Zimbra Collaboration Suite

MidPoint can provision accounts by directly modifying the records in Zimbra LDAP directory. LDAP connector is used for this purpose. Zimbra seems to automatically create mailboxes and initialize the accounts created by adding LDAP records to Zimbra LDAP.

Determine password of LDAP root account:

Create hash of a new password for the midpoint user:

This will output a string starting with {SSHA}. Create new LDIF file /tmp/midpoint.ldif with the following content and paste the string at the end.

Use this LDIF file to create admin account for midPoint:

You will be prompted for a password. Enter the LDAP root password.

This creates an administrative user that midPoint will use to access zimbra LDAP.

MidPoint will access Zimbra LDAP using a TLS protocol. MidPoint needs to trust the certificate of the Zimbra LDAP server to successfuly establish a TLS connection.

Get the Zimbra server certificate using any suitable method. E.g. use Apache Directory Studio: connect to the Zimbra LDAP server, go to Window → Preferences → Apache Directory Studio → Connections → Certificate Validations → Export.

Import the certificate to midPoint keystore:

MidPoint needs to be restarted for the change to be applied.

(see SSL Connections (Client Side) page for more details)