Aug 5, 2024: iRedMail-1.7.1 has been released.

**AlterEgo** · 2011-09-07 11:22:42

AlterEgo
Member
Offline

Registered: 2011-09-07
Posts: 2

Topic: HowTo bind LDAP domain which differ from internet Virtual Domain

==== Provide basic information to help troubleshoot ====
- iRedMail version:
- Linux/BSD distribution name and version:
- Any related log? Log is helpful for troubleshooting.
====
IRedMail 0.7.3
Debian Squezee
Win 2008 AD
AD domain name "domain.tblocal"
Internet domain name "domain.com"

The question is how map domain name which differ from AD Domain Name. I have an internet domain domain.com and AD domain domain.tblocal.
Whe I follow wiki on integration with AD. I get results only if I use AD user name, not email. user@domain.tblocal, if use user@domain.com i see nothing.

Thanks in advance.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

**ZhangHuangbin** · 2011-09-07 12:26:26

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 31,088

Re: HowTo bind LDAP domain which differ from internet Virtual Domain

That's easy, just hard-code domain name in LDAP queries.

Replace '%s' in Postfix LDAP query to '%u@domain.com'. In Postfix LDAP query, '%s' will be expanded to be full email address, '%u' is username part of email address, '%d' is domain part of email address. Reference: http://www.postfix.org/ldap_table.5.html
Replace '%u' in Dovecot LDAP query to '%n@domain.com'. In Dovecot LDAP query, '%u' will be expanded to be full email address, %n' is username part, '%d' is domain part of email address. You can also use '%Ln', '%Ld' to convert username/domain to lower cases.

For example, in /etc/postfix/ad_virtual_mailbox_maps.cf, original settings is like below:

query_filter    = (&(objectclass=person)(userPrincipalName=%s))
result_attribute= userPrincipalName
result_format   = %d/%u/Maildir/

After modified, it looks like this:

query_filter = (&(objectclass=person)(userPrincipalName=%u@domain.com))
result_attribute= userPrincipalName
result_format = domain.com/%u/Maildir/

**AlterEgo** · 2011-09-07 12:50:24

AlterEgo
Member
Offline

Registered: 2011-09-07
Posts: 2

Re: HowTo bind LDAP domain which differ from internet Virtual Domain

Unfortunately I see nothing. Here is debug and cf file.

/etc/postfix/ad_virtual_mailbox_maps.cf

server_host = dcs-02.domain.tblocal
server_port = 389
version = 3
bind = yes
start_tls = no
bind_dn = ldap_auth_only
bind_pw = *****
search_base = cn=users,dc=domain,dc=tblocal
scope = sub
debuglevel = 1
query_filter = (&(objectclass=person)(userPrincipalName=%u@domain.com))
result_attribute= userPrincipalName
result_format = domain.com/%u/Maildir/

