Zarafa Novell eDirectory integration

From Zarafa wiki

Revision as of 09:55, 28 November 2008 by Admin (Talk | contribs)
Jump to: navigation, search

The following ldap configuration file can be used to integrate Zarafa with a Novell eDirectory.

    ##############################################################
    #  LDAP/ACTIVE DIRECTORY USER PLUGIN SETTINGS
    #
    # Any of these directives that are required, are only required if the
    # userplugin parameter is set to ldap.

    # LDAP host name/IP address
    # Optional, default = localhost
    ldap_host =

    # LDAP port
    # Optional, default = 389
    # Use 636 for ldaps
    ldap_port = 389

    # LDAP protocol
    # Optional, default = ldap
    # use 'ldaps' for SSL encryption. Make sure /etc/ldap/ldap.conf is
    # configured correctly with TLS_CACERT
    ldap_protocol = ldap

    # The DN of the user to bind as for normal operations (not used for
    # authentication if ldap_authentication_method is set to "bind"
    # Optional, default = empty (anonymous bind)
    # The userPassword attribute must be readable for this user if the
    # ldap_authentication_method option is set to password.
    ldap_bind_user =  cn=admin,o=zarafa

    # LDAP bind password
    # Optional, default = empty (no password)
    ldap_bind_passwd =  password

    # Search for users starting from this DN
    # Required
    ldap_user_search_base =  o=zarafa

    # Search method to find a user, can be: base, one or sub
    # Default: sub
    ldap_user_scope = sub

    # Search for users using this LDAP filter.  See ldap_search(3) or RFC
    # 2254 for details on the filter syntax.
    # Optional, default = empty (match everything)
    # For active directory, use:
    #   (&(objectClass=person)(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
    # For LDAP with posix users, use:
    #   (objectClass=posixAccount)
    ldap_user_search_filter =  (objectClass=Person)

    # unique user id for find the user
    # Required
    # For active directory, use:
    #    objectSid
    # For LDAP with posixAccount, use:
    #    uidNumber
    ldap_user_unique_attribute =  uid

    # Type of unique user id
    # default: text
    # For active directory, use:
    #      binary
    # For LDAP with posix user, use:
    #      text
    ldap_user_unique_attribute_type = text

    # Search for groups starting from this DN
    # Required
    ldap_group_search_base =  o=zarafa

    # Search method to find a group, can be: base, one or sub
    # Default: sub
    ldap_group_scope = sub

    # Search for groups using this LDAP filter.  See ldap_search(3) for
    # details on the filter syntax.
    # Optional, default = empty (match everything)
    # For active directory, use:
    #   (objectClass=group)
    # For LDAP with posix groups, use:
    #   (objectClass=posixGroup)
    ldap_group_search_filter =  (objectClass=Group)

    # unique group id for find the group
    # Required
    # For active directory, use:
    #    objectSid
    # For LDAP with posix group, use:
    #    gidNumber
    ldap_group_unique_attribute =  cn

    # Type of unique group id
    # default: text
    # For active directory, use:
    #      binary
    # For LDAP with posix group, use:
    #      text
    ldap_group_unique_attribute_type = text

    # Optional, default = cn
    # For active directory, use:
    #   displayName
    # For LDAP with posix user, use:
    #   cn
    ldap_fullname_attribute = cn

    # Optional, default = uid
    # Active directory: sAMAccountName
    # LDAP: uid
    ldap_loginname_attribute = uid

    # Optional, default = userPassword
    # Active directory: unicodePwd
    # LDAP: userPassword
    ldap_password_attribute = userPassword

    # Optional, default = mail
    # Active directory: mail
    # LDAP: mail
    ldap_emailaddress_attribute = mail

    # Whether the user is an admin.  The field is interpreted as a
    # boolean, 0 and false (case insensitive) meaning no, all other values
    # yes.
    # Optional, default = zarafaAdmin
    # Active directory: zarafaAdmin
    # LDAP: zarafaAdmin
    ldap_isadmin_attribute = zarafaAdmin

    # Whether a user is a non-active user. This means that the user will
    # not count towards your user count, but the user will also not be
    # able to log in
    # Optional, default = zarafaSharedStoreOnly
    # Active directory: zarafaSharedStoreOnly
    # LDAP: zarafaSharedStoreOnly
    ldap_nonactive_attribute = zarafaSharedStoreOnly

    # If set to bind, users are authenticated by trying to bind to the
    # LDAP tree using their username + password.  Otherwise, the
    # ldap_password_attribute is requested and checked.
    # Optional, default = bind
    # Choices: bind, password
    # Active directory: bind
    # LDAP: password
    ldap_authentication_method = bind

    # Whether to override the system wide quota settings
    ldap_quotaoverride_attribute = zarafaQuotaOverride

    ldap_warnquota_attribute = zarafaQuotaWarn
    ldap_softquota_attribute = zarafaQuotaSoft
    ldap_hardquota_attribute = zarafaQuotaHard

    # Mapping from the quota attributes to a number of bytes.  Qmail-LDAP
    # schema uses bytes (1), ADS uses kilobytes (1024).
    ldap_quota_multiplier =  1048576

    # Optional, default = cn
    # Active directory: cn
    # LDAP: cn
    ldap_groupname_attribute = cn

    # Optional, default = member
    # Active directory: member
    # LDAP: member
    ldap_groupmembers_attribute =  uniqueMember

    # Optional, default = name
    # Active directory: dn
    # LDAP: name
    ldap_groupmembers_attribute_type =  dn

    # The attribute of the user which is listed in ldap_groupmember_attribute
    # Empty default, using ldap_user_unique_attribute
    ldap_groupmembers_relation_attribute =

    # The charset that strings are stored in on the LDAP server. Normally this
    # is utf-8, but this can differ according to your setup. The charset specified
    # here must be supported by your iconv(1) setup. See iconv -l for all charset
    ldap_server_charset = utf-8

To extend eDirectory with the Zarafa schema you need to have a ldif file. I added in the attachment the converted Zarafa schema to ldif. With the ICE plugin in the eDirectory iManager you can import the ldif file.

File:Ldif.zip

Personal tools