldap_warnquota_attribute = zarafaQuotaWarn
 +
ldap_softquota_attribute = zarafaQuotaSoft
 +
ldap_hardquota_attribute = zarafaQuotaHard
 +
ldap_userdefault_quotaoverride_attribute = zarafaUserDefaultQuotaOverride
 +
ldap_userdefault_warnquota_attribute = zarafaUserDefaultQuotaWarn
 +
ldap_userdefault_softquota_attribute = zarafaUserDefaultQuotaSoft
 +
ldap_userdefault_hardquota_attribute = zarafaUserDefaultQuotaHard
 +
ldap_quota_multiplier = 1
 +
ldap_addressbook_hide_attribute = zarafaHidden
 +
</pre>
-
    # LDAP host name/IP address
+
You can also download the Zarafa 7 LDIF schema below, this is directly from LDAP.
-
    # Optional, default = localhost
+
eDirectory is LDAP v3 compliant, you can import this schema using the ICE plugin.
-
    ldap_host =
+
-
    # LDAP port
+
[http://www.zarafa.com/wiki/index.php/File:Ldap.zip Zarafa 7.0 LDIF schema for LDAP and eDirectory]
-
    # Optional, default = 389
+
-
    # Use 636 for ldaps
+
-
    ldap_port = 389
+
-
 
+
-
    # LDAP protocol
+
-
    # Optional, default = ldap
+
-
    # use 'ldaps' for SSL encryption. Make sure /etc/ldap/ldap.conf is
+
-
    # configured correctly with TLS_CACERT
+
-
    ldap_protocol = ldap
+
-
 
+
-
    # The DN of the user to bind as for normal operations (not used for
+
-
    # authentication if ldap_authentication_method is set to "bind"
+
-
    # Optional, default = empty (anonymous bind)
+
-
    # The userPassword attribute must be readable for this user if the
+
-
    # ldap_authentication_method option is set to password.
+
-
    ldap_bind_user =  cn=admin,o=zarafa
+
-
 
+
-
    # LDAP bind password
+
-
    # Optional, default = empty (no password)
+
-
    ldap_bind_passwd =  zarafa
+
-
 
+
-
    # Search for users starting from this DN
+
-
    # Required
+
-
    ldap_user_search_base =  o=zarafa
+
-
 
+
-
    # Search method to find a user, can be: base, one or sub
+
-
    # Default: sub
+
-
    ldap_user_scope = sub
+
-
 
+
-
    # Search for users using this LDAP filter. See ldap_search(3) or RFC
+
-
    # 2254 for details on the filter syntax.
+
-
    # Optional, default = empty (match everything)
+
-
    # For active directory, use:
+
-
    #  (&(objectClass=person)(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
+
-
    # For LDAP with posix users, use:
+
-
    #  (objectClass=posixAccount)
+
-
    ldap_user_search_filter =  (objectClass=Person)
+
-
 
+
-
    # unique user id for find the user
+
-
    # Required
+
-
    # For active directory, use:
+
-
    #    objectSid
+
-
    # For LDAP with posixAccount, use:
+
-
    #    uidNumber
+
-
    ldap_user_unique_attribute =  uid
+
-
 
+
-
    # Type of unique user id
+
-
    # default: text
+
-
    # For active directory, use:
+
-
    #      binary
+
-
    # For LDAP with posix user, use:
+
-
    #      text
+
-
    ldap_user_unique_attribute_type = text
+
-
 
+
-
    # Search for groups starting from this DN
+
-
    # Required
+
-
    ldap_group_search_base =  o=zarafa
+
-
 
+
-
    # Search method to find a group, can be: base, one or sub
+
-
    # Default: sub
+
-
    ldap_group_scope = sub
+
-
 
+
-
    # Search for groups using this LDAP filter. See ldap_search(3) for
+
-
    # details on the filter syntax.
+
-
    # Optional, default = empty (match everything)
+
-
    # For active directory, use:
+
-
    #  (objectClass=group)
+
-
    # For LDAP with posix groups, use:
+
-
    #  (objectClass=posixGroup)
+
-
    ldap_group_search_filter =  (objectClass=Group)
+
-
 
+
-
    # unique group id for find the group
+
-
    # Required
+
-
    # For active directory, use:
+
-
    #    objectSid
+
-
    # For LDAP with posix group, use:
+
-
    #    gidNumber
+
-
    ldap_group_unique_attribute =  cn
+
-
 
