Hello there,

What i did was the following (it might not be a perfect solution, but it works for me even though there is some manual work to be done which obviously isn't all that great for bigger companies). Since OX documentation is a tad scarce (make that inexistant ), this is the only way as far as i know to get some sort of ADS integration.

Steps:
1. configure samba/winbindd and join your linux server into existing ADS domain

2. install and configure underlaying mail system (i am using courier-imap + postfix). This is the part where manual work comes in place, i did configure pam to autocreate users $HOME, however for all my users i had to manually issue the command "maildirmake Maildir" inside their respective $HOME (HINT: "maildirmake /etc/skel/Maildir").

3. install open-xchange-authentication-imap package

4. modify your pam "imap" file with following values
5. install and configure your oxldapsync package (the script as far as i managed to understand does NOT sync user passwords, so you will have to set to a static value and instruct your users to change it (you set these values in mapping.ads.conf file inside the oxldapsync directory).

6. edit ldapsync-ads.conf file and reflect your ADS setup in it, once you have completed modifying both mapping.ads.conf and ldapsync-ads.conf you will have to execute the oxldapsync.pl script.

Sample ldapsync-ads.conf
-v and -s arguments are just to get the verbose output on your cli.

I will eventually make a thread in these forums with concrete examples (file modifications) of how i did the "integration" of OX into ADS domain.

Hope it sheds a little light on your problem.

Regards,
Daniel

Possilbility 1:
Contact Sourcegarden for help: info[AT]sourcegarden.de

Possibility 2:
Post the errors that are in the logfiles of Open-Xchange and in the eventlog of the AD server here. Attach all relevant configs, too.

Regards,
Daniel

ldap.properties

Thanks for your help, unfortunately that website is in German and I barely know English lol. Even trying to translate it to English didn't work well. By the way how should I fix "ldap.properties" to fit out AD server needs?. what it is main job?. It possible that it is the problem that I can get my users authenticated against the AD server?!.

Sorry, never did such stuff.
You might want to contact rccsoftware/sourcegarden directly:





They did the implementation of oxldapsync

Hi folks,

Sorry, but was my Q that hard?, or it turns that I'm so much dump that I should not ask???!?!?

I really like Open Source stuff and Linux world, I dream of seeing all the world using LINUX only not the MS crap systems. I'm working in environment with MS everywhere, but I promised our Network Admin to find a good real stable solution for our MS-Exchange E-mail server problem. so please help me...

Guys, Help,

I'm still not able to authenticate against our Active Directory. I have tried all the possible tricks in "ldapauth.properties", but it still not working!!

Any body could explain it in a very boring detail how to set up the "ldapauth.properties" putting all the options and the tricks that it could possibly setup-ed in our stupid Active Directory server.!!

Very clear now, I thought that before too, but reading a thread about undirect auth with AD server mixes things in my mind. Nevermore, now I keep getting this message "Login failed. Please check your user name and password and try again". I don't know where the problem is it in my "ldapauth.properties" or it is time to do something with "ldap.properties". By the way how really should that last file look like, there is no guide about it.

oxldapsync feeds the ox database, not another ldap server, as documented at http://www.open-xchange.com/wiki/ind...LDAPSync_Guide

You still need the external ldap server to authenticate against it, as documented at http://www.open-xchange.com/wiki/ind...#Prerequisites

Very grateful to your replies guys. What I got is that I have to install an Ldap server in my OX machine, so it could authenticate via it. So is this the logic:

* "oxldapsync.pl" will copy user details from the REAL External AD using the configuration in ldapsyn-ads.conf.
* I have to install an LDAP-server in OX machine so OX could authenticate to it.
............
?? but then how the ldap-server in my OX machine will get the list of the users. Does "oxldapsync.pl" feed it..???

Or what?

The OX authentication-ldap module just does what you did configure. It connects to an ldap server running on the local host, which obviously isn't the case... :-)

Your AD does not run on the same machine, I'm quite sure.

OX needs to authenticate against an external LDAP server, e.g. AD, check http://www.open-xchange.com/wiki/ind...#Prerequisites for more information.

Hi,

OX does not provide an LDAP Service, therefor you'll need to configure an (existing) external LDAP service for authentication.