# postmap -q aandreev@domain.com ldap:/etc/postfix/ad_virtual_mailbox_maps.cf

postmap: dict_ldap_debug: ldap_create
postmap: dict_ldap_debug: ldap_url_parse_ext(ldap://dcs-02.domain.tblocal:389)
postmap: dict_ldap_debug: ldap_sasl_bind
postmap: dict_ldap_debug: ldap_send_initial_request
postmap: dict_ldap_debug: ldap_new_connection 1 1 0
postmap: dict_ldap_debug: ldap_int_open_connection
postmap: dict_ldap_debug: ldap_connect_to_host: TCP dcs-02.domain.tblocal:389
postmap: dict_ldap_debug: ldap_new_socket: 4
postmap: dict_ldap_debug: ldap_prepare_socket: 4
postmap: dict_ldap_debug: ldap_connect_to_host: Trying 192.168.11.198:389
postmap: dict_ldap_debug: ldap_pvt_connect: fd: 4 tm: 10 async: 0
postmap: dict_ldap_debug: ldap_ndelay_on: 4
postmap: dict_ldap_debug: ldap_int_poll: fd: 4 tm: 10
postmap: dict_ldap_debug: ldap_is_sock_ready: 4
postmap: dict_ldap_debug: ldap_ndelay_off: 4
postmap: dict_ldap_debug: ldap_pvt_connect: 0
postmap: dict_ldap_debug: ldap_open_defconn: successful
postmap: dict_ldap_debug: ldap_send_server_request
postmap: dict_ldap_debug: ber_scanf fmt ({it) ber:
postmap: dict_ldap_debug: ber_scanf fmt ({i) ber:
postmap: dict_ldap_debug: ber_flush2: 36 bytes to sd 4
postmap: dict_ldap_debug: ldap_result ld 0x7fea31bfceb0 msgid 1
postmap: dict_ldap_debug: wait4msg ld 0x7fea31bfceb0 msgid 1 (timeout 10000000 usec)
postmap: dict_ldap_debug: wait4msg continue ld 0x7fea31bfceb0 msgid 1 all 1
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Connections:
postmap: dict_ldap_debug: * host: dcs-02.domain.tblocal port: 389 (default)
postmap: dict_ldap_debug: refcnt: 2 status: Connected
postmap: dict_ldap_debug: last used: Wed Sep 7 08:47:14 2011
postmap: dict_ldap_debug:
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Outstanding Requests:
postmap: dict_ldap_debug: * msgid 1, origid 1, status InProgress
postmap: dict_ldap_debug: outstanding referrals 0, parent count 0
postmap: dict_ldap_debug: ld 0x7fea31bfceb0 request count 1 (abandoned 0)
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Response Queue:
postmap: dict_ldap_debug: Empty
postmap: dict_ldap_debug: ld 0x7fea31bfceb0 response count 0
postmap: dict_ldap_debug: ldap_chkResponseList ld 0x7fea31bfceb0 msgid 1 all 1
postmap: dict_ldap_debug: ldap_chkResponseList returns ld 0x7fea31bfceb0 NULL
postmap: dict_ldap_debug: ldap_int_select
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 msgid 1 all 1
postmap: dict_ldap_debug: ber_get_next
postmap: dict_ldap_debug: ber_get_next: tag 0x30 len 16 contents:
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 msgid 1 message type bind
postmap: dict_ldap_debug: ber_scanf fmt ({eAA) ber:
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 0 new referrals
postmap: dict_ldap_debug: read1msg: mark request completed, ld 0x7fea31bfceb0 msgid 1
postmap: dict_ldap_debug: request done: ld 0x7fea31bfceb0 msgid 1
postmap: dict_ldap_debug: res_errno: 0, res_error: <>, res_matched: <>
postmap: dict_ldap_debug: ldap_free_request (origid 1, msgid 1)
postmap: dict_ldap_debug: ldap_parse_sasl_bind_result
postmap: dict_ldap_debug: ber_scanf fmt ({eAA) ber:
postmap: dict_ldap_debug: ldap_msgfree
postmap: dict_ldap_debug: ldap_search_ext
postmap: dict_ldap_debug: put_filter: "(&(objectclass=person)(userPrincipalName=aandreev@domain.com))"
postmap: dict_ldap_debug: put_filter: AND
postmap: dict_ldap_debug: put_filter_list "(objectclass=person)(userPrincipalName=aandreev@domain.com)"
postmap: dict_ldap_debug: put_filter: "(objectclass=person)"
postmap: dict_ldap_debug: put_filter: simple
postmap: dict_ldap_debug: put_simple_filter: "objectclass=person"
postmap: dict_ldap_debug: put_filter: "(userPrincipalName=aandreev@domain.com)"
postmap: dict_ldap_debug: put_filter: simple
postmap: dict_ldap_debug: put_simple_filter: "userPrincipalName=aandreev@domain.com"
postmap: dict_ldap_debug: ldap_send_initial_request
postmap: dict_ldap_debug: ldap_send_server_request
postmap: dict_ldap_debug: ber_scanf fmt ({it) ber:
postmap: dict_ldap_debug: ber_scanf fmt ({) ber:
postmap: dict_ldap_debug: ber_flush2: 149 bytes to sd 4
postmap: dict_ldap_debug: ldap_result ld 0x7fea31bfceb0 msgid 2
postmap: dict_ldap_debug: wait4msg ld 0x7fea31bfceb0 msgid 2 (timeout 10000000 usec)
postmap: dict_ldap_debug: wait4msg continue ld 0x7fea31bfceb0 msgid 2 all 1
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Connections:
postmap: dict_ldap_debug: * host: dcs-02.domain.tblocal port: 389 (default)
postmap: dict_ldap_debug: refcnt: 2 status: Connected
postmap: dict_ldap_debug: last used: Wed Sep 7 08:47:14 2011
postmap: dict_ldap_debug:
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Outstanding Requests:
postmap: dict_ldap_debug: * msgid 2, origid 2, status InProgress
postmap: dict_ldap_debug: outstanding referrals 0, parent count 0
postmap: dict_ldap_debug: ld 0x7fea31bfceb0 request count 1 (abandoned 0)
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Response Queue:
postmap: dict_ldap_debug: Empty
postmap: dict_ldap_debug: ld 0x7fea31bfceb0 response count 0
postmap: dict_ldap_debug: ldap_chkResponseList ld 0x7fea31bfceb0 msgid 2 all 1
postmap: dict_ldap_debug: ldap_chkResponseList returns ld 0x7fea31bfceb0 NULL
postmap: dict_ldap_debug: ldap_int_select
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 msgid 2 all 1
postmap: dict_ldap_debug: ber_get_next
postmap: dict_ldap_debug: ber_get_next: tag 0x30 len 16 contents:
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 msgid 2 message type search-result
postmap: dict_ldap_debug: ber_scanf fmt ({eAA) ber:
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 0 new referrals
postmap: dict_ldap_debug: read1msg: mark request completed, ld 0x7fea31bfceb0 msgid 2
postmap: dict_ldap_debug: request done: ld 0x7fea31bfceb0 msgid 2
postmap: dict_ldap_debug: res_errno: 0, res_error: <>, res_matched: <>
postmap: dict_ldap_debug: ldap_free_request (origid 2, msgid 2)
postmap: dict_ldap_debug: ldap_parse_result
postmap: dict_ldap_debug: ber_scanf fmt ({iAA) ber:
postmap: dict_ldap_debug: ber_scanf fmt (}) ber:
postmap: dict_ldap_debug: ldap_msgfree
postmap: dict_ldap_debug: ldap_free_connection 1 1
postmap: dict_ldap_debug: ldap_send_unbind
postmap: dict_ldap_debug: ber_flush2: 7 bytes to sd 4
postmap: dict_ldap_debug: ldap_free_connection: actually freed

Aug 5, 2024: iRedMail-1.7.1 has been released.

HowTo bind LDAP domain which differ from internet Virtual Domain

Posts: 3

1 Topic by AlterEgo 2011-09-07 11:22:42

Topic: HowTo bind LDAP domain which differ from internet Virtual Domain

2 Reply by ZhangHuangbin 2011-09-07 12:26:26

Re: HowTo bind LDAP domain which differ from internet Virtual Domain

3 Reply by AlterEgo 2011-09-07 12:50:24 (edited by AlterEgo 2011-09-07 12:58:45)

Re: HowTo bind LDAP domain which differ from internet Virtual Domain

Posts: 3