how did u guys add alias adresses ?

You can add alias addresses manually, or with iRedAdmin-Pro (http://www.iredmail.org/admin_panel.html).

how did u guys add alias adresses ?

Dovecot

hosts           = ad.domain.lan:389
ldap_version    = 3
auth_bind       = yes
dn              = vmail
dnpass          = Password
base            = ou=DomainUsers,dc=domain,dc=lan
scope           = subtree
deref           = never
user_filter     = (&(userPrincipalName=%n@domain.lan)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_filter     = (&(userPrincipalName=%n@domain.lan)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_attrs      = userPassword=password
default_pass_scheme = CRYPT
user_attrs      = =home=/var/vmail/vmail1/%Ld/%Ln/Maildir/,=mail=maildir:/var/vmail/vmail1/%Ld/%Ln/Maildir/ 

Postfix

server_host     = ad.domain.lan
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = vmail
bind_pw         = Password
search_base     = ou=DomainUsers,dc=domain,dc=lan
scope           = sub
query_filter    = (&(userPrincipalName=%u@domain.lan)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
result_attribute= userPrincipalName
debuglevel      = 0

With the method I've mentionned before, it cannot login using a domain wich isn't in the specified OU... Therefore, I can't help you if you don't use this trick, because I only know this one.

%u@domain.lan for postfix and %n@domain.lan for dovecot.  This allows user@ANYNAME.COM to login successfully.  I guess this is a semi-victory as I can now use my desired domain.  Now I just need to restrict this to only allow the domain that I wish to use.

Any thoughts?

What isn't working as expected ? Did you try tests commands as mentionned in the howto ?

In my case, my AD domain is called "domain.lan" and my externals domains are called "domain2.fr", "domain3.com", "domain4.biz"

So, I've made an OU called "domains" at the root of my AD tree (under "domain.lan") and I've made others OU under "domains", one for each domains I'm supposed to manage.

After this, in Dovecot :

/etc/dovecot/dovecot-ldap.conf :

hosts           = dc.domain.lan:389
ldap_version    = 3
auth_bind       = yes
dn              = vmail@domain.lan
dnpass          = password_of_vmail
base            = ou=domains,dc=domain,dc=lan
scope           = subtree
deref           = never
user_filter     = (&(userPrincipalName=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_filter     = (&(userPrincipalName=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_attrs      = userPassword=password
default_pass_scheme = CRYPT
user_attrs      = =home=/path_to_your_storage/%Ld/%Ln/Maildir/,=mail=maildir:/path_to_your_storage/mail/%Ld/%Ln/Maildir/

With this config, users must authenticate with, as username, the full email address.

Use the same config in Postfix, but beware to add the line "result_attribute= userPrincipalName" in each 3 files *_maps.cf" (I've modified only those files), beacause you'll had duplicates results with the tests commands mentionned in the howto.

Had I answered to your problem ?

Nicolas

I have been trying to implement this with no luck at all... the only login that is working is my AD FQD ending in ".lan"

Here's how I've adjusted the config for a separate domain.  I've repeated this in the 3 ad_*.cf

query_filter    = (&(userPrincipalName=%u@domain.ca)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

This is the Dovecot config

user_filter     = (&(userPrincipalName=%n@domain.ca)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_filter     = (&(userPrincipalName=%n@domain.ca)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

I'm in the same case.

I want to totally finish the "local integration" (tests, tests, and tests) to spent time on this "problem".

It seems, as usual, ZhangHuangbin had the solution, or can help us : you're the best

I'm gonna follow this thread and bring my bricks to the wall, if I can help.

Thanks guys

What should I change or take into consideration, if my windows domain is: mydomain.local and the mail domain is: myotherdomain.com?

You have to modify LDAP query files of Postfix (/etc/postfix/ad_*.cf) and Dovecot (/etc/dovecot-ldap.conf).
For example, in Postfix LDAP query file:
- '%s' will be substituted by full email address
- '%u' is local  part of the email address
- '%d' is domain part of the email address

So, to use (and hard-code) a different mail domain name, please replace '%s' in Postfix LDAP query files by '%u@myotherdomain.com'.

Reference:
- Postfix manual page, ldap_table(5): http://www.postfix.org/ldap_table.5.html
- Dovecot Variables: http://wiki.dovecot.org/Variables (It's %u, %n (the same as %u in Postfix), %d).

I didn't test it before, you can give it a try. But i think you have to use '%s' in Postfix to query full email address instead of '%u@myotherdomain.com' to avoid hard-coded domain name.

First of all. This is my first post here! Welcome you guys! Ive been using iredmail for the last 2 years and Im still impressed how easy and smooth it is. I dont know how I was able to set up mail server before without it!

The question: For the first time, I would like to integrate iredmail with Windows Active Directory. It will be used to authenticate mail users against windows domain. Ive red the document regarding the integration located here: http://www.iredmail.org/wiki/index.php? … y.iRedMail but I still dont get one thing. The document assumes that the windows domain and mail domain is the same (example.com). What should I change or take into consideration, if my windows domain is: mydomain.local and the mail domain is: myotherdomain.com? What if I have two mail domains and all users should be able to recieve emails from both domains?

regards,
Adrian