Open-Xchange 6 & Active Directory
Dear OX Pros,
I went through all the guide to set up OX6 on ubuntu 8.10 and it works fine. Now I'm trying to authenticate users to our AD through "OX LDAP Sync". Again I went through all the steps in that guide at least the one I understand. Unfortunately up to now I could not get any good results. what I try to login I got this in the log-file:
I like to find out something; as you say "OX LDAP Sync" is not a direct authenticate to our AD it just copy the users details form AD to the OX. Hence, should not OX has also an Openldap server or what?. sorry for this dump Q!!. Again, how that "ldapauth.properties" could authinticate to an ldap-server while OX doesn't have one??!
25 Feb, 2009 9:34:56 AM com.openexchange.ajax.Login doGet
SEVERE: LGI-0005 Category=5 Message=Login not possible at the moment. Please try again later. exceptionID=1334134695-4
LGI-0005 Category=5 Message=Login not possible at the moment. Please try again later. exceptionID=1334134695-4
Caused by: javax.naming.CommunicationException: localhost:389 [Root exception is java.net.ConnectException: Connection refused]
Caused by: java.net.ConnectException: Connection refused
here is my "ldapauth.properties":
Also to mention that "oxldapsync.pl" works fine and I got all the users I need. Also here is how I configure the "ldapsyn-ads.conf ".
userbasedn = ou=IT,dc=example,dc=edu
groupbasedn = ou=IT,dc=example,dc=edu
Last edited by linux-mad; 02-25-2009 at 08:17 AM.
OX does not provide an LDAP Service, therefor you'll need to configure an (existing) external LDAP service for authentication.
The OX authentication-ldap module just does what you did configure. It connects to an ldap server running on the local host, which obviously isn't the case... :-)
Your AD does not run on the same machine, I'm quite sure.
OX needs to authenticate against an external LDAP server, e.g. AD, check http://www.open-xchange.com/wiki/ind...#Prerequisites for more information.
Last edited by Carsten Hoeger; 02-25-2009 at 10:00 AM.
Very grateful to your replies guys. What I got is that I have to install an Ldap server in my OX machine, so it could authenticate via it. So is this the logic:
* "oxldapsync.pl" will copy user details from the REAL External AD using the configuration in ldapsyn-ads.conf.
* I have to install an LDAP-server in OX machine so OX could authenticate to it.
?? but then how the ldap-server in my OX machine will get the list of the users. Does "oxldapsync.pl" feed it..???
oxldapsync feeds the ox database, not another ldap server, as documented at http://www.open-xchange.com/wiki/ind...LDAPSync_Guide
You still need the external ldap server to authenticate against it, as documented at http://www.open-xchange.com/wiki/ind...#Prerequisites
Very clear now, I thought that before too, but reading a thread about undirect auth with AD server mixes things in my mind. Nevermore, now I keep getting this message "Login failed. Please check your user name and password and try again". I don't know where the problem is it in my "ldapauth.properties" or it is time to do something with "ldap.properties". By the way how really should that last file look like, there is no guide about it.
I'm still not able to authenticate against our Active Directory. I have tried all the possible tricks in "ldapauth.properties", but it still not working!!
Any body could explain it in a very boring detail how to set up the "ldapauth.properties" putting all the options and the tricks that it could possibly setup-ed in our stupid Active Directory server.!!
Sorry, but was my Q that hard?, or it turns that I'm so much dump that I should not ask???!?!?
I really like Open Source stuff and Linux world, I dream of seeing all the world using LINUX only not the MS crap systems. I'm working in environment with MS everywhere, but I promised our Network Admin to find a good real stable solution for our MS-Exchange E-mail server problem. so please help me...
Sorry, never did such stuff.
You might want to contact rccsoftware/sourcegarden directly:
They did the implementation of oxldapsync
Thanks for your help, unfortunately that website is in German and I barely know English lol. Even trying to translate it to English didn't work well. By the way how should I fix "ldap.properties" to fit out AD server needs?. what it is main job?. It possible that it is the problem that I can get my users authenticated against the AD server?!.