Hello,
I need help to configure my zimbra server as LDAP provider for sssd on RHEL 8.
My zimbra server works perfectly when i use ldapsearch command it's works but i want to use auth from zimbra to authenticate to services like:
gdm gnome
vsftpd
I rode some forum posts but no success.
i tried many things like /etc/sssd/sssd.conf nsswitch.conf /etc/pam.d/vsftpd.conf or nslcd
Obviously I'm not the only one who failed.
Help to configure zimbra as LDAP provider for sssd on RHEL 8
-
- Posts: 10
- Joined: Thu May 12, 2022 2:18 pm
-
- Ambassador
- Posts: 2755
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Re: Help to configure zimbra as LDAP provider for sssd on RHEL 8
You should not do this but do it the other way round.
Setup a central LDAP (with an easy to use provisioning tool).
This would be your organisation directory, can be used by any app (user management, group management, rights, apps, etc).
Point your Zimbra to this LDAP for auth (and auto-provisioning if you wish).
Point other apps to this LDAP too.
Setup a central LDAP (with an easy to use provisioning tool).
This would be your organisation directory, can be used by any app (user management, group management, rights, apps, etc).
Point your Zimbra to this LDAP for auth (and auto-provisioning if you wish).
Point other apps to this LDAP too.
-
- Posts: 10
- Joined: Thu May 12, 2022 2:18 pm
Re: Help to configure zimbra as LDAP provider for sssd on RHEL 8
I managed the configuration with zimbra by cheating in little
I used the zimbraNotes field and I have to create an int uid by hand it does not work with the uuids provided by zimbraId
If someone has a solution to add a zimbraUid field in the zimbra schema I'm interested thanks in advance or an auto increment
I used the zimbraNotes field and I have to create an int uid by hand it does not work with the uuids provided by zimbraId
Code: Select all
[root@mail var]# cat /etc/nslcd.conf
uid nslcd
gid ldap
uri ldap://ldap.demo.lan:389/
base OU=people,DC=demo,DC=lan
binddn uid=zimbra,cn=admins,cn=zimbra
bindpw MYPASSWORDHERE
tls_reqcert never
ssl off
# Mapping Zimbra
filter passwd (objectClass=inetOrgPerson)
filter shadow (objectClass=inetOrgPerson)
filter group (objectClass=inetOrgPerson)
#filter shadow (&(objectClass=zimbraAccount)(!(zimbraHideInGal=*)))
#filter passwd (&(objectClass=zimbraAccount)(!(zimbraHideInGal=*)))
map passwd uid uid
map passwd loginShell "/bin/bash"
map passwd homeDirectory "/home/$uid"
map passwd gecos displayName
map shadow uid uid
map passwd uidNumber zimbraNotes
map passwd gidNumber zimbraNotes
map group gidNumber zimbraNotes
If someone has a solution to add a zimbraUid field in the zimbra schema I'm interested thanks in advance or an auto increment