Results 1 to 3 of 3

Thread: Authenticating Zarafa against Novell eDirectory

  1. #1
    An user
    Guest

    Authenticating Zarafa against Novell eDirectory

    I've been struggling with this combination for some time now, and I wonder if anyone has tried and/or got it working. Novell eDirectory is LDAPv3 compliant, so it should be possible.

    I already applied the posixAccount and posixGroup extensions to users and groups, and (after converting the .schema to .ldif) the Zarafa attributes are present and working. But still, for whatever reason, I cannot get Zarafa to authenticate. Is there a way to fully debug the ldap requests Zarafa sends at the eDirectory server? That might be a start...

  2. #2
    An user
    Guest

    Re: Authenticating Zarafa against Novell eDirectory

    I've got a bit further, but only a bit, and it doesn't look pretty.

    Apparently, instead of attempting a bind to the directory to check authentication, Zarafa asks the ldap server to send the userPassword attribute over the network (! :shock, and locally compares it to the input (correct me if I'm wrong here, I'm just trying to interpret my packet dumps). Since eDirectory does not allow the reading of the userPassword attribute - it's a write-only, compare-only attribute - Zarafa doesn't get the needed info from its query, and gives a "bad password" error like this in /var/log/zarafa/server/log:

    Can someone suggest a proper way to get this working? The only option I see is creating a different attribute and writing the plaintext password in that. But that's very, VERY ugly, insecure and a pain to maintain with password changes etc.

  3. #3
    An user
    Guest

    Re: Authenticating Zarafa against Novell eDirectory

    Hah - I need glasses :lol:

    -----> ldap_authentication_method = bind

    This option is obviously not just for ActiveDirectory :-D it's working! Three cheers.

Similar Threads

  1. Zarafa 6.40 ldif eDirectory
    By JDOS in forum Administration and Integration
    Replies: 2
    Last Post: 05-11-2011, 04:44 PM
  2. Integration with eDirectory
    By bcnx in forum Installation and Configuration Archives
    Replies: 3
    Last Post: 17-03-2011, 07:33 PM
  3. How to set the primary emailaddress [eDirectory - LDAP]
    By JDOS in forum Administration and Integration Archives
    Replies: 12
    Last Post: 21-07-2009, 09:53 AM
  4. Zarafa with eDirectory 8.8
    By neustifter in forum Administration and Integration Archives
    Replies: 2
    Last Post: 08-11-2008, 09:22 AM
  5. Zarafa 6 won't work with eDirectory anymore
    By in forum Beta Feedback Archives
    Replies: 0
    Last Post: 12-12-2007, 01:53 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •