Kolab 3 integration with Windows Active Directory

Mihai Badici mihai at badici.ro
Thu Apr 24 20:26:55 CEST 2014


On Thursday 24 April 2014 20:13:54 Chloé Desoutter wrote:
> Le 24/04/2014 19:36, Mat Cantin a écrit :
> > Greetings,
> > 
> > I believe what you're looking for is the LSC Project
> > [http://lsc-project.org/]. It is a piece of software that can sit
> > between OpenLDAP (Kolab's authentication back-end) and AD to
> > facilitate the authentication and user creation without needing any
> > configuration changes on the OpenLDAP and AD servers.
> > 
> > I was working on setting this up myself about a year ago, and got very
> > close to a working system when my project got sidelined. I will be
> > getting back to it soon though.
> > 
> > As I recall, there was someone on the LSC mailing list that had posted
> > a working configuration between OpenLDAP and Active Directory.
> 
> 389 DS you mean.
> 
> OpenLDAP no more :(
> 
> Wouldn't it be possible to configure pam_ldap as an authentication
> source and to glue it with Kerberos ?
-- 
Mihai Bădici
http://mihai.badici.ro

It depends on what you want to acheive at the end.
You can configure postfix and cyrus/dovecot to authenticate against Active 
Directory, and create users from AD console. No kolab schema, no roles, no 
kolab-webadmin etc. 

In the past i used the ssod daemon ( it's in windows services for unix 
package) to syncronize passwords from AD to Linux. I even wrote a patch for 
ssod to directly change password in openldap ( but 389 DS is similar or you 
can use PAM)
In this scenario, you can use a full kolab install and maintain passwoprds in 
sync.




More information about the users mailing list