Highlighted
vgerretz Absent Member.
Absent Member.
1398 views

High Security | LDAP Authentication user AD LDAP

Current System: GroupWise 2012 on SLES 11

Been setting up the High Security option for the Post Offices to use Active Directory LDAP and I am running into a logistics issue.

The issue is because I am using AD LDAP and not Novell LDAP. The LDAP Name Mappings are different between the two systems due to the account locations in the two trees. To make it work, I would need to add the AD LDAP Name Mapping into the GroupWise Object | Account | LDAP Authentication field. With over 3,800 users, this is a monumental task to manually add this field to each object.

Is there a script or a possible app to run to populate the AD LDAP Name Mapping for each user GroupWise object?

Any feedback and/or guidance is appreciated.

Thanks.
Labels (2)
0 Likes
6 Replies
Micro Focus Expert
Micro Focus Expert

Re: High Security | LDAP Authentication user AD LDAP

Hi,

I'm not too sure how to do this. But, I just want to highlight for you that GroupWise 2014 has full AD integration. It may be easier for you just to upgrade your GroupWise system rather then jumping through hoops on your current installation.

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
jmarton2 Absent Member.
Absent Member.

Re: High Security | LDAP Authentication user AD LDAP

vgerretz wrote:

>
> Current System: GroupWise 2012 on SLES 11
>
> Been setting up the High Security option for the Post Offices to use
> Active Directory LDAP and I am running into a logistics issue.
>
> The issue is because I am using AD LDAP and not Novell LDAP. The LDAP
> Name Mappings are different between the two systems due to the account
> locations in the two trees. To make it work, I would need to add the
> AD LDAP Name Mapping into the GroupWise Object | Account | LDAP
> Authentication field. With over 3,800 users, this is a monumental task
> to manually add this field to each object.
>
> Is there a script or a possible app to run to populate the AD LDAP
> Name Mapping for each user GroupWise object?


You might be able to do this using JRB Utilities. IDM can definitely
do this automatically. However, as Laura mentioned, if you upgrade to
GroupWise 2014 you can leverage its full AD support which would allow
you to skip this step entirely. GW 2014 will automate the mapping
between GW mailboxes and the AD accounts.

--
Your world is on the move. http://www.novell.com/mobility/
BrainShare 2014 is coming. http://www.novell.com/brainshare/

Joe Marton Emeritus Knowledge Partner
0 Likes
vgerretz Absent Member.
Absent Member.

Re: High Security | LDAP Authentication user AD LDAP

Hi Laura/Joe,

Upgraded to 2014 and been attempting to configure LDAP Security on the Post Office without much success. Was following Admin Manual to setup LDAP and Post Office Security (As suggested my Morris Blackham). Procedure is lacking in what needs to be done on the AD LDAP side. If an example was there, it would have been helpful.

Any guidance and assistance is appreciated.

Vince
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: High Security | LDAP Authentication user AD LDAP


Can you provide a little more detail on what issues you are seeing and what you have configured so far? Not sure how to answer this at this point.



--Morris



>>> vgerretz<vgerretz@no-mx.forums.novell.com> 3/5/2015 10:10 AM >>>




Hi Laura/Joe,

Upgraded to 2014 and been attempting to configure LDAP Security on the
Post Office without much success. Was following Admin Manual to setup
LDAP and Post Office Security (As suggested my Morris Blackham).
Procedure is lacking in what needs to be done on the AD LDAP side. If an
example was there, it would have been helpful.

Any guidance and assistance is appreciated.

Vince


--
vgerretz
------------------------------------------------------------------------
vgerretz's Profile: https://forums.novell.com/member.php?userid=12156
View this thread: https://forums.novell.com/showthread.php?t=479296
0 Likes
vgerretz Absent Member.
Absent Member.

Re: High Security | LDAP Authentication user AD LDAP

In the GW2014 Admin Console, created LDAP Server pointing to one of the AD LDAP Servers which is also a domain controller.
On the Post Office Security, LDAP Security is selected and assigned this LDAP Server to it.
Attempted to login to GroupWise with account that is a member of this post office. It fails stating the password is wrong.
AD & GroupWise Account names are identical and Password is set on the AD Account.

Let me know if you need more info.

Thank you for replying.

-Vince
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: High Security | LDAP Authentication user AD LDAP


I assume that the GW user is associated to a AD account. Are you using SSL in the LDAP server config?



-MB



>>> vgerretz<vgerretz@no-mx.forums.novell.com> 3/6/2015 12:16 PM >>>




In the GW2014 Admin Console, created LDAP Server pointing to one of the
AD LDAP Servers which is also a domain controller.
On the Post Office Security, LDAP Security is selected and assigned this
LDAP Server to it.
Attempted to login to GroupWise with account that is a member of this
post office. It fails stating the password is wrong.
AD & GroupWise Account names are identical and Password is set on the AD
Account.

Let me know if you need more info.

Thank you for replying.

-Vince


--
vgerretz
------------------------------------------------------------------------
vgerretz's Profile: https://forums.novell.com/member.php?userid=12156
View this thread: https://forums.novell.com/showthread.php?t=479296
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.