LDAP authentication with different login as AD username

[st3]

HI. I enabled External LDAP authentication and I can log in with my AD username/passwd.
The problem is that the AD users are lastname@domain.com but I need the emails to be firstname.lastname@domain.com
Current config:
LDAP filter: (userPrincipalName=%n)
LDAP search base: dc=domain,dc=com
LDAP Bind enabled and passwd configured

I found this post, viewtopic.php?t=37892 but no luck so far.

[7224jobe]

Hi, take a look at https://wiki.zimbra.com/wiki/External_L ... ExternalDn

[st3]

Thanks for your reply.
But I get this error in mailbox.log when I try to log in:

Code: Select all

ption: authentication failed for [firstname.lastname@domain.com], external LDAP auth failed, LDAP error:  - unable to ldap authenticate: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
2019-08-07 16:49:15,167 INFO  [qtp391914049-19433:http://localhost:8080/service/soap/AuthRequest] [name=firstname.lastname@domain.com;oip=10.0.0.63;ua=zclient/8.8.12_GA_3817;soapId=1a7ac0fd;] soap - AuthRequest elapsed=6
2019-08-07 16:49:15,182 INFO  [qtp391914049-19346:https:https://localhost:7071/service/admin/soap/GetDomainInfoRequest] [ua=ZCS/8.8.12_GA_3817;soapId=1a7ac0fe;] soap - GetDomainInfoRequest elapsed=0

[7224jobe]

Maybe this guide can be helpful? https://wiki.zimbra.com/wiki/Configure_ ... _Directory

[st3]

I got this part working. But how do I get to authenticate with AD user if I want the email address to differ from the AD username.
Is there a way to get the «mail» atribute from AD and use it as the email address in Zimbra?

[ccelis5215]

Hello,

Did you try this: https://wiki.zimbra.com/wiki/Mgolfieri_ ... il_address ?

ccelis

[st3]

I figured it out.
Looks like I got the External LDAP account for Authentication: portion wrong, stupid mistake from my side.
Taking a closer look at the ADSI Editor fixed it.
Thanks for your help guys!