Users in AD and OpenLDAP

Ask questions about your setup or get help installing ZCS server (ZD section below).
gribbler
Posts: 18
Joined: Fri Sep 12, 2014 9:58 pm

Users in AD and OpenLDAP

Postby gribbler » Thu Nov 24, 2005 4:30 pm

I saw that users need to be in both AD and LDAP, if I have 300 users in AD, I am not wanting to create 300 user accounts. Is there another way to do this?


gribbler
Posts: 18
Joined: Fri Sep 12, 2014 9:58 pm

Users in AD and OpenLDAP

Postby gribbler » Thu Nov 24, 2005 7:28 pm

[quote user="gribbler"]I saw that users need to be in both AD and LDAP, if I have 300 users in AD, I am not wanting to create 300 user accounts. Is there another way to do this?[/QUOTE]


Is that correct that user accounts need to be in both the AD and the OpenLDAP?
marcmac
Elite member
Elite member
Posts: 2091
Joined: Fri Sep 12, 2014 9:53 pm

Users in AD and OpenLDAP

Postby marcmac » Fri Nov 25, 2005 3:33 am

It is necessary to create the users in ldap, but you don't have to use the web UI.
You can create users from the command line with zmprov:

zmprov ca etc...
So, if you can dump your userlist to a file, one user per line, you can feed that file to zmprov. If you want to create additional attributes (display name, etc) you can do that as well.
So you'll have a file with zmprov commands on the lines:
ca user@domain.com passwd1

ca user2@domain.com passwd2
Then -

zmprov
gribbler
Posts: 18
Joined: Fri Sep 12, 2014 9:58 pm

Users in AD and OpenLDAP

Postby gribbler » Fri Nov 25, 2005 2:24 pm

[quote user="marcmac"]It is necessary to create the users in ldap, but you don't have to use the web UI.
You can create users from the command line with zmprov:

zmprov ca etc...
So, if you can dump your userlist to a file, one user per line, you can feed that file to zmprov. If you want to create additional attributes (display name, etc) you can do that as well.
So you'll have a file with zmprov commands on the lines:
ca user@domain.com passwd1

ca user2@domain.com passwd2
Then -

zmprov
Then whats the point of using AD? I was hoping to pul a username and password out of the AD...
marcmac
Elite member
Elite member
Posts: 2091
Joined: Fri Sep 12, 2014 9:53 pm

Users in AD and OpenLDAP

Postby marcmac » Fri Nov 25, 2005 2:42 pm

You use AD to authenticate against, but all zimbra-specific account attributes stay in our openldap db - so we're not writing to your AD installation.
gribbler
Posts: 18
Joined: Fri Sep 12, 2014 9:58 pm

Users in AD and OpenLDAP

Postby gribbler » Fri Nov 25, 2005 2:44 pm

[quote user="marcmac"]You use AD to authenticate against, but all zimbra-specific account attributes stay in our openldap db - so we're not writing to your AD installation.[/QUOTE]
Does it use the AD password? Do I need to set one in the LDAP DB?
marcmac
Elite member
Elite member
Posts: 2091
Joined: Fri Sep 12, 2014 9:53 pm

Users in AD and OpenLDAP

Postby marcmac » Fri Nov 25, 2005 2:51 pm

Yes, we auth with the password set in AD, so you don't have to set one in LDAP - except, I think there's a bug that requires a password be set in order to create the account, so you can set it to anything at account creation, and the AD password will be used.
gribbler
Posts: 18
Joined: Fri Sep 12, 2014 9:58 pm

Users in AD and OpenLDAP

Postby gribbler » Fri Nov 25, 2005 2:53 pm

Much appreciated. Now at least I feel like I've got a grasp on everything. Well. Sort of. you know.

Return to “Installation and Upgrade”

Who is online

Users browsing this forum: No registered users and 4 guests