Zarafa Novell eDirectory integration
From Zarafa wiki
(Difference between revisions)
| Line 185: | Line 185: | ||
To extend eDirectory with the Zarafa schema you need to have a ldif file. I added in the attachment the converted Zarafa schema to ldif. With the ICE plugin in the eDirectory iManager you can import the ldif file. | To extend eDirectory with the Zarafa schema you need to have a ldif file. I added in the attachment the converted Zarafa schema to ldif. With the ICE plugin in the eDirectory iManager you can import the ldif file. | ||
| - | + | [Image:Ldif.zip] | |
Revision as of 09:56, 28 November 2008
The following ldap configuration file can be used to integrate Zarafa with a Novell eDirectory.
##############################################################
# LDAP/ACTIVE DIRECTORY USER PLUGIN SETTINGS
#
# Any of these directives that are required, are only required if the
# userplugin parameter is set to ldap.
# LDAP host name/IP address
# Optional, default = localhost
ldap_host =
# LDAP port
# Optional, default = 389
# Use 636 for ldaps
ldap_port = 389
# LDAP protocol
# Optional, default = ldap
# use 'ldaps' for SSL encryption. Make sure /etc/ldap/ldap.conf is
# configured correctly with TLS_CACERT
ldap_protocol = ldap
# The DN of the user to bind as for normal operations (not used for
# authentication if ldap_authentication_method is set to "bind"
# Optional, default = empty (anonymous bind)
# The userPassword attribute must be readable for this user if the
# ldap_authentication_method option is set to password.
ldap_bind_user = cn=admin,o=zarafa
# LDAP bind password
# Optional, default = empty (no password)
ldap_bind_passwd = password
# Search for users starting from this DN
# Required
ldap_user_search_base = o=zarafa
# Search method to find a user, can be: base, one or sub
# Default: sub
ldap_user_scope = sub
# Search for users using this LDAP filter. See ldap_search(3) or RFC
# 2254 for details on the filter syntax.
# Optional, default = empty (match everything)
# For active directory, use:
# (&(objectClass=person)(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
# For LDAP with posix users, use:
# (objectClass=posixAccount)
ldap_user_search_filter = (objectClass=Person)
# unique user id for find the user
# Required
# For active directory, use:
# objectSid
# For LDAP with posixAccount, use:
# uidNumber
ldap_user_unique_attribute = uid
# Type of unique user id
# default: text
# For active directory, use:
# binary
# For LDAP with posix user, use:
# text
ldap_user_unique_attribute_type = text
# Search for groups starting from this DN
# Required
ldap_group_search_base = o=zarafa
# Search method to find a group, can be: base, one or sub
# Default: sub
ldap_group_scope = sub
# Search for groups using this LDAP filter. See ldap_search(3) for
# details on the filter syntax.
# Optional, default = empty (match everything)
# For active directory, use:
# (objectClass=group)
# For LDAP with posix groups, use:
# (objectClass=posixGroup)
ldap_group_search_filter = (objectClass=Group)
# unique group id for find the group
# Required
# For active directory, use:
# objectSid
# For LDAP with posix group, use:
# gidNumber
ldap_group_unique_attribute = cn
# Type of unique group id
# default: text
# For active directory, use:
# binary
# For LDAP with posix group, use:
# text
ldap_group_unique_attribute_type = text
# Optional, default = cn
# For active directory, use:
# displayName
# For LDAP with posix user, use:
# cn
ldap_fullname_attribute = cn
# Optional, default = uid
# Active directory: sAMAccountName
# LDAP: uid
ldap_loginname_attribute = uid
# Optional, default = userPassword
# Active directory: unicodePwd
# LDAP: userPassword
ldap_password_attribute = userPassword
# Optional, default = mail
# Active directory: mail
# LDAP: mail
ldap_emailaddress_attribute = mail
# Whether the user is an admin. The field is interpreted as a
# boolean, 0 and false (case insensitive) meaning no, all other values
# yes.
# Optional, default = zarafaAdmin
# Active directory: zarafaAdmin
# LDAP: zarafaAdmin
ldap_isadmin_attribute = zarafaAdmin
# Whether a user is a non-active user. This means that the user will
# not count towards your user count, but the user will also not be
# able to log in
# Optional, default = zarafaSharedStoreOnly
# Active directory: zarafaSharedStoreOnly
# LDAP: zarafaSharedStoreOnly
ldap_nonactive_attribute = zarafaSharedStoreOnly
# If set to bind, users are authenticated by trying to bind to the
# LDAP tree using their username + password. Otherwise, the
# ldap_password_attribute is requested and checked.
# Optional, default = bind
# Choices: bind, password
# Active directory: bind
# LDAP: password
ldap_authentication_method = bind
# Whether to override the system wide quota settings
ldap_quotaoverride_attribute = zarafaQuotaOverride
ldap_warnquota_attribute = zarafaQuotaWarn
ldap_softquota_attribute = zarafaQuotaSoft
ldap_hardquota_attribute = zarafaQuotaHard
# Mapping from the quota attributes to a number of bytes. Qmail-LDAP
# schema uses bytes (1), ADS uses kilobytes (1024).
ldap_quota_multiplier = 1048576
# Optional, default = cn
# Active directory: cn
# LDAP: cn
ldap_groupname_attribute = cn
# Optional, default = member
# Active directory: member
# LDAP: member
ldap_groupmembers_attribute = uniqueMember
# Optional, default = name
# Active directory: dn
# LDAP: name
ldap_groupmembers_attribute_type = dn
# The attribute of the user which is listed in ldap_groupmember_attribute
# Empty default, using ldap_user_unique_attribute
ldap_groupmembers_relation_attribute =
# The charset that strings are stored in on the LDAP server. Normally this
# is utf-8, but this can differ according to your setup. The charset specified
# here must be supported by your iconv(1) setup. See iconv -l for all charset
ldap_server_charset = utf-8
To extend eDirectory with the Zarafa schema you need to have a ldif file. I added in the attachment the converted Zarafa schema to ldif. With the ICE plugin in the eDirectory iManager you can import the ldif file.
[Image:Ldif.zip]
