Kolab authenticating through Active Directory (Windows AD)

Ingo Steuwer steuwer at univention.de
Fri May 8 09:21:09 CEST 2009 

Hi,

Am Freitag, 8. Mai 2009 schrieb Alain Spineux:
> On Thu, May 7, 2009 at 8:03 PM, Lucas Hendricks
>
> <LHendricks at austinent.com> wrote:
> > I have been digging around for the next step in integrating our network
> > with Kolab which would be to have Kolab authenticate against our windows
> > domain. I have been digging in the wiki and around the web, but this is
> > the closest thing I've found from the list in 2004:
> >
> > http://www.kolab.org/pipermail/kolab-users/2004-April/000081.html

I didn't read the post, but you should find tons of informations about 
configuring PAM against AD, either by pam-ldap or by pam-kerberos (I'd prefer 
the first one). You need to do that for all user-related parts of Kolab, like 
cyrus, postfix and others. That will need very much testing.

> Another idea :
>
> use pwdump to extract lanman password from your windows SAM.
>
> http://www.openwall.com/passwords/microsoft-windows-nt-2000-xp-2003-vista
>
> compile openldap to support lanman password
> sync your window password into your ldap
>
> I I did it for one user, it works ! But I have no scripts to automate
> the job :-(

Our Active Directory Connector does it exactly that way and works very well 
with our kolab integration. It's open source software:
http://www.univention.de/fileadmin/download/dokumentation_2.2/ucs-ad-connector_en.pdf

You may download the deb-source here:
http://apt.univention.de/2.2/maintained/2.2-0/

Maybe the windows-part (password-service) is helpfull for you, the 
Linux-daemon makes heavy use of other parts of our product (Univention 
Directory Manager); they are also open source software but porting them to 
native kolab would be very much work.

Regards,
Ingo

-- 
Ingo Steuwer
Head of Professional Services

Univention GmbH
Linux for your business
Mary-Somerville-Str.1
28359 Bremen
Tel.: +49 421 22232-43
Fax : +49 421 22232-99
Mob : +49 173 2112971

steuwer at univention.de>
http://www.univention.de

Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876

More information about the users mailing list