Scalix Forums


http://www.scalix.com/forums/

Authentication against Scalix's LDAP server

http://www.scalix.com/forums/viewtopic.php?f=9&t=5071

Page 1 of 1

Authentication against Scalix's LDAP server

Posted: Tue Dec 05, 2006 8:47 pm
by jnawk
Has anyone tried/succeeded to get other products (eg, a web server, ftp server, etc) to authenticate against Scalix?

I see there is a wealth of material about getting Scalix to play with other LDAP servers, but in my case, I want Scalix to be the LDAP server.

Is this even possible? (is there enough extra information in the Scalix LDAP (home directory, user id) or can this extra information be placed into the Scalix LDAP)

Cheers,

Phil

BumP

Posted: Wed Jan 17, 2007 11:20 am
by dwalexuk
Any luck?
I would like to setup SAMBA PDC with authentication in SCALIX ldap. doesn't know where to start for a change.

LDAP authentication

Posted: Wed Jan 17, 2007 12:34 pm
by racmar
I tried to get Spamtitan http://www.spamtitan.com/ to authenticate with Scalix's ldap, but could not figure it out quickly enough. I finally noticed that Spamtitan can authenticate /w IMAP also, and that works wonderfully.

Posted: Wed Jan 17, 2007 4:59 pm
by jnawk
I decided to have another crack at it today,

It appears that there is no attribute defining the password for any user, (or if there is, it doesn't expose itself, even when binding as the administrator).

If there is such an attribute, and I could extend the schema (to put such things as login shell, home dir, etc) then I could get it going.

Anyone aware of a password attribute? Anyone played around with putting their own information in?

Posted: Wed Jan 17, 2007 6:24 pm
by kanderson
Scalix's LDAP isn't really a complete LDAP server. To my knowledge nobody has successfuly authenticated against it with something like Samba.

The general recommendation is to go the other way. Scalix can authenticate against OpenLDAP with very little effort from the admin. Same with Samba. So rather than having Samba authenticate against scalix's LDAP, have Scalix authenticate against Samba. This is a common configuration, so troubleshooting it from both Samba and Scalix will be straightforward.

The most important problem you'll hit, and you;ll hit it almost immediately, is that you cannot extend the schema for Samba's objects, as far as I know, so it will simply not work to use Scalix to house your Samba data.

Posted: Wed Jan 17, 2007 6:34 pm
by jnawk
Damn. I was hoping to only need a single LDAP. (ie, Scalix) I don't suppose this is a new feature in Scalix 11?



For the record, I am trying to have Linux system accounts authenticated against Scalix.

Posted: Wed Jan 17, 2007 6:43 pm
by kanderson
Do it the other way. Just pretend Scalix's LDAP doesn't exist. Use OpenLDAP for your stuff, and then change the PAM entries so that Scalix look there too.

I suppose you'd still need to initially create users within Scalix, but ldapsync should help there.
All times are UTC-04:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/