Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Apple Open Direcrory
  •  
jonbrain

Messages: 305
Karma: 0
Send a private message to this user
Can't seem to get this working.

Apple Open Directory is installed on the same machine as Kerio.

The machine is called 'xavier' and the domain is 'codenetwork.co.uk'

Can anyone help?
  •  
jonbrain

Messages: 305
Karma: 0
Send a private message to this user
Has anyone else got this to work?

Is there anyway to tell if the plugin is working correctly?
  •  
jonbrain

Messages: 305
Karma: 0
Send a private message to this user
I phoned the UK Techical support. They were really good and fixed the problem.
  •  
st3phen

Messages: 15
Karma: 0
Send a private message to this user
Can you give an overview of what the resolution was?
  •  
jonbrain

Messages: 305
Karma: 0
Send a private message to this user
Hi

I use the following setup:

Hostname: myserver
Username: uid:administrator, cn=users,dc=<mydomain>,dc=co,dc=uk

LDAP Search Suffix
dc=<mydomain>,dc=co,dc=uk

Note: Don't have the server name in the Username or LDAP Search suffix.

Also make sure you have installed the plugin.

Hope this helps.

Jono.
  •  
st3phen

Messages: 15
Karma: 0
Send a private message to this user
Thanks. That got me closer (I had the hostname as one of the dc='s in the Username field).

Unfortunately, when I go on to Domain Settings:Users and click Add... I can see all of my domain users. But, when I try to add them, I get an LDAP error.

Checking the logs reveal no interesting troubleshooting information.
  •  
jonbrain

Messages: 305
Karma: 0
Send a private message to this user
I'm sorry i'm not sure. I would give techical support a ring.
  •  
jshaw541

Messages: 462
Karma: 0
Send a private message to this user
As far as I know, you don't actually add them. You just interface into your directory service and go. At least that's how it works with Active Directory. You hook it into AD, verify the users show up in the users pane, and go. No importing or adding necessary, because you did that with the directory service configuration.

Should be the same for OD, too.

Jacob


st3phen wrote on Mon, 02 August 2004 15:31

Thanks. That got me closer (I had the hostname as one of the dc='s in the Username field).

Unfortunately, when I go on to Domain Settings:Users and click Add... I can see all of my domain users. But, when I try to add them, I get an LDAP error.

Checking the logs reveal no interesting troubleshooting information.


Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
  •  
st3phen

Messages: 15
Karma: 0
Send a private message to this user
It's a bit different. The process is actually clicking the 'Add...' button, then choosing "Activate User in Directory Service." At that point, a list of directory users shows up, and you tick the boxes next to those you want to have mailboxes.

Sadly, that's where I get an "Error: LDAP Operation Failed" error dialogue.

I rang up support, but it appears only one person knows Open Directory integration, and he's part of "Level 2" support and been unavailable to me so far.
  •  
jshaw541

Messages: 462
Karma: 0
Send a private message to this user
Ah, thanks for the info. You might also try firing up Admin Console, going to the debug log window, right-clicking and selecting "Select log events..." and clicking the LDAP/OD related checkboxes and monitoring that for more verbose errors.

Jacob


st3phen wrote on Tue, 03 August 2004 11:12

It's a bit different. The process is actually clicking the 'Add...' button, then choosing "Activate User in Directory Service." At that point, a list of directory users shows up, and you tick the boxes next to those you want to have mailboxes.

Sadly, that's where I get an "Error: LDAP Operation Failed" error dialogue.

I rang up support, but it appears only one person knows Open Directory integration, and he's part of "Level 2" support and been unavailable to me so far.


Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
  •  
Lyle M

Messages: 410

Karma: 7
Send a private message to this user
Sounds like you are most of the way there. I had this working, but it broke when I clean installed 6.0.1. If you can get as far as seeing your OD users (cn=users), then your connection is good (I can't get that far for the moment).

From what I have been told, the OD Extensions don't always install correctly. With root access, take a look at /etc/openldap/slapd.conf --

Make sure it contains the following:

include /etc/openldap/schema/kerio-mailserver.schema

If it does not, add it near the top of the file.

Now, if I can only get past the initial LDAP failure...

Good Luck!
  •  
pmartin

Messages: 7
Karma: 0
Send a private message to this user
This fixed the problem for me. Thank you for the post. I have been trying to get this working for some time in my environment. Kerio needs to do a LOT better wih the documentation and in responding to customers. I've had several phone calls and e-mails go unanswered.
  •  
Lyle M

Messages: 410

Karma: 7
Send a private message to this user
You're welcome. Now, whatever you do, do not install 6.0.1! It will break the connection to OD.
  •  
digital randy

Messages: 33
Karma: 0
Send a private message to this user
Thanks for all the great details and help in this thread!!! I actually have my KMS talking to the OD of my Xserve, 10.3.4.

Now to show my complete ignorance...

LDAP is running on the Xserve, part of OD, therefore LDAP won't run within KMS. I don't get how the email address listing get back to OS X Server LDAP to be published via its LDAP server.

I set up my Address Book app. to read the LDAP from the Xserve and I see the users, but there is no other, specifically email address, information about the users.

What am I missing!!!???!!!

Thanks,

Randy
Lyle M

Messages: 410

Karma: 7
Send a private message to this user
Hi Randy,
You're in for a real treat. This has been the largest dilemma for my Kerio deployment.

First, you can run KMS's LDAP server at the same time as OD, if you use a different port number for Kerio's LDAP. You can also use Kerio's secure LDAP. The easiest path to take would be to activate your OD users in Kerio and then copy those users into the Kerio public address book. The public contact list can be accessed via the web client without Kerio's LDAP server even running. You can also use the web interface to populate all the directory info you would commonly find in an address card entry (using a web client log in with admin privs).

I have found that not all of Kerio's directory fields map to the corresponding fields in Entourage on the Mac - so they may potentially not map properly to other LDAP clients. Some fields also do not display in the web client contact list "phone book" view! Oddly, they do display in the web client's "address cards" view.

It is my intention to use OpenDirectory as our LDAP server for our Entourage, Outlook, and Outlook Express clients. I chose this path because OD can handle contact photos, which KMS cannot do.

To have OD supply all the LDAP "address card" info you have to add the appropriate attributes to each user. In Workgroup Manager (with the Inspector turned on in the prefs) you can add attributes for the data fields you require. The sad (and frustrating) part is that Workgroup Manager does not allow you to add those attributes to all the users simultaneously. I am currently investigating tools like phpLDAPadmin (on sourceforge.net) to see if they can help me manage users and directory info in a way that is OD and Kerio friendly. Having an understanding of OpenLDAP may be essential, and so I must learn ever more stuff.

Ideally, I'll find a way to even import all my user account info from my old Eudora Internet Mail Server. If anyone has any ideas or thoughts on such a migration, or any ideas on how to best manipulate Apple's OD without resorting to the command line, I would really appreciate it.

Hope I was able to help.

Cheers.
Previous Topic: How to Automatic install (or update) KOC 6.0.10 with script (AutoKOC) by LeBobo
Next Topic: WMI on 6.0.10 & Win32 -- Windows Admins, please read and help --
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Nov 23 19:53:09 CET 2017

Total time taken to generate the page: 0.00516 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.