Scalix Forums

Hi I'm looking to run an external directory server on the Scalix server as SAMAB an various other services run on the same machine. I have looked over previous postings and discovered that the SAC, SWA and other Scalix web based apps were not capable of looking at a port other than 389. Has this now been fixed or is there another workaround?

Many thanks

Mike v

Hi Mikevl,

If you don't want to use SAC you can configure Scalix LDAP to run on a different port by modifing the port number parameter in /var/opt/scalix/sys/slapd.conf. To have SWA find LDAP on a different port modify the port number parameter in /etc/opt/scalix/webmail/partner.xml.

SAC is not figurable for any other port than 389.

Regards,
Don

Hi Don thanks for your reply. When do you think the SAC element will be capabe of altering its LDAP port?. Seems a shame to loose this neat feature.

Mike v

Hi Would it be difficult to intergrate Scalix with a Secure LDAP serever (port 636). Therefore retaining the SAC interface facilities?

Many thanks

Mike v

Mike,

I have a test Centos server running Fedora Directory Server on port 390 (MS recommends this port for alt ldap port for exchange)...FDS also is configured for 636 for all ldap auth for clients. I don't know what it takes to get scalix to use 636 with FDS, but since I have FDS on the same server, it simply uses port 390 on the localhost, therefore, the communication does not go over the wire, securing internal locahost communication is not necessary.

Regarding Samba, I have imported the samba ldif and configued samba for ldap lookup against FDS. FDS is very nice in that it will replicate (using 636) all samba stuff with ldap replication. Instead of using Microsoft domain membership, I use pGina to authenticate logins for Windows PCs. pGina uses port 636 and it can be configured to allow a user to be a local "user" or a "administrator". Using LDAP instead of samba (domain membership) allows all users (Linux, mac, windows) to exist as LDAP users in FDS. Only windows users get the samba schema added to their account by using smbpasswd -a (on the centos server). Only complaint I have so far is samba passwords have to be changed using usermin (hosted on Centos) and are seperate (not in sync) with the LDAP passwords. Also, samba can see all my posix users in LDAP, but it does not see the FDS groups....I have to create local groups on Centos and add FDS Ldap users to the groups. This requires keeping all uid and guids straight across servers. Regarldess, I have created single username/password environment to provide login, file server, print server, scalix email, ddns, ftp, http, without any Microsoft Server/Network products....(excluding XP clients).

Ryan

Could you have samba talk to openldap via UNIX domain sockets? That way, all regular ldap ports would be available for scalix.

(and then choose a random port to connect to the openldap server to add users, etc. I guess you have to tell linux about this random port also, for it to be able to lookup the users)

mj