Zarafa Red Hat Directory Server integration

From Zarafa wiki

(Difference between revisions)
Jump to: navigation, search
m
m (Reverted edits by Ynypokizek (talk) to last revision by Admin)
 
(One intermediate revision not shown)

Latest revision as of 09:10, 24 November 2010

Through the flexible LDAP user backend of Zarafa, you can integrate it with all LDAP based systems.

Example ldap.cfg file for RHDS

##############################################################
#  LDAP/ACTIVE DIRECTORY USER PLUGIN SETTINGS
#
# Any of these directives that are required, are only required if the
# userplugin parameter is set to ldap.

# LDAP host name/IP address
# Optional, default = localhost
ldap_host = ip-address

# LDAP port
# Optional, default = 389
# Use 636 for ldaps
ldap_port = 389

# LDAP protocol
# Optional, default = ldap
# use 'ldaps' for SSL encryption. Make sure /etc/ldap/ldap.conf is
# configured correctly with TLS_CACERT
ldap_protocol = ldap

# The DN of the user to bind as for normal operations (not used for
# authentication if ldap_authentication_method is set to "bind"
# Optional, default = empty (anonymous bind)
# The userPassword attribute must be readable for this user if the
# ldap_authentication_method option is set to password.
ldap_bind_user = uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot

# LDAP bind password
# Optional, default = empty (no password)
ldap_bind_passwd = password

# Search for users starting from this DN
# Required
ldap_user_search_base = ou=people,dc=zarafa,dc=com

# Search method to find a user, can be: base, one or sub
# Default: sub
ldap_user_scope = sub

# Search for users using this LDAP filter.  See ldap_search(3) or RFC
# 2254 for details on the filter syntax.
ldap_user_search_filter = (objectClass=person)

# unique user id for find the user
# Required
# For active directory, use:
#    objectSid
# For LDAP with posixAccount, use:
#    uidNumber
ldap_user_unique_attribute = uid

# Type of unique user id
# default: text
# For active directory, use:
#               binary
# For LDAP with posix user, use:
#               text
ldap_user_unique_attribute_type = text

# Search for groups starting from this DN
# Required
ldap_group_search_base = ou=groups,dc=zarafa,dc=com

# Search method to find a group, can be: base, one or sub
# Default: sub
ldap_group_scope = sub

# Search for groups using this LDAP filter.  See ldap_search(3) for
# details on the filter syntax.
# Optional, default = empty (match everything)
ldap_group_search_filter = (objectClass=posixGroup)

# unique group id for find the group
# Required
# For active directory, use:
#    objectSid
# For LDAP with posix group, use:
#    gidNumber
ldap_group_unique_attribute = gid

# Type of unique group id
# default: text
# For active directory, use:
#               binary
# For LDAP with posix group, use:
#               text
ldap_group_unique_attribute_type = text

# Optional, default = cn
# For active directory, use:
#   displayName
# For LDAP with posix user, use:
#   cn
ldap_fullname_attribute = cn

# Optional, default = uid
# Active directory: sAMAccountName
# LDAP: uid
ldap_loginname_attribute = uid

# Optional, default = userPassword
# Active directory: unicodePwd
# LDAP: userPassword
ldap_password_attribute = userPassword

# Optional, default = mail
# Active directory: mail
# LDAP: mail
ldap_emailaddress_attribute = mail

# Whether the user is an admin.  The field is interpreted as a
# boolean, 0 and false (case insensitive) meaning no, all other values
# yes.
# Optional, default = zarafaAdmin
# Active directory: zarafaAdmin
# LDAP: zarafaAdmin
ldap_isadmin_attribute = zarafaAdmin

# Whether a user is a non-active user. This means that the user will
# not count towards your user count, but the user will also not be
# able to log in
# Optional, default = zarafaSharedStoreOnly
# Active directory: zarafaSharedStoreOnly
# LDAP: zarafaSharedStoreOnly
ldap_nonactive_attribute = zarafaSharedStoreOnly

# If set to bind, users are authenticated by trying to bind to the
# LDAP tree using their username + password.  Otherwise, the
# ldap_password_attribute is requested and checked.
# Optional, default = bind
# Choices: bind, password
# Active directory: bind
# LDAP: password
ldap_authentication_method = bind

# Whether to override the system wide quota settings
ldap_quotaoverride_attribute = zarafaQuotaOverride

ldap_warnquota_attribute = zarafaQuotaWarn
ldap_softquota_attribute = zarafaQuotaSoft
ldap_hardquota_attribute = zarafaQuotaHard

# Mapping from the quota attributes to a number of bytes.  Qmail-LDAP
# schema uses bytes (1), ADS uses kilobytes (1024).
ldap_quota_multiplier = 1

# Optional, default = cn
# Active directory: cn
# LDAP: cn
ldap_groupname_attribute = cn

# Optional, default = member
# Active directory: member
# LDAP: member
ldap_groupmembers_attribute = member

# Optional, default = name
# Active directory: dn
# LDAP: name
ldap_groupmembers_attribute_type = name

# The attribute of the user which is listed in ldap_groupmember_attribute
# Empty default, using ldap_user_unique_attribute
ldap_groupmembers_relation_attribute =

# The charset that strings are stored in on the LDAP server. Normally this
# is utf-8, but this can differ according to your setup. The charset specified
# here must be supported by your iconv(1) setup. See iconv -l for all charset
ldap_server_charset = utf-8


Import Zarafa schema

To import the Zarafa schema extension, use the following commands:

  1. Download the following script: http://directory.fedoraproject.org/download/ol-schema-migrate.pl
  2. Make the script executable.
  3. Run the following command to import the Zarafa schema in RHDS: perl ol-schema-migrate.pl -b /usr/share/zarafa/zarafa.schema > /etc/dirsrv/slapd-rhds/schema/61zarafa.ldif
  4. Restart the dirsrv to activate the new schema
Personal tools