GAL search returned no results ZCS 7.1.3 GA Release

[zenu]

It does have a AD option which I've chosen, below are screen shots of my configuration
http://www.zimbra.com/forums/attachment ... 1325736123 />

http://www.zimbra.com/forums/attachment ... 1325736128 />

http://www.zimbra.com/forums/attachment ... 1325736133 />

http://www.zimbra.com/forums/attachment ... 1325736140 />
1.jpg
2.jpg
3.jpg
4.jpg

[blason]

Your BIND DN should be user@domain.com rather than domainuser. Try adding that and see.
e.g blason@example.com not examplelason

[sbhnet]

Hmmmm. My screens look just like that except that I'm using the user@domain.com for the bind and the datasource name for the external GAL is ldap. Can that name make the difference? (I didn't set things up - I'm coming in after the fact as another set of eyes.)

[zenu]

Nope. No luck for me, but thank you for the idea.

[blason]

Well honestly even I tried with that and that didn't work if you refer to OSS Admin guide it was clearly specified that DN should be given in the form of user@domain.name

[sbhnet]

We finally got the GAL to work by changing the mode to "Both" instead of just External. Which says it's pulling from the defined accounts in Zimbra not from AD. Has anyone ever gotten GAL to work using just External?

[50asm]

[quote user="sbhnet"]We finally got the GAL to work by changing the mode to "Both" instead of just External. Which says it's pulling from the defined accounts in Zimbra not from AD. Has anyone ever gotten GAL to work using just External?[/QUOTE]
I cant make it work even using "both". The test are passing as noted by others, I have configured every thing as shown in the screen shots by zenu with the exception that I am using user@domain.com (with full admin rights) and the bind dn.
I am running ZCS 7.14, do you think this is a bug that needs to be reported?
Any other advice would be apreciated. I have been pulling my hair out for hours tring to figure out what is wrong.
Thank you!!!

[sbhnet]

I've seen so many posts where folks are having problems with this, I really think the Zimbra folks need to address this directly. Maybe a bug report will force the issue?

[50asm]

[quote user="sbhnet"]I've seen so many posts where folks are having problems with this, I really think the Zimbra folks need to address this directly. Maybe a bug report will force the issue?[/QUOTE]

I will report it now. Thanks!

[davidkillingsworth]

It is important to note that you must use port 389 not 3268 for GAL searches in AD.
Here's what I have for my GAL Configuration. You must have a glsynch@mydomain.com account in Zimbra.
You must also have an account in AD.

CN=GAL Sync,OU=Users & Groups,OU=Service Admins,DC=corp,DC=mydomain,DC=com
GAL Search Settings:
GAL mode: External

Create GAL Sync account: Check

GAL sync account name: glsynch@mydomain.com

Datasource name for external GAL: ExtnernalGAL (can be any name)

External GAL polling interval: 1 Hour (1 day would also probably be ok)

Server type: LDAP (NOT Active Directory, which assumes you also have Exchange schema extensions so GAL search results will always fail)

LDAP URL (enter your addresses):

ldap://xxx.xxx.xxx.x01:389 (these are the IP addresses of your AD domain controllers)

ldap://xxx.xxx.xxx.x02:389

LDAP filter:

(&(objectClass=user)(|(sAMAccountName=%s*)(givenName=%s*)(mail=%s*)))

Autocomplete filter:

(|(cn=%s*)(sn=%s*)(gn=%s*)(mail=%s*))

LDAP search base (enter the distinguished name to the root of your users in the AD for this email domain):

OU=Users & Groups,OU=US Campus,DC=corp,DC=mydomain,DC=com
GAL Search Settings:
Use DN/Password to bind to external server: Check

Bind DN (enter the DN of the GAL search user you created):

CN=GAL Sync,OU=Users & Groups,OU=Service Admins,DC=corp,DC=mydomain,DC=com
GAL Sync Settings:
Use GAL search settings for GAL sync: Check
GAL Settings Summary:
Here you can test the account works by searching for another user, enter an account name of a user you know exists within the "search base" you entered earlier.