I reconfigure those files according to the wiki, with om_ldap.conf in /opt/scalix/template/release.sys/ .........
and still no joy
Authenticating using an external OpenLDAP server
Moderators: ScalixSupport, admin
-
ioitest
- Posts: 19
- Joined: Sun Dec 03, 2006 11:33 pm
-
potatoinmiri
- Posts: 58
- Joined: Wed Mar 28, 2007 9:25 pm
Hi ioitest,
I think its weird that you are without the ~/sys and ~/sys/pam.d directory. There are dozens of directories under your /var/opt/scalix/sx/ , in fact it is where all your mailboxes and configuration lies. and what you should backup on a proper scalix backup plan.
Those directories are created automatically when you install scalix. I suggest you do a reinstallation. But before that, make sure you remove all existing scalix directories. locate scalix on your system and delete all directories with the word scalix on it and then do your installation. Last time i had problem with my configuration when i have the scalix home directory wrongly named because i didnt remove the home directory from my previous installation.
after reinstall, check if you got anything under /var/opt/scalix/sx. and not the sx should match your mailnode name. It takes the first and last alphabet of your scalix primary mailnode .
From my installation, i had the pam.d directory there by default, only had to create pamcheck file if i am not wrongly remember.
I think its weird that you are without the ~/sys and ~/sys/pam.d directory. There are dozens of directories under your /var/opt/scalix/sx/ , in fact it is where all your mailboxes and configuration lies. and what you should backup on a proper scalix backup plan.
Those directories are created automatically when you install scalix. I suggest you do a reinstallation. But before that, make sure you remove all existing scalix directories. locate scalix on your system and delete all directories with the word scalix on it and then do your installation. Last time i had problem with my configuration when i have the scalix home directory wrongly named because i didnt remove the home directory from my previous installation.
after reinstall, check if you got anything under /var/opt/scalix/sx. and not the sx should match your mailnode name. It takes the first and last alphabet of your scalix primary mailnode .
From my installation, i had the pam.d directory there by default, only had to create pamcheck file if i am not wrongly remember.
-
ioitest
- Posts: 19
- Joined: Sun Dec 03, 2006 11:33 pm
Dear potatoinmiri,
Yep. the directory location is the problem. It is all located in /var/opt/scalix/sx/s/sys/pam.d/ ...... someone need to update those old version wikis..........
made the necessary adjustments. And the result is :
[root@scalix pam.d]# sxpamauth -vvv kohl
pam_start_om("pamcheck", "kohl")
pam_authenticate()
Password:
pam_acct_mgmt()
I now have scalix ldap authentication !!!
Thanks a lot for your assistance.... maybe if i have the time i will try to create an updated version of the scalix-openldap wiki.......
Yep. the directory location is the problem. It is all located in /var/opt/scalix/sx/s/sys/pam.d/ ...... someone need to update those old version wikis..........
made the necessary adjustments. And the result is :
[root@scalix pam.d]# sxpamauth -vvv kohl
pam_start_om("pamcheck", "kohl")
pam_authenticate()
Password:
pam_acct_mgmt()
I now have scalix ldap authentication !!!
Thanks a lot for your assistance.... maybe if i have the time i will try to create an updated version of the scalix-openldap wiki.......
-
potatoinmiri
- Posts: 58
- Joined: Wed Mar 28, 2007 9:25 pm
-
ioitest
- Posts: 19
- Joined: Sun Dec 03, 2006 11:33 pm
Dear Potatoinmiri,
First hurdle cleared!
Now comes the 2nd hurdle......
I cant change Helmut Kohl password from SWA or Outlook connector. The error message is "The old password is incorrect. Password was not changed". i dont think there is any docs on this.
My idea is to be able to change/sync password from scalix, intranet,samba,etc. As in viewtopic.php?t=5431
Any lights on why scalix cant change openldap password?
First hurdle cleared!
Now comes the 2nd hurdle......
I cant change Helmut Kohl password from SWA or Outlook connector. The error message is "The old password is incorrect. Password was not changed". i dont think there is any docs on this.
My idea is to be able to change/sync password from scalix, intranet,samba,etc. As in viewtopic.php?t=5431
Any lights on why scalix cant change openldap password?
-
Valerion
- Scalix Star
- Posts: 2730
- Joined: Thu Feb 26, 2004 7:40 am
- Location: Johannesburg, South Africa
- Contact:
As far as I remember in Scalix 10 om_ldap is unable to change passwords. I can't spot anything in the man page, but I don't think this changed in 11. (I may be wrong, of course).
You can use the Linux pam_ldap to do that instead of om_ldap, but then you will have to configure the pam_ldap config files as well. Got that working once on Scalix 10, but I haven't played with it in well over a year, so I can't help you a lot.
You can use the Linux pam_ldap to do that instead of om_ldap, but then you will have to configure the pam_ldap config files as well. Got that working once on Scalix 10, but I haven't played with it in well over a year, so I can't help you a lot.
-
potatoinmiri
- Posts: 58
- Joined: Wed Mar 28, 2007 9:25 pm
Hi Ioitest,
Sorry for the late reply. I have just came back from my vacation.
I was planning to do the same thing as you too. I only got to the ldap authentication successfully bit, and read that omldapsync thingi must be implemented for the scalix and ldap to synchorize but i can't find many good documentation on how to use the omldapsync function to do that...maybe i am too dumb to figure it out.
will continue where i left off before my vacation tomorrow, hopefully i can get something work and share any successful story with you, sorry not much help yet.
Sorry for the late reply. I have just came back from my vacation.
I was planning to do the same thing as you too. I only got to the ldap authentication successfully bit, and read that omldapsync thingi must be implemented for the scalix and ldap to synchorize but i can't find many good documentation on how to use the omldapsync function to do that...maybe i am too dumb to figure it out.
will continue where i left off before my vacation tomorrow, hopefully i can get something work and share any successful story with you, sorry not much help yet.
-
potatoinmiri
- Posts: 58
- Joined: Wed Mar 28, 2007 9:25 pm
Hi Ioitest,
Yeah Valerion is correct. You can change your openldap password from scalix. Please refer to the following thread.
viewtopic.php?p=38436#38436
From my setup now, i have omldapsync the accounts created from openldap. When you log into sac, you cans ee the accounts created from openldap are all greyed out, you can't edit anything. As for our setup, we are still undecided on whether we should use external openldap authentication or the existing scalix directory which comes out of our box.
Yeah Valerion is correct. You can change your openldap password from scalix. Please refer to the following thread.
viewtopic.php?p=38436#38436
From my setup now, i have omldapsync the accounts created from openldap. When you log into sac, you cans ee the accounts created from openldap are all greyed out, you can't edit anything. As for our setup, we are still undecided on whether we should use external openldap authentication or the existing scalix directory which comes out of our box.
Who is online
Users browsing this forum: No registered users and 2 guests