26

Re: AD integration

ZhangHuangbin wrote:

It complains "MYDOMAIN\vmail" is a invalid DN. Did you try to use 'vmail' instead? For example:

# ldapsearch ... -D 'vmail' ...

Same Error, invalid DN... Is there a config file for LDAP or something ?
In all cases, ldapsearch doesn't find my @publicdomain.fr users which are in Users group, vmail is in Users group, there's no reason ldapsearch find vmail...?

What is the role of :

"(&(userPrincipalName=user@mypublicdomain.fr)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"

I saw over Internet that everyone put there "what he wants", are those arguments valid for my case ?

Thanks

27

Re: AD integration

This command works, for open LDAP, it find a user which is in Users or user which is in an OU :

ldapsearch -x -b 'dc=mydomain,dc=lan' -D 'MYDOMAIN\vmail' -h dc.mydomain.lan -p 389 -W "(&(userPrincipalName=user@publicdomain.fr)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"

How to "integrate" it in Dovecot queries ? I'm searching for this, but if you've propositions... smile

Thanks smile

28

Re: AD integration

You got a working command, so please just try to configure the correct value in dovecot-ldap.conf. I don't know what i can help now.

29

Re: AD integration

I "solved" the problem.

Dovecot only does a descendent search if base is configured like : base = ou=baseOU,dc=internaldomain,dc=lan

In W2008 Active Directory, I set baseOU the same name as my company, for a better visibility.

Obviously, all users who need mails had to be in this OU, and you can create sub-OU in this OU, the search will works.

Don't have answer to the initial problem, but it's better than nothing.