Active Directory Integration Question...

Stephan Buys list at codefusion.co.za
Mon Apr 5 13:45:34 CEST 2004


The code is largely experimental and undocumented, but you can try the 
following (explanation of fields below):

Add the following to /kolab/etc/kolab/kolab.conf

----->> /kolab/etc/kolab/kolab.conf ----------------------
user_directory_mode : ad
user_ldap_uri : ldap://myserver
user_dn_list : user_dn
user_bind_dn : system_account_dn
user_bind_pw : system_account_password
user_field_deleted : isDeleted
user_field_modified : whenChanged
user_field_guid : objectGUID
user_field_quota : userquota
user_object_class : inetOrgPerson
cyrus_admin_pw : system_account_password
log_level : 4
----->> /kolab/etc/kolab/kolab.conf ----------------------



Fields:
myserver			The hostname or IP address of your server
user_dn_list		The DN that points to your users, probably cn=Users,base_dn
user_bind_dn		A DN that points to some sort of system account, this account
				should be able to search the objects in user_dn_list
user_bind_pw		The password for user_bind_dn
cyrus_admin_pw		Same as above
user_object_class	This is the LDAP objectclass to be checked for in order to
				create a user.

The way this works is that the Kolab daemon registers itself at user_dn_list to
recieve notification of any updates that occur there.
You need to set the "mail" attribute of the users in user_dn_list for the service
to kick in. 
Also the users need to be of type user_object_class. In AD2003 you can create
inetOrgPersons, otherwise you will need to set user_object_class to organizationalPerson 
(or something like that, I'm not sure)

The mechanism is simple:
1) sasl is pointed to Active Directory to do authentication against it.
2) If a user has a "mail" attribute populated and is of type "inetOrgPerson" then 
Kolab will create an accompanying Cyrus mailbox...

Regards,
-- 
Stephan  Buys
Code Fusion cc.
Tel: +27 11 391 1412
Mobile: +27 83 294 1876
Email: s.buys at codefusion.co.za

E-mail Solutions, Kolab Specialists.
http://www.codefusion.co.za






On Monday 05 April 2004 12:49, Robert Gallagher wrote:
> Hi all,
> 
> I have been testing Zfos 20040217-2.0.0. I happily noticed that it is 
> capable of interacting with active directory. Is there any documentation 
> available regarding the integration of Kolab with Active Directory? 
> 
> I see that this question has been asked before and I have searched for 
> documentation with out any luck, unless I am looking in the wrong places.
> 
> It is important to me, as I would like to set up a "proof of concept" 
> installation of Kolab-cf for my employer to review and hopefully adopt as 
> viable and supported solution. Although being a Microsoft only shop, my 
> employers are receptive to the idea of adopting Linux on the server and 
> this would be the perfect solution introduce Linux.
>  
> 
> Regards,
> 
> Robert Gallagher
> 
> iTet, AS
> 

-- 
Stephan  Buys
Code Fusion cc.
Tel: +27 11 391 1412
Mobile: +27 83 294 1876
Email: s.buys at codefusion.co.za

E-mail Solutions, Kolab Specialists.
http://www.codefusion.co.za




More information about the users mailing list