Hi@all,
I invested a few hours today and tested Grammmunio.
I reinstalled the current version (grommunio_Appliance.x86_64-2021.08.1-Build14.49.install.iso). Performed the basic configuration (network, language) and then ran the setup wizard.
Then I have to configure the LDAP connection to our UCS server.
A user object in the UCS-LDAP looks like this (according to the sense):
ldapsearch -x -h srv01.firma.local -p 7389 -LLL -D uid=Administrator,cn=users,dc=firma,dc=local uid=s.meier -W
Enter LDAP Password:
dn: uid=s.meier,cn=users,dc=firma,dc=local
uid: s.meier
krb5PrincipalName: s.meier@FIRMA.LOCAL
uidNumber: 2017
sambaAcctFlags: [U ]
sambaPasswordHistory: 94D313AA8DF66155C10960FB359C0DB3F03E676EAE577A3410754AD2
76D56F36
sambaBadPasswordCount: 0
krb5MaxLife: 86400
shadowLastChange: 18257
cn: Sepp Meier
title: Herr
userPassword::
--snipp --
krb5MaxRenew: 604800
krb5KeyVersionNumber: 1
sambaBadPasswordTime: 0
loginShell: /bin/bash
univentionObjectType: users/user
krb5KDCFlags: 126
gidNumber: 5001
sambaPwdLastSet: 1577446062
sambaPrimaryGroupSID: S-1-5-21-1455668044-2473289563-2006192320-513
sambaNTPassword: 01F2C83678D95ACDED92C11D8EE440AD
displayName: Sepp Meier
gecos: Sepp Meier
sn: Meier
pwhistory: $6$QSKFkusIyOZfUua1$HwHrVAa9PTsowtlUxOoiofRhmQDih99ALLwZ/fpYmMKjIIK
BdsQy3P/4Hob96V8Y366Ql.Fmq995oseOlVXux1
homeDirectory: /home/s.meier
givenName: Sepp
sambaSID: S-1-5-21-1455668044-2473289563-2006192320-1120
mailPrimaryAddress: sepp@externedomain.de
kopanoAccount: 1
kopanoSharedStoreOnly: 0
univentionFetchmailServer: mail.externedomain.de
univentionFetchmailUseSSL: 1
univentionFetchmailProtocol: POP3
univentionFetchmailAddress: user123
MobyDickEnabled: TRUE
mobile: +4917612345678
telephoneNumber: 24
enabledServiceProviderIdentifier: SAMLServiceProviderIdentifier=https://cloud0
1.firma.local/nextcloud/apps/user_saml/saml/metadata,cn=saml-serviceprovider,c
n=univention,dc=firma,dc=local
nextcloudEnabled: 1
mailAlternativeAddress: sepp.meier@privateexternedomain.de
mailAlternativeAddress: sepp@privateexternedomain.de
sambaHomeDrive: L:
sambaHomePath: \\srv01.firma.local\s.meier
kopano4ucsRole: admin
kopanoAdmin: 1
kopanoEnabledFeatures: mobile
kopanoEnabledFeatures: outlook
kopanoEnabledFeatures: imap
odooActivated: TRUE
objectClass: krb5KDCEntry
objectClass: univentionMobyDickAccount
objectClass: sambaSamAccount
objectClass: person
objectClass: univentionFetchmail
objectClass: automount
objectClass: nextcloudUser
objectClass: univentionSAMLEnabled
objectClass: krb5Principal
objectClass: organizationalPerson
objectClass: univentionPWHistory
objectClass: shadowAccount
objectClass: univentionObject
objectClass: univentionMail
objectClass: odooUser
objectClass: inetOrgPerson
objectClass: top
objectClass: posixAccount
objectClass: kopano-user
I have configured the LDAP connection in the WebUI as follows:
LDAP-Server (server): ldap://srv01.firma.local:7389
LDAP Bind User (bindUser): uid=Administrator,cn=users,dc=firma,dc=local
LDAP Bind Passwort (bindPass): [rootPW]
Use StartTLS connection [n]:y
LDAP Base DN (baseDN): dc=firma,dc=local
User Authentikations Mechanismus: Automatisch
Choose a template: OpenLDAP
Attribute containing unique object ID:uid
Attribute containing e-mail address of a user []:mailPrimaryAddress
Attribute containing name of a user []:displayName
Attribute containing alternative e-mail addresses []:mailAlternativeAddress
Default storage quota for imported users (0=unlimited) [0]: 0
Enter attributes used for searching (one per line): givenName, cn, sn, displayName, gecos, uid, mailPrimaryAddress
After saving, I was able to import the LDAP users. They are displayed under Domain -> Users.
However, I cannot log in to webmail with any of these users. An error message is not displayed. A restart does not change anything either.
Am I doing something wrong? Am I too stupid?
with best
pixel
