Connecting two domains in Zimbra for chat/autocomplete

Posted on by Keith Hall

We ran into a unique case recently where a client needed to connect two domains so they were essentially on the same domain.

Let’s say one domain was DOMAIN_B.DEV and the other was DOMAIN_A.COM.

What you are trying to do is make each domain’s GAL (Global Address Listing) available to each other. This must be done on the SAME Zimbra server.

The Zimbra Wiki has an article which explains how to do this, which we will paste a clip-and-save below.

Just a few things to keep in mind:

  1. Be sure you are running this as the “zimbra” user. So “su – zimbra” before running it. (And BTW the “-” in there su’s you as the zimbra user and then “cd’s” you to the home directory. It just saves you the chore of typing cd ~/” after you become zimbra)
  2. Watch out for the LDAP stuff. As you will see in the examples we changed DOMAIN_A

Replace all instances of “DOMAIN_A.COM” with your first domain.

In the line beginning with “improv mds” (the fourth line) replace the following:

ldap://127.0.0.1:389 with your ldap address if it is not on the server (you likely will not need to do this)

dc=DOMAIN_B,dc=COM – replace dc=DOMAIN_B,dc=COM with your second domain name. If if were apple.com it would be  as dc=apple,dc=com. You will do the same again in the next set of instructions after this set.

su - zimbra

source bin/zmshutil; zmsetvars

zmgsautil addDataSource -a galsync@DOMAIN_A.COM -n AnotherGAL --domain DOMAIN_A.COM -t ldap -f _AnotherGAL -p 1d

zmprov mds galsync@DOMAIN_A.COM AnotherGAL zimbraGalSyncLdapBindDn $zimbra_ldap_userdn zimbraGalSyncLdapBindPassword $zimbra_ldap_password zimbraGalSyncLdapFilter '(|(&(mail=*)(zimbraAccountStatus=active)(!(zimbraHideInGAL=TRUE)))(&(mail=*)(objectClass=zimbraDistributionList)(!(zimbraHideInGAL=TRUE))))' zimbraGalSyncLdapSearchBase dc=DOMAIN_B,dc=dev zimbraGalSyncLdapURL ldap://127.0.0.1:389

zmprov mds galsync@DOMAIN_A.COM AnotherGAL zimbraDataSourceEnabled TRUE

zmgsautil forceSync -a galsync@DOMAIN_A.COM -n AnotherGAL

zmmailbox -z -m galsync@DOMAIN_A.COM gaf

zmprov md DOMAIN_A.COM zimbraGALMode both

By now you should have run this and everything is peachy. But only one domain can see the other, not both. So run the scripts again replacing DOMAIN_A.COM with DOMAIN_B.DEV. Be sure to change dc=DOMAIN_B,dc=dev on line 4 with the PRIMARY domain! There is also no reason to re-run the “source bin/zmshutil; zmsetvars” line.

zmgsautil addDataSource -a galsync@DOMAIN_B.DEV -n AnotherGAL --domain DOMAIN_B.DEV -t ldap -f _AnotherGAL -p 1d

zmprov mds galsync@DOMAIN_B.DEV AnotherGAL zimbraGalSyncLdapBindDn $zimbra_ldap_userdn zimbraGalSyncLdapBindPassword $zimbra_ldap_password zimbraGalSyncLdapFilter '(|(&(mail=*)(zimbraAccountStatus=active)(!(zimbraHideInGAL=TRUE)))(&(mail=*)(objectClass=zimbraDistributionList)(!(zimbraHideInGAL=TRUE))))' zimbraGalSyncLdapSearchBase dc=DOMAIN_A,dc=com zimbraGalSyncLdapURL ldap://127.0.0.1:389

zmprov mds galsync@DOMAIN_B.DEV AnotherGAL zimbraDataSourceEnabled TRUE

zmgsautil forceSync -a galsync@DOMAIN_B.DEV -n AnotherGAL

zmmailbox -z -m galsync@DOMAIN_B.DEV gaf

zmprov md DOMAIN_B.DEV zimbraGALMode both

And that’s it! That is all you need to do to connect the domains! Now users on DOMAIN_B.DEV can chat and auto-complete address users on DOMAIN_A.COM!

Photo by JESHOOTS.COM on Unsplash

Leave a Reply

Your email address will not be published. Required fields are marked *