Extending LDAP for other authentication

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
five04tluv
Posts: 6
Joined: Tue Sep 01, 2015 3:45 pm

Extending LDAP for other authentication

Postby five04tluv » Wed May 15, 2019 2:19 pm

We are running NE 8.7.11.GA.1854.UBUNTU14.64. We have a need to utilize LDAP for authenticating users from linux hosts, some apps and Windows hosts via SAMBA servers.

I know in the past you could extend the Zimbra schema for these but when you upgraded they would be removed and you'd have to go through and re-add. It seems from support that it isn't really supported any longer.

Is anyone doing this or should I be focusing on an external LDAP and leave Zimbra LDAP alone?

Thanks


Klug
Elite member
Elite member
Posts: 2350
Joined: Mon Dec 16, 2013 11:35 am
Contact:

Re: Extending LDAP for other authentication

Postby Klug » Wed May 15, 2019 3:58 pm

First of all, you should upgrade your server, because you're at risk.
viewtopic.php?f=15&t=65932

Then, about the auth and LDAP, the best way (ie: cleanest and most easy to deal with on long term) is to have an external LDAP server used by all your apps to authenticate against.
You create the accounts on this LDAP server (and in your apps), populate the LDAP server with the needed schema/info (not all users will have the same apps) and set the apps (Zimbra included) to authenticate against this LDAP.

This way you're "ready for the future" (no problem is Zimbra's LDAP schema changes).
That also can be used with some SSO if you wish to.
five04tluv
Posts: 6
Joined: Tue Sep 01, 2015 3:45 pm

Re: Extending LDAP for other authentication

Postby five04tluv » Wed May 15, 2019 6:21 pm

yes thanks for the reply and I will track this issue and get it on my outage schedule.

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 22 guests