Zimbra Mail Server with External Authentication using Samba PDC+OpenLDAP

Written by Masim "Vavai" Sugianto OpenSUSE, Zimbra Mar 30, 2010 1,111 views Print This Post Print This Post

Zimbra mail server using LDAP as default account database, but we may also use external LDAP/AD as Zimbra user authentication. This tutorial will cover how to use openSUSE/SLES  PDC+OpenLDAP user as Zimbra user authentication.

SAMBA PDC CONFIGURATION

I’m using openSUSE 11.2 with Samba  PDC+OpenLDAP but tutorial may also applied on another openSUSE version or on SLES. In this example, server hostname is  host pdc.vavai.info (192.168.0.6), with bind DN cn=Administrator, dc=vavai, dc=info and using 2 LDAP ports : standard port  389 and SSL port  636. Don’t forget to add these ports as an allowed port on firewall.

ZIMBRA CONFIGURATION

  1. Login to Zimbra Admin
  2. Go to Domain on left pane menu
  3. Choose domain to be configure. If we have multi domain schema on Zimbra,  we must configuring external authentication for each domain, even if all domain using same LDAP server
  4. Choose Configure Authentication menu.
  5. On Authentication Mode choose External LDAP
  6. Fill in the configuration of Samba LDAP. Take a look on the following picture for a configuration example
    Adjust the configuration with your own setting and then click Next.
  7. Next wizard are LDAP bind DN configuration. Bind DN is the configuration of admin user/manager used for accessing LDAP data. Click on Use DN/Password to bind to external server check box and then fill the bind DN text box. I’m using cn=Administrator,dc=vavai,dc=info as Samba PDC+openLDAP bind DN. Don’t forget to fill in the bind DN password (admin user/LDAP manager password)
  8. On next wizard, use Samba PDC user account as user name and password and then click  Test for testing Samba PDC+OpenLDAP connection. Zimbra will response with  Authentication Test Result : Authentication test successful message if Samba PDC+OpenLDAP has connected successfully.
    `

Please remember that the above configuration still need an inbox account on Zimbra mail server so you must create the appropriate account with no password on Zimbra to map user on Samba PDC with their mailbox.  Zimbra account do not need password because password will be pass to LDAP account on Samba PDC.

If you wish to integrating Samba & Zimbra user as fully single user name, mailbox and password, please refer to UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI

Related Entries

2 Responses for “Zimbra Mail Server with External Authentication using Samba PDC+OpenLDAP”

  1. snpz says:
    March 30, 2010 at 1:53 pm

    I’m using this external authorization against LDAP (Samba + LDAP domain) for a year already. Works perfect, but it is time to upgrade my samba server, because of Win7. Right now i have 3.0.28a (Ubuntu LTS 8.04.3). Win7 is not allowed to authorize against Samba domain, that is built on older releases than 3.3.4 i guess.
    Keep on writing ;) Great manuals :)

  2. User Account Integration between Samba PDC & Zimbra Mail Server on openSUSE / SLES | Spirit of Change says:
    March 31, 2010 at 9:33 am

    [...] way to make Samba and Zimbra use the same user database for authentication. You may also use Zimbra External Authentication with Samba PDC. External authentication are a little bit easy to be setting up, but we must manage the mailbox [...]

Leave a Reply

Recent Posts

About Vavai

Masim Vavai Sugianto Masim Vavai Sugianto, Indonesian, male, 32 years old, born and live in Bekasi-West Java, a small town near Jakarta – main city of Indonesia – since 17 May 1976. Founder of Indonesian openSUSE and Zimbra Community, an adventure, travelling and book lover.



I live in a tropical country, Indonesia that only has two seasons, dry season and rainy season. I love the dry season with bright sunshine and rare rain…There is a joke about the seasons in Indonesia. Indonesia is known as a country with so many season, ie : durian season, mango season, married season and much more...



ContactI'm currently working as an IT support for a small company based on Jakarta. My career has led me to specialize in Sysadmin, networking and software implementation with current focus on Linux and open source area. I have experience on MRP, ERP, Gemba Kaizen, Just in Time, Six Sigma and TQC/TQM. Please use my contact page if you wish to contact me.
Log in - BlogNews Theme by Gabfire themes