Author Topic: [Solved] openfire AD integration with Zentyal  (Read 2701 times)

zippydan

  • Zen Monk
  • **
  • Posts: 80
  • Karma: +1/-0
    • View Profile
[Solved] openfire AD integration with Zentyal
« on: September 20, 2014, 04:39:12 am »
I have Openfire 3.9.3 running on Ubuntu 14 LTS on one server

And I have Zentyal 3.5 on another server.
 
I'm trying to do the config part and connect my Openfire to my Zentyal PDC.  There don't seem to be many options here, but it seems to not be working.
 
So here are the settings I'm using:
 
Type: Active Directory
Hostname: IPof.My.Zentyal.Server (I'm using a local IP since they are on the same LAN)
Port: 389
Base DN: CN=Users,DC=local,DC=mydomain,DC=com
 
Administrator DN: CN=Adminname,CN=Users,DC=local,DC=mydomain,DC=com
Password=Adminname'sPW
 
It seems pretty straight forward. Am I missing something here?
 
I've successfully joined a NAS and several Windows Workstations to this same Zentyal box, but all using a username@local.mydomain.com + password authentication scheme.  This is the first time I am using a DN authentication scheme, but again, it seems pretty straightforward...
 
Is there anywhere I can check for a little more info on what is happening behind the scenes?  The only way I can progress past this point is if I get some error codes or something.  I tried looking in /var/log/zentyal and /var/log/samba, but I don't see anything about AD connection attempts...
« Last Edit: September 22, 2014, 08:42:16 pm by zippydan »

zippydan

  • Zen Monk
  • **
  • Posts: 80
  • Karma: +1/-0
    • View Profile
Re: openfire AD integration with Zentyal
« Reply #1 on: September 20, 2014, 05:12:12 pm »
Someone please tell me which logs I need to check for AD authentication attempts!

jbahillo

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1444
  • Karma: +77/-2
    • View Profile
Re: openfire AD integration with Zentyal
« Reply #2 on: September 20, 2014, 07:58:37 pm »
first point  is to make sure that 389 port in Zentyal is reachable from openfire server. Nmap can help you to do this.

Now , please keep in mind that cn is built with givenName + sN, so probably your dn is not
CN=Adminname,CN=Users,DC=local,DC=mydomain,DC=com
but probably
CN=Adminname Adminsurname,CN=Users,DC=local,DC=mydomain,DC=com


You can check this with ldbsearch  -H /var/lib/samba/private/sam.ldb and looking for your user name

DN for Administrator do is just "Administrator"

zippydan

  • Zen Monk
  • **
  • Posts: 80
  • Karma: +1/-0
    • View Profile
Re: openfire AD integration with Zentyal
« Reply #3 on: September 20, 2014, 08:32:16 pm »
Absolutely perfect!  I love you!

nmap showed everything was fine with the ports.  This was the key I needed:

You can check this with ldbsearch  -H /var/lib/samba/private/sam.ldb and looking for your user name

Turns out the administrator I created for openfire was actually listed like this:

DC=Chat Server,OU=Servers,DC=local,DC=mydomainname,DC=com

Everything is working great now!  Wish I could buy you a beer!