+
-
    # Type of unique group id
+
-
    # default: text
+
-
    # For active directory, use:
+
-
    #      binary
+
-
    # For LDAP with posix group, use:
+
-
    #      text
+
-
    ldap_group_unique_attribute_type = text
+
-
 
+
-
    # Optional, default = cn
+
-
    # For active directory, use:
+
-
    #  displayName
+
-
    # For LDAP with posix user, use:
+
-
    #  cn
+
-
    ldap_fullname_attribute = cn
+
-
 
+
-
    # Optional, default = uid
+
-
    # Active directory: sAMAccountName
+
-
    # LDAP: uid
+
-
    ldap_loginname_attribute = uid
+
-
 
+
-
    # Optional, default = userPassword
+
-
    # Active directory: unicodePwd
+
-
    # LDAP: userPassword
+
-
    ldap_password_attribute = userPassword
+
-
 
+
-
    # Optional, default = mail
+
-
    # Active directory: mail
+
-
    # LDAP: mail
+
-
    ldap_emailaddress_attribute = mail
+
-
 
+
-
    # Whether the user is an admin.  The field is interpreted as a
+
-
    # boolean, 0 and false (case insensitive) meaning no, all other values
+
-
    # yes.
+
-
    # Optional, default = zarafaAdmin
+
-
    # Active directory: zarafaAdmin
+
-
    # LDAP: zarafaAdmin
+
-
    ldap_isadmin_attribute = zarafaAdmin
+
-
 
+
-
    # Whether a user is a non-active user. This means that the user will
+
-
    # not count towards your user count, but the user will also not be
+
-
    # able to log in
+
-
    # Optional, default = zarafaSharedStoreOnly
+
-
    # Active directory: zarafaSharedStoreOnly
+
-
    # LDAP: zarafaSharedStoreOnly
+
-
    ldap_nonactive_attribute = zarafaSharedStoreOnly
+
-
 
+
-
    # If set to bind, users are authenticated by trying to bind to the
+
-
    # LDAP tree using their username + password.  Otherwise, the
+
-
    # ldap_password_attribute is requested and checked.
+
-
    # Optional, default = bind
+
-
    # Choices: bind, password
+
-
    # Active directory: bind
+
-
    # LDAP: password
+
-
    ldap_authentication_method = bind
+
-
 
+
-
    # Whether to override the system wide quota settings
+
-
    ldap_quotaoverride_attribute = zarafaQuotaOverride
+
-
 
+
-
    ldap_warnquota_attribute = zarafaQuotaWarn
+
-
    ldap_softquota_attribute = zarafaQuotaSoft
+
-
    ldap_hardquota_attribute = zarafaQuotaHard
+
-
 
+
-
    # Mapping from the quota attributes to a number of bytes.  Qmail-LDAP
+
-
    # schema uses bytes (1), ADS uses kilobytes (1024).
+
-
    ldap_quota_multiplier =  1048576
+
-
 
+
-
    # Optional, default = cn
+
-
    # Active directory: cn
+
-
    # LDAP: cn
+
-
    ldap_groupname_attribute = cn
+
-
 
+
-
    # Optional, default = member
+
-
    # Active directory: member
+
-
    # LDAP: member
+
-
    ldap_groupmembers_attribute =  uniqueMember
+
-
 
+
-
    # Optional, default = name
+
-
    # Active directory: dn
+
-
    # LDAP: name
+
-
    ldap_groupmembers_attribute_type =  dn
+
-
 
+
-
    # The attribute of the user which is listed in ldap_groupmember_attribute
+
-
    # Empty default, using ldap_user_unique_attribute
+
-
    ldap_groupmembers_relation_attribute =
+
-
 
+
-
    # The charset that strings are stored in on the LDAP server. Normally this
+
-
    # is utf-8, but this can differ according to your setup. The charset specified
+
-
    # here must be supported by your iconv(1) setup. See iconv -l for all charset
+
-
    ldap_server_charset = utf-8
+
-
</nowiki>
+

Latest revision as of 09:11, 2 December 2011

The following ldap configuration file can be used to integrate Zarafa with a Novell eDirectory.

