1 Topic by kalyan

  • kalyan
  • Member
  • Offline
  • Registered: 2016-11-10
  • Posts: 10

Topic: Some general questions about AD integration

Hi, community!
gratest thanks for this open-sorce mail system! It's awesome!

I just wanted to ask some general questions regarding base lines of using iRedMail with MS active directory (AD):

1. Is in this case iRedAdmin panel useless at all? Can I, planning to authenticate users with AD, avoid installing iRedAdmin?
2. Can I configure iRedMail to authenticate users from different domains with different auth-servers, no matter AD or any other. I'll try to make myself clear: can I configure iRedMail to authenticate users of domain EXAMPLE.COM with iRedMail itself, users of domain CONTOSO.COM with domain controller of this domain (DC1.CONTOSO.COM) and users of domain TEST.ORG with its DC or LDAP-server?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Some general questions about AD integration

kalyan wrote:

1. Is in this case iRedAdmin panel useless at all?

Correct. iRedAdmin-Pro doesn't support AD (yet).

kalyan wrote:

2. Can I configure iRedMail to authenticate users from different domains with different auth-servers

Yes. Configure multiple postfix/dovecot ldap query files.

3 Reply by kalyan (edited by kalyan 2017-03-22 14:17:02)

  • kalyan
  • Member
  • Offline
  • Registered: 2016-11-10
  • Posts: 10

Re: Some general questions about AD integration

Hi, Zhang!

Could you give a bit more information about configuring those multiple postfix/dovecot ldap query files, please? smile
I mean I saw this article http://www.iredmail.org/docs/active.directory.html and read the last link on that page and even used it once, successfully.
But I haven't found any piece of info (on iredmail.org) for configuration of multiple domains authenticated with different servers and methods

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Some general questions about AD integration

In Postfix, you see settings like this:

smtpd_sender_login_maps =
    proxy:ldap:/etc/postfix/ad_sender_login_maps.cf

To add one more query (to query different AD, MySQL, PGSQL, LDAP server), just add one more query file like this:

smtpd_sender_login_maps =
    proxy:ldap:/etc/postfix/ad_sender_login_maps.cf
    proxy:ldap:/etc/postfix/ad_sender_login_maps_2.cf

Same to "userdb {}" and "passdb {}" in Dovecot config file:

userdb {
    args = ...
    driver = ...
}
userdb {
    args = ...
    driver = ...
}
userdb {
    args = ...
    driver = ...
}

5 Reply by kalyan

  • kalyan
  • Member
  • Offline
  • Registered: 2016-11-10
  • Posts: 10

Re: Some general questions about AD integration

Thanks a lot!
I'll test it on occasion