En/3.0/Directory Service (LDAP)
Configuration of an LDAP server with Zentyal
LDAP configuration options
Going to Users and Groups ‣ LDAP Settings you can check the current LDAP configuration and perform some adjustments related to the configuration of PAM authentication on the system.
In the upper part, you can see the LDAP Information:
Base DN:Base of the domain names in this server.
Root DN:Domain name of the server root.
Password:The password of other services and applications that want to use this LDAP server. If you want to configure a Zentyal server as a slave of this server, this is the password that will be used.
Users DN:Domain name of the users' directory.
Groups DN:Domain name of the groups' directory.
In the lower part you can establish some PAM settings
Enabling PAM, you will allow the users managed by Zentyal to also act as normal system users, making possible to start sessions in the server (for example SSH and SFTP).
In this section you also specify the default command interpreter for your users. This option is initially configured as nologin, blocking the users from starting sessions. Changing this options will not modify the existing users in the system, and will only be applied to the users created after the change.
Creating users and groups
You can create users by going to Users and Groups‣ Users menu and filling the following information:
User name:Name of the user on the system, it will be the name used in the authentication processes.
Name:Name of the user.
Surname:Surname of the user.
Comment:Additional information about the user.
Password:Password that will be used in the authentication processes. This information will have to be typed twice to avoid typing errors.
Group:Is possible to add the user to a group during the creation process.
From Users and Groups ‣ Users you can obtain a list of the users, edit or delete them.
While editing a user, you can change all the details, except the user name and the information that is associated with the installed Zentyal modules. These contain some specific configuration details assigned to users. You can also modify the list of groups that contain this user.
Editing a user you can:
- Create an account for the jabber server.
- Create an account for the filesharing or PDC with a personalised quota.
- Create an e-mail account for the user and alias for it.
- Assign a telephone extension for the user.
- Enable or disable the user account for Zarafa and check if it has
You can create a group from the Users and groups ‣ Groups menu. A group will be identified by its name, and can also contain a description.
Going to Users and groups ‣ Groups you can see all the existing groups, edit or delete them.
While you are editing a group, you can choose the users that belong to the group, and also the information associated with the modules in Zentyal that have some specific configuration associated with user groups.
Among other things, with users groups is possible to:
- Have a directory shared between the members of the group.
- Create an alias for a mail address that will forward to all the users of a group.
- Assign access permissions of different groupware applications to the users of a group.
User editable data
The user's data can only be modified by the Zentyal administrator, which can be inefficient when the number of users to be managed becomes too big. Administration tasks like changing the password of a user can be very time consuming. For this reason, you need the User's corner. This corner is a Zentyal service designed to allow the users to change their own data. This functionality has to be enabled like the rest of the modules. The user's corner is listening on another port different to other processes to enhance the system security.
The user can access the User corner using the URL:
Once the user enters his/her name and password, he/she can perform changes in his personal configuration. User's corner offers the following functionality:
- Change the current password.
- Configure the voice mail for the user.
- Configure an external personal account to retrieve the mail and
synchronise it with the content of the mail server in Zentyal.