Difference between revisions of "Generic LDAP Integration"

[unchecked revision]

Revision as of 09:46, 26 May 2010

Enable generische LDAP Server authentication

To activate the generic LDAP Server authentication open the MailStore Management Shell and execute the following command:

 store-setprop --name="public.ldap.type" --value="LdapGeneric"

Now you are able configure your LDAP server settings at Management | LDAP Integration.

Synchronizing LDAP users

Since MailStore Server 4.5 it is possible to automatically sync user account from a generic LDAP server (e.g. OpenLDAP). For that purpose the MailStore Management command ldap-sync is available.

 ldap-sync --parameter1="value" --parameter2="value"

The attr-* values depend on the chosen attribute names of you LDAP server.

 Parameter        Meaning
 =================================================================================
 server           IP address or hostname of your LDAP server
 auth-type        optional: Authentification method (None or SecureSocketsLayer)
 user             LDAP DN for username used for synchronization
 pass             password used for synchronization
 base-dn          LDAP Base-DN, e.g. dc=mycompany,dc=local
 filter           optional: LDAP filter string, e.g. (objectclass=posixAccount)
 allow-create     no value. If given, new users will be created in MailStore
 dry-run          no value. If given, simulate execution. 
                          Only valid in conjunction with allow-create
 attr-user        LDAP attribute for usernames, e.g. cn or uid 
 attr-disp        optional: LDAP attribute for displayed name, e.g. displayName
 attr-mail        optional: LDAP attribute for SMTP mail address, e.g. mail

Example 1: Testing the creation of new users ldap-sync --server="ldapserver.mycompany.local" \

 --user="uid=mailstore,dc=mycompany,dc=local" --pass="secret123" \
 --base-dn="ou=users,dc=mycompany,dc=local" --allow-create --dry-run

Example 2: Create new users in MailStore ldap-sync --server="ldapserver.mycompany.local" \

 --user="uid=mailstore,dc=mycompany,dc=local" --pass="secret123" \
 --base-dn="ou=users,dc=mycompany,dc=local" --allow-create

Example 3: Sync existing users with MailStore ldap-sync --server="ldapserver.mycompany.local" \

 --user="uid=mailstore,dc=mycompany,dc=local" --pass="secret123" \
 --base-dn="ou=users,dc=mycompany,dc=local" \
 --attr-user="cn" --attr-disp="displayName" -attr-mail="mail"

Enable ActiveDirectory authentication

To activate the ActiveDirectory authentication open the MailStore Management Shell and execute the following command:

 store-setprop --name="public.ldap.type" --value="ActiveDirectory"

Now you are able to configure your ActiveDirectory settings at Management | ActiveDirectory Integration.

Synchronizing ActiveDirectory users

Synchronization settings for ActiveDirectory users can be configured at Management | ActiveDirectory Integration.