ldap_host = localhost
ldap_port = 389
ldap_protocol = ldap
ldap_server_charset = utf-8
ldap_bind_user =  cn=zarafa,ou=tu,o=be
ldap_bind_passwd =  password
ldap_network_timeout = 30
ldap_search_base = o=be
ldap_object_type_attribute = objectClass
ldap_user_type_attribute_value = zarafa-user
ldap_group_type_attribute_value = zarafa-group
ldap_contact_type_attribute_value = zarafa-contact
ldap_company_type_attribute_value = organizationalUnit
ldap_addresslist_type_attribute_value = zarafa-addresslist
ldap_dynamicgroup_type_attribute_value = zarafa-dynamicgroup
ldap_user_search_filter =  (objectClass=zarafa-user)
ldap_user_unique_attribute =  uid
ldap_user_unique_attribute_type = text
ldap_fullname_attribute = fullname
ldap_loginname_attribute = uid
ldap_password_attribute = userPassword
ldap_authentication_method = bind
ldap_emailaddress_attribute = mail
ldap_emailaliases_attribute = zarafaAliases
ldap_isadmin_attribute = zarafaAdmin
ldap_nonactive_attribute =
ldap_resource_type_attribute = zarafaResourceType
ldap_resource_capacity_attribute = zarafaResourceCapacity
ldap_sendas_attribute = zarafaSendAsPrivilege
ldap_sendas_attribute_type = text
ldap_sendas_relation_attribute =
ldap_user_certificate_attribute = userCertificate
!propmap /etc/zarafa/ldap.propmap.cfg
ldap_group_search_filter = (objectClass=group)
ldap_group_unique_attribute = cn
ldap_group_unique_attribute_type = text
ldap_groupname_attribute = cn
ldap_groupmembers_attribute = member
ldap_groupmembers_attribute_type = dn
ldap_groupmembers_relation_attribute =  
ldap_group_security_attribute = zarafaSecurityGroup
ldap_group_security_attribute_type = boolean
ldap_company_search_filter =
ldap_company_unique_attribute = ou
ldap_company_unique_attribute_type = text
ldap_companyname_attribute = ou
ldap_company_view_attribute = zarafaViewPrivilege
ldap_company_view_attribute_type = text
ldap_company_view_relation_attribute =
ldap_company_admin_attribute = zarafaAdminPrivilege
ldap_company_admin_attribute_type = text
ldap_company_admin_relation_attribute =
ldap_company_system_admin_attribute = zarafaSystemAdmin
ldap_company_system_admin_attribute_type = text
ldap_company_system_admin_relation_attribute =
ldap_dynamicgroup_search_filter =
ldap_dynamicgroup_unique_attribute = cn
ldap_dynamicgroup_unique_attribute_type = text
ldap_dynamicgroup_filter_attribute = zarafaFilter
ldap_dynamicgroup_search_base_attribute = zarafaBase
ldap_dynamicgroup_name_attribute = cn
ldap_quota_userwarning_recipients_attribute = zarafaQuotaUserWarningRecipients
ldap_quota_userwarning_recipients_attribute_type = text
ldap_quota_userwarning_recipients_relation_attribute =
ldap_quota_companywarning_recipients_attribute = zarafaQuotaCompanyWarningRecipients
ldap_quota_companywarning_recipients_attribute_type = text
ldap_quota_companywarning_recipients_relation_attribute =
ldap_quotaoverride_attribute = zarafaQuotaOverride
ldap_warnquota_attribute = zarafaQuotaWarn
ldap_softquota_attribute = zarafaQuotaSoft
ldap_hardquota_attribute = zarafaQuotaHard
ldap_userdefault_quotaoverride_attribute = zarafaUserDefaultQuotaOverride
ldap_userdefault_warnquota_attribute = zarafaUserDefaultQuotaWarn
ldap_userdefault_softquota_attribute = zarafaUserDefaultQuotaSoft
ldap_userdefault_hardquota_attribute = zarafaUserDefaultQuotaHard
ldap_quota_multiplier = 1
ldap_addressbook_hide_attribute = zarafaHidden 

You can also download the Zarafa 7 LDIF schema below, this is directly from LDAP. eDirectory is LDAP v3 compliant, you can import this schema using the ICE plugin.

Zarafa 7.0 LDIF schema for LDAP and eDirectory

Personal tools