Zentyal 2 LDAP as accounts provider

gondrano · March 1, 2017, 9:37am

Hi @davidp,
unfortunately are out of the office, sorry for the delay.
Zentyal Core version 2.2.11 (very old, ubuntu 10.04)
At the moment I do not have access to the NS, but I remember that Zentyal has no admin user.

Then I have other difficulties:

Zentyal LDAP runs without TLS / SSL and sssd not allow authentication
In Zentyal, the groups have an email address and the members of the groups are automatically routed.
The first point I resolved with LDAP over SSL, it is cumbersome but you can do.
For the second point I’m looking for a solution …

davidep · March 1, 2017, 9:44am

Did you set ldaps:// in “Accounts provider > Advanced settings”?

On ns6 was the same. On ns7 we cannot implement the same feature, but you could try one of the following solutions:

distribution list: define a mail alias and select a group as destination: when you save the group is immediately expanded to its members. It’s like you enter the members one by one.
shared mailbox: create a shared mailbox and assign it to a group. Then create a mail alias and select the shared mailbox as destination: members of the group can see the shared mailbox from their IMAP clients.

gondrano · March 1, 2017, 4:16pm

In fact I did so. The problem was to tell Zentyal to go LDAP over SSL

thanks a lot, that solves everything.

gondrano · March 2, 2017, 1:21pm

does not work
but we know why:
file: /usr/libexec/nethserver/list-group-members

line 66 
-'memberfilter' => '(objectClass=shadowsAccount)'
+'memberfilter' => '(objectClass=posixAccount)'

davidep · March 2, 2017, 2:03pm

Right! It was already added to the PR!

It will be released soon!

giacomo · March 2, 2017, 3:13pm

I just released the rpm in testing repository.

It works correctly in my machine, @gondrano could you install the upgrade when you have a little time?

Just execute:

yum --enablerepo=nethserver-testing update nethserver-sssd

davidep · March 7, 2017, 3:31pm

A post was split to a new topic: Zentyal 2 as remote LDAP accounts provider

davidep · March 3, 2017, 2:12pm

Great piece of work @gondrano! I’d like to move it into #howto category!

gondrano · March 7, 2017, 3:28pm

Agree.

davidep · March 7, 2017, 3:33pm

Fix released in nethserver-updates:

nethserver-sssd-1.1.9-1.ns7.noarch.rpm

davidep · March 10, 2017, 3:33pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.