UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI

Introduction

This document describes how you can configure Zimbra Collaboration Server (ZCS) and Samba to act as a primary domain controller (PDC) that uses LDAP (Lightweight Directory Access Protocol) as a central password database for authenticating users on Linux and Windows desktops. The motivation behind this document is the need to seamlessly integrate ZCS into corporate network environment based entirely on Open Source server software. This functionality is achieved by configuring Zimbra LDAP to act as a central user database for PAM (Pluggable Authentication Modules), NSS (Name Service Switch), and for Samba’s ldapsam password backend. The document also describes Zimbra Admin Extensions that allow managing OS and Samba accounts, groups and domains through Zimbra Admin UI.

The setup described in this document is not the only possible way to make Samba and Zimbra use the same user database for authentication. There are multiple other ways to achieve similar functionality, and it is recommended that you explore Zimbra WIKI at http://wiki.zimbra.com to see if another solution is a better fit for your needs. However, this solution is the only solution that allows network administrators to manage Windows user accounts and groups using Zimbra Admin UI. It is also highly recommended to get familiar with Zimbra, Samba, LDAP and PAM, before you start the installation. Particularly helpful are the following sources of information:

• LDAP Authentication HOWTO http://ldots.org/ldap/
• Authenticating with LDAP http://imaginator.com/~simon/ldap/
• pam.d(5) man page (explains syntax of pam.d configuration files which you will have to edit during the installation) http://www.die.net/doc/linux/man/man5/pam.d.5.html
• PAM FAQ http://www.kernel.org/pub/linux/libs/pam/FAQ
• The Official Samba-3 HOWTO and Reference Guide http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/
• Zimbra Documentation http://www.zimbra.com/products/documentation.html
• LDAP-Samba PDC (for Linux and Windows) https://help.ubuntu.com/community/LDAP-Samba_PDC_(for_Linux_and_Windows)

Read more at wiki.zimbra.com

Advertisement