[Freeipa-users] Can FreeIPA v2 be used as Zimbra external LDAP authenticator?
David L. Willson
DLWillson at TheGeek.NU
Fri May 27 04:02:11 UTC 2011
While trying to setup my new, tested FreeIPA v2 server as an external LDAP authenticator for Zimbra 7.1, I got this error:
ssl connect problem most likely untrusted certificate
I found this article:
http://www.zimbra.com/forums/administrators/16311-ssl-connect-problem-most-likely-untrusted-certificate.html
I'm pretty sure I've successfully imported the certificate for the LDAP server, which I downloaded from the web management interface on FreeIPA v2 and imported at the shell prompt on the Zimbra server with this command:
sudo /opt/zimbra/java/bin/keytool -import -alias humperdinck -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file humperdinck_ldap_cert
And restarted Zimbra services with these commands:
zmcontrol stop && zmcontrol start
Now the error's different. Great. I feel like I'm so close...
Has anyone got this working? Willing to share your settings? Alternately, do you already know that this can't be done? Does IPA even support LDAP auth, or is it strictly Kerberos for auth?
This is my first run with IPA. So far, it seems like an awesome product, but a bit hard to use...
Next on my wish list, is to configure about 30 Ubuntu 10.04 netbooks, 75'ish desktops, and 3 servers to use it for authentication and user-data.
David L. Willson
Trainer, Engineer, Enthusiast
RHCE MCT MCSE Network+ A+ Linux+ LPIC-1 NovellCLA UbuntuCP
tel://720.333.LANS
Freedom is better when you earn it. Learn Linux.
More information about the Freeipa-users
mailing list