Page 1 of 1

Customizing the LDAP Directory Usage

Posted: Tue Apr 11, 2006 3:55 pm
by dresdn

We're in the process of evaluating Scalix for our organization, but there are a few things that we need that I'm not 100% sure on how to properly do.

Currently we have OpenLDAP running on our mail server, and then we replicate it via. slurpd to our internal LAN. We have all of our user information stored there via. the posixAccount objectclass, which we use for SSO on all of our Desktops (Linux and Mac).

The problem is, I would still like to maintain only 1 LDAP database - Scalix's. In order to do so, I need to have all of our users have a posixAccount objectclass, but I'm not sure how I can do that.

Right now I basically do all of the admin via. phpLDAPAdmin. Would this be the way to go to add/modify the posixInformation (which rarely gets changed)?

Also, would I replicate the database via. slurpd, or use the omldapsync instead? Ideally I would like it to be "real-time" so I don't have to modify the same database in 2 places.

Any advise on where to look to solve these problems would be greatly appreciated.


Posted: Wed Apr 12, 2006 3:47 pm
by florian
You won't be able to do it that way.

The reason is that Scalix does not come with a full-blown and configurable LDAP implementation. We have our own directory mechanism, based on x.400/x.500 attribute syntax. The Scalix LDAP server is only a frontend adapter to it.

However, you can run OpenLDAP on the same machine as the scalix server and integrate scalix with openldap in such a way that user provisioning is automatic. Check man omldapsync for details, also man om_ldap for external authentication.

Cheers, Thx,