1

Topic: LDAP SoGo Multi Domain

==== Required information ====
- iRedMail version: 0.9.6
- Linux/BSD distribution name and version: Centos 7
- Store mail accounts in which backend: LDAP
- Web server: NGINX
- Manage mail accounts with iRedAdmin-Pro? Yes
====

Hello everyone,

we have an issue with iRedMail-Pro-LDAP and SOGo. In SOGo Calendar, if a user wants to add a shared calendar/folder,
ALL users from different domains are shown in the dialog. We installed a test environment with iRedMail (not pro) with
SQL Backend: The issue did not happen, a user can only search for other users from it's domain. We then installed another
iRedMail (not pro) with LDAP backend, and had the same issue as our iRedMail-PRO: a user sees every other user in the
search dialog. The user cannot access the calendar, but can see every mail address from other domains of that mailserver,
which is not acceptable in multi domain installation.

Reproduce:
- Login into SOGO as user1@domain1.com
- Select calendar
- Select "Subscription (+)"
- Type at least 3 characters from another existing domain: ain2

Result:
- A list of all users from dom"ain2" is shown in the dialog.
- If a user like "main2@domain1.com" exists, it is also shown.

Expected result:
- Only a user like "main2@domain1.com" shall be shown in the dialog.
- No user from a domain containing the search string should be shown.

Note:
- The iRedMail SQL installation shows the expected result, only the LDAP installation does not show the
expected result.


What can we do to see the expected result on the iRedMail PRO installation? We tried some already available
solutions which sounded similar to our issue, like iRedMail Bitbucket Issue #79, but did not get the result we want.

It is sad that we have this ldap issue and cannot change to SQL backend without paying another license, so we hope
this issue can be fixed by special configuration.

With kind regards from Switzerland,
Tim

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: LDAP SoGo Multi Domain

A possible solution If you don't have many mail domains: separate them to different domains inside "SOGoUserResource = {}" in /etc/sogo/sogo.conf.

AND, PLEASE DO ME A FAVOR: i already submitted feature request to ask SOGo team to implement placeholder support in LDAP base dn, bind dn, filter, but more than 1 year passed, they are not interested in this feature. please help push them to implement it.
https://sogo.nu/bugs/view.php?id=3685