Scalix Forums

Skip to content

Authentication against Scalix's LDAP server

Best practice information from Scalix users relating to integration of Scalix with other products.

Moderator: ScalixSupport

Post Reply
jnawk
Posts: 16
Joined: Sun Sep 17, 2006 10:49 pm

Authentication against Scalix's LDAP server

Postby jnawk » Tue Dec 05, 2006 8:47 pm

Has anyone tried/succeeded to get other products (eg, a web server, ftp server, etc) to authenticate against Scalix?

I see there is a wealth of material about getting Scalix to play with other LDAP servers, but in my case, I want Scalix to be the LDAP server.

Is this even possible? (is there enough extra information in the Scalix LDAP (home directory, user id) or can this extra information be placed into the Scalix LDAP)

Cheers,

Phil
Top
dwalexuk
Posts: 17
Joined: Thu Dec 21, 2006 11:51 am

BumP

Postby dwalexuk » Wed Jan 17, 2007 11:20 am

Any luck?
I would like to setup SAMBA PDC with authentication in SCALIX ldap. doesn't know where to start for a change.
Top
racmar
Posts: 104
Joined: Wed Jan 10, 2007 10:41 pm
Contact:
Contact racmar

LDAP authentication

Postby racmar » Wed Jan 17, 2007 12:34 pm

I tried to get Spamtitan http://www.spamtitan.com/ to authenticate with Scalix's ldap, but could not figure it out quickly enough. I finally noticed that Spamtitan can authenticate /w IMAP also, and that works wonderfully.
Top
jnawk
Posts: 16
Joined: Sun Sep 17, 2006 10:49 pm

Postby jnawk » Wed Jan 17, 2007 4:59 pm

I decided to have another crack at it today,

It appears that there is no attribute defining the password for any user, (or if there is, it doesn't expose itself, even when binding as the administrator).

If there is such an attribute, and I could extend the schema (to put such things as login shell, home dir, etc) then I could get it going.

Anyone aware of a password attribute? Anyone played around with putting their own information in?
Top
kanderson

Postby kanderson » Wed Jan 17, 2007 6:24 pm

Scalix's LDAP isn't really a complete LDAP server. To my knowledge nobody has successfuly authenticated against it with something like Samba.

The general recommendation is to go the other way. Scalix can authenticate against OpenLDAP with very little effort from the admin. Same with Samba. So rather than having Samba authenticate against scalix's LDAP, have Scalix authenticate against Samba. This is a common configuration, so troubleshooting it from both Samba and Scalix will be straightforward.

The most important problem you'll hit, and you;ll hit it almost immediately, is that you cannot extend the schema for Samba's objects, as far as I know, so it will simply not work to use Scalix to house your Samba data.
Top
jnawk
Posts: 16
Joined: Sun Sep 17, 2006 10:49 pm

Postby jnawk » Wed Jan 17, 2007 6:34 pm

Damn. I was hoping to only need a single LDAP. (ie, Scalix) I don't suppose this is a new feature in Scalix 11?



For the record, I am trying to have Linux system accounts authenticated against Scalix.
Top
kanderson

Postby kanderson » Wed Jan 17, 2007 6:43 pm

Do it the other way. Just pretend Scalix's LDAP doesn't exist. Use OpenLDAP for your stuff, and then change the PAM entries so that Scalix look there too.

I suppose you'd still need to initially create users within Scalix, but ldapsync should help there.
Top
Post Reply

Return to “Third Party Integration”



Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Limited
 

 

cron