Ldap schema extension for KERIO Connect

Support
1

Hi to all,
A client of mine is using Nethserver and it works perfect along treunas as file server . Additionaly he switched to KerioConnect mail server (among the other nice features included in GFI unlimited package). KerioConnect can connect to MS AD but only with extended ldap schema and MS has provided tool for this extension. From my MS-GFI experience this works pretty correct.
Is there any possibility to extend/adopt NethServer AD schema for this purpouse ?

Thank you in advance
BR
Tonci

2

https://docs.nethserver.org/projects/nethserver-devel/en/latest/nethserver-directory.html

RFC2307 schema, user and group account management

Do you know if “MS AD with extended ldap schema” comply with RFC2307?

3

@tonci

AFAIK, you should be able to use MS-RSAT with a PC logged on as member of the Domain Admins group and be able 2 add in the extension…

My 2 cents
Andy

4

Hallo Andy,
unfortunately this tool (MS .exe) extends AD Schema when run from AD SchemaMAster only … So, obviously, we have to intervene in NethServer manually to extend AD/Ldap Schema the same way this tool does …

BR
Tonci

5

Hallo
maybe the GFI Manual Link helps
Kerio Connect Mapping users/groups from an OpenLDAP or Generic LDAP server
Uwe

6

Yes, thank you … I’ve found it already … It says:

  • " To extend the OpenLDAP schema download schema extension file kerio-mailserver.schema from Attachments section. Copy schema extension file to /etc/openldap/schema/ directory.

  • Edit the /etc/openldap/slapd.conf file (using the vi editor for example) and add new line to appropriate section of the config file (the section with other includes): include /etc/openldap/schema/kerio-mailserver.schema

  • Restart the OpenLDAP server by executing following command: /etc/init.d/ldap restart

Is this a way to go ? But AFAIK we are not using classic openldap but SAMBA4(AD-ldap) … so I assume the solution above cannot be considered?

7

What about using phpmyldap

1 Like