@@ Line 1: / Line 1: @@
-== Generische LDAP Server Authentifzierung aktivieren ==
+== Enable generische LDAP Server authentication ==
-Um die Unterstützung der generischen LDAP Server Authentifizierung zu aktivieren öffnen Sie die MailStore Management Shell und führen folgenden Befehl aus:
+To activate the generic LDAP Server authentication open the MailStore Management Shell and execute the following command:
    store-setprop --name="public.ldap.type" --value="LdapGeneric"
-Nun können Sie in der MailStore Verwaltung die LDAP Paramter konfigurieren.
+Now you are able configure your LDAP server settings at '''Management | LDAP Integration'''.
-=== LDAP Benutzer synchronisieren ===
+=== Synchronizing LDAP users ===
-Seit MailStore Server 4.5 ist es möglich Benutzerkonten automatisch von einem generischen LDAP Server zu synchronisieren. Dazu steht der Befehl <tt>ldap-sync</tt> in der MailStore Management Shell zur Verfügung.
+Since MailStore Server 4.5 it is possible to automatically sync user account from a generic LDAP server (e.g. OpenLDAP). For that purpose the MailStore Management command <tt>ldap-sync</tt> is available.
    ldap-sync --parameter1="value" --parameter2="value"
-Die attr-* Werte hängen von den verfügbaren Attributen des LDAP Servers ab
+The attr-* values depend on the chosen attribute names of you LDAP server.
-   Parameter        Bedeutung
+   Parameter        Meaning
    =================================================================================
-   server           IP Adresse oder Hostname des LDAP Servers
+   server           IP address or hostname of your LDAP server
-   auth-type        Optional: Authentifizierungsmethode (None oder   SecureSocketsLayer)
+   auth-type        optional: Authentification method (None or SecureSocketsLayer)
-   user             LDAP DN des Benutzernamens zur Synchronisierung
+   user             LDAP DN for username used for synchronization
-   pass             Passwort zur Synchronisierung
+   pass             password used for synchronization
-   base-dn          LDAP Basis-DN, z.B. dc=mycompany,dc=local
+   base-dn          LDAP Base-DN, e.g. dc=mycompany,dc=local
-   filter           Optional: LDAP Filter, z.B.   (objectclass=posixAccount)
+   filter           optional: LDAP filter string, e.g. (objectclass=posixAccount)
-   allow-create     kein Wert. Wenn angegeben werden neue Benutzer in MailStore erstellt.
+   allow-create     no value. If given, new users will be created in MailStore
-   dry-run          kein Wert. Wenn angegeben wird der Befehl nur simuliert. Nur gültig in Verbindung mit <tt>allow-create</tt>
+   dry-run          no value. If given, simulate execution.
-   attr-user        LDAP Attribut für Benutzername, z.B. cn oder uid
+                           Only valid in conjunction with allow-create
-   attr-disp        Optional: LDAP Attribut für des anzuzeigenden Namen, z.B. displayName
+   attr-user        LDAP attribute for usernames, e.g. cn or uid
-   attr-mail        Optional: LDAP Attribut für die SMTP Adresse, z.B. mail
+   attr-disp        optional: LDAP attribute for displayed name, e.g. displayName
+   attr-mail        optional: LDAP attribute for SMTP mail address, e.g. mail
-'''Beispiel 1:''' Testen des Erstellens von neuen Benutzern
+'''Example 1:''' Testing the creation of new users
+ldap-sync --server="ldapserver.mycompany.local" \
-  ldap-sync --server="ldapserver.mycompany.local" \
    --user="uid=mailstore,dc=mycompany,dc=local" --pass="secret123" \
    --base-dn="ou=users,dc=mycompany,dc=local" --allow-create --dry-run
-'''Beispiel 2:''' Neue Benutzer anlegen
+'''Example 2:''' Create new users in MailStore
+ldap-sync --server="ldapserver.mycompany.local" \
-  ldap-sync --server="ldapserver.mycompany.local" \
    --user="uid=mailstore,dc=mycompany,dc=local" --pass="secret123" \
    --base-dn="ou=users,dc=mycompany,dc=local" --allow-create
-'''Beipsiel 3:''' Existierende Benutzer synchronisieren
+'''Example 3:''' Sync existing users with MailStore
+ldap-sync --server="ldapserver.mycompany.local" \
-  ldap-sync --server="ldapserver.mycompany.local" \
    --user="uid=mailstore,dc=mycompany,dc=local" --pass="secret123" \
    --base-dn="ou=users,dc=mycompany,dc=local" \
    --attr-user="cn" --attr-disp="displayName" -attr-mail="mail"
-== ActiveDirectory Authentifzierung aktivieren ==
+== Enable ActiveDirectory authentication ==
-Um die Unterstützung der ActiveDirectory Authentifizierung zu aktivieren öffnen Sie die MailStore Management Shell und führen folgenden Befehl aus:
+To activate the ActiveDirectory authentication open the MailStore Management Shell and execute the following command:
    store-setprop --name="public.ldap.type" --value="ActiveDirectory"
-Nun können Sie in der MailStore Verwaltung die ActiveDirectory Paramter konfigurieren.
+Now you are able to configure your ActiveDirectory settings at '''Management | ActiveDirectory Integration'''.
-=== ActiveDirectory Benutzer synchronisieren ===
+=== Synchronizing ActiveDirectory users ===
-Die Einstellungen zur Synchronisation der Benutzer mit einem Active Directorz können Sie unter '''Verwaltung | ActiveDirectory Integration''' konfigurieren
+Synchronization settings for ActiveDirectory users can be configured at '''Management | ActiveDirectory Integration'''.
-[[de:change authentification method]]
+[[de:Authentifizierungsmethoden]]