Artica-Zarafa import Active Directory Windows 2008

discuss between artica users about howto use Artica.
This forum is not read by the Artica's developers.
Questions and answers are from the community..

Re: Artica-Zarafa import Active Directory Windows 2008

New postby admin » Sun Nov 18, 2012 4:48 am

This is a connection error "Unable to connect to the specified server" not a credentials issue.
Try a telnet on 389 port from the console to the AD server
User avatar
admin
Site Admin
 
Posts: 11946
Joined: Wed Oct 17, 2007 7:59 am
Location: France

Re: Artica-Zarafa import Active Directory Windows 2008

New postby rollercoaster » Sun Nov 18, 2012 8:55 pm

The previous post was using credentials of Administrator. I do believe it is related to authentication because when I switch to using Anonymous access the connection to Active Directory is established. But anonymous does not have access to the schema so it will not actually import anything.
What is the authentication mechanism used for this importation? plain-text, MD5 or GSS-negotiate?



root@zarafa-appliance:~# php5 /usr/share/artica-postfix/exec.ad-import-ou.php Mycompany.com --verbose
[12927] [DAEMON]::::Perform_import:: delete /usr/share/artica-postfix/ressources/logs/web/ad-Mycompany.com.log in class.activedirectory.inc
[12927] [DAEMON]::::wad:: Connection to Active Directory server in class.activedirectory.inc
[12927] [DAEMON]::::wad:: Connected to Active Directory server in class.activedirectory.inc
[12927] [DAEMON]::::wad:: path: cn=Users,dc=mycompany,dc=com in class.activedirectory.inc
[12927] [DAEMON]::::wad:: Filter: (&(objectclass=user)(!(objectclass=computer))) in class.activedirectory.inc
[12927] [DAEMON]::::wad:: Search the right query... in class.activedirectory.inc
[12927] [DAEMON]::::wad:: try (&(objectclass=user)(!(objectclass=computer))) in class.activedirectory.inc
[12927] [DAEMON]::::wad:: Error:1 Operations error in class.activedirectory.inc
[DEBUG SOCKET] http://127.0.0.1:47980/cmd.php?postfix-hash-tables=yes<br>
[12927] [DAEMON]::::sockets/getFrameWork:: http://127.0.0.1:47980/cmd.php?postfix-hash-tables=yes in class.sockets.inc line 525
[DEBUG SOCKET] -> cmd.php?postfix-hash-tables=yes curl_init() fopen_curl Line:417<br>
[DEBUG SOCKET] -> cmd.php?postfix-hash-tables=yes curl_exec() fopen_curl Line:430<br>
[DEBUG SOCKET] -> cmd.php?postfix-hash-tables=yes: 0 bytes length Err.0fopen_curl Line:434<br>
[DEBUG SOCKET] return null<br>
root@zarafa-appliance:~#
rollercoaster
 
Posts: 8
Joined: Thu Nov 15, 2012 3:08 am
Artica servers number: 1
Linux System: CentOS
Technical skills: Microsoft Windows skills

Re: Artica-Zarafa import Active Directory Windows 2008

New postby admin » Mon Nov 19, 2012 11:13 am

It is plain text
User avatar
admin
Site Admin
 
Posts: 11946
Joined: Wed Oct 17, 2007 7:59 am
Location: France

Re: Artica-Zarafa import Active Directory Windows 2008

New postby rollercoaster » Tue Nov 20, 2012 5:56 am

I just got around to reconfiguring the windows 2008 server to allow plain-text password. After making the change from secure authentication to simple I was able to get a connection. For anyone that needs to do the same the settings are located in the [Group Policy Management Editor-Default Domain Controllers Policy-Computer Configuration-Policies-Windows Settings-Security Settings-Local Policies-Security Options]
Change the two policies to either <not defined> or <none>
1. Domain controller: LDAP server signing requirements
2. Network security: LDAP client signing requirements
After that's completed you only need a domain user account to access the LDAP schema.


Thank you for helping to troubleshoot this issue. When do you think the option for secure ldap authentication will be available?
Also when the users are imported are their passwords imported also so they can authenticate with their windows logon when using Artica-Zarafa Webaccess?
Attachments
articaworking.jpg
articaworking.jpg (125.82 KiB) Viewed 4460 times
rollercoaster
 
Posts: 8
Joined: Thu Nov 15, 2012 3:08 am
Artica servers number: 1
Linux System: CentOS
Technical skills: Microsoft Windows skills

Re: Artica-Zarafa import Active Directory Windows 2008

New postby admin » Tue Nov 20, 2012 11:29 am

Nope, passwords cannot be retreived trough Active Directory and LDAP.
You must re-define user's password after importing members.
User avatar
admin
Site Admin
 
Posts: 11946
Joined: Wed Oct 17, 2007 7:59 am
Location: France

Previous

Return to Community tutorials

Who is online

Users browsing this forum: No registered users and 2 guests

cron