1

Topic: HowTo bind LDAP domain which differ from internet Virtual Domain

==== Provide basic information to help troubleshoot ====
- iRedMail version:
- Linux/BSD distribution name and version:
- Any related log? Log is helpful for troubleshooting.
====
IRedMail 0.7.3
Debian Squezee
Win 2008 AD
AD domain name "domain.tblocal"
Internet domain name "domain.com"

The question is how map domain name which differ from AD Domain Name. I have an internet domain domain.com and AD domain domain.tblocal.
Whe I follow wiki on integration with AD. I get results only if I use AD user name, not email. user@domain.tblocal, if use user@domain.com i see nothing.

Thanks in advance.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: HowTo bind LDAP domain which differ from internet Virtual Domain

That's easy, just hard-code domain name in LDAP queries.

  • Replace '%s' in Postfix LDAP query to '%u@domain.com'. In Postfix LDAP query, '%s' will be expanded to be full email address, '%u' is username part of email address, '%d' is domain part of email address. Reference: http://www.postfix.org/ldap_table.5.html

  • Replace '%u' in Dovecot LDAP query to '%n@domain.com'. In Dovecot LDAP query, '%u' will be expanded to be full email address, %n' is username part, '%d' is domain part of email address. You can also use '%Ln', '%Ld' to convert username/domain to lower cases.

For example, in /etc/postfix/ad_virtual_mailbox_maps.cf, original settings is like below:

query_filter    = (&(objectclass=person)(userPrincipalName=%s))
result_attribute= userPrincipalName
result_format   = %d/%u/Maildir/

After modified, it looks like this:

query_filter    = (&(objectclass=person)(userPrincipalName=%u@domain.com))
result_attribute= userPrincipalName
result_format   = domain.com/%u/Maildir/

3 (edited by AlterEgo 2011-09-07 12:58:45)

Re: HowTo bind LDAP domain which differ from internet Virtual Domain

Unfortunately I see nothing. Here is debug and cf file.

/etc/postfix/ad_virtual_mailbox_maps.cf

server_host     = dcs-02.domain.tblocal
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = ldap_auth_only
bind_pw         =  *****
search_base     = cn=users,dc=domain,dc=tblocal
scope           = sub
debuglevel      = 1
query_filter    = (&(objectclass=person)(userPrincipalName=%u@domain.com))
result_attribute= userPrincipalName
result_format   = domain.com/%u/Maildir/


# postmap -q aandreev@domain.com ldap:/etc/postfix/ad_virtual_mailbox_maps.cf

postmap: dict_ldap_debug: ldap_create
postmap: dict_ldap_debug: ldap_url_parse_ext(ldap://dcs-02.domain.tblocal:389)
postmap: dict_ldap_debug: ldap_sasl_bind
postmap: dict_ldap_debug: ldap_send_initial_request
postmap: dict_ldap_debug: ldap_new_connection 1 1 0
postmap: dict_ldap_debug: ldap_int_open_connection
postmap: dict_ldap_debug: ldap_connect_to_host: TCP dcs-02.domain.tblocal:389
postmap: dict_ldap_debug: ldap_new_socket: 4
postmap: dict_ldap_debug: ldap_prepare_socket: 4
postmap: dict_ldap_debug: ldap_connect_to_host: Trying 192.168.11.198:389
postmap: dict_ldap_debug: ldap_pvt_connect: fd: 4 tm: 10 async: 0
postmap: dict_ldap_debug: ldap_ndelay_on: 4
postmap: dict_ldap_debug: ldap_int_poll: fd: 4 tm: 10
postmap: dict_ldap_debug: ldap_is_sock_ready: 4
postmap: dict_ldap_debug: ldap_ndelay_off: 4
postmap: dict_ldap_debug: ldap_pvt_connect: 0
postmap: dict_ldap_debug: ldap_open_defconn: successful
postmap: dict_ldap_debug: ldap_send_server_request
postmap: dict_ldap_debug: ber_scanf fmt ({it) ber:
postmap: dict_ldap_debug: ber_scanf fmt ({i) ber:
postmap: dict_ldap_debug: ber_flush2: 36 bytes to sd 4
postmap: dict_ldap_debug: ldap_result ld 0x7fea31bfceb0 msgid 1
postmap: dict_ldap_debug: wait4msg ld 0x7fea31bfceb0 msgid 1 (timeout 10000000 usec)
postmap: dict_ldap_debug: wait4msg continue ld 0x7fea31bfceb0 msgid 1 all 1
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Connections:
postmap: dict_ldap_debug: * host: dcs-02.domain.tblocal  port: 389  (default)
postmap: dict_ldap_debug:   refcnt: 2  status: Connected
postmap: dict_ldap_debug:   last used: Wed Sep  7 08:47:14 2011
postmap: dict_ldap_debug:
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Outstanding Requests:
postmap: dict_ldap_debug:  * msgid 1,  origid 1, status InProgress
postmap: dict_ldap_debug:    outstanding referrals 0, parent count 0
postmap: dict_ldap_debug:   ld 0x7fea31bfceb0 request count 1 (abandoned 0)
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Response Queue:
postmap: dict_ldap_debug:    Empty
postmap: dict_ldap_debug:   ld 0x7fea31bfceb0 response count 0
postmap: dict_ldap_debug: ldap_chkResponseList ld 0x7fea31bfceb0 msgid 1 all 1
postmap: dict_ldap_debug: ldap_chkResponseList returns ld 0x7fea31bfceb0 NULL
postmap: dict_ldap_debug: ldap_int_select
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 msgid 1 all 1
postmap: dict_ldap_debug: ber_get_next
postmap: dict_ldap_debug: ber_get_next: tag 0x30 len 16 contents:
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 msgid 1 message type bind
postmap: dict_ldap_debug: ber_scanf fmt ({eAA) ber:
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 0 new referrals
postmap: dict_ldap_debug: read1msg:  mark request completed, ld 0x7fea31bfceb0 msgid 1
postmap: dict_ldap_debug: request done: ld 0x7fea31bfceb0 msgid 1
postmap: dict_ldap_debug: res_errno: 0, res_error: <>, res_matched: <>
postmap: dict_ldap_debug: ldap_free_request (origid 1, msgid 1)
postmap: dict_ldap_debug: ldap_parse_sasl_bind_result
postmap: dict_ldap_debug: ber_scanf fmt ({eAA) ber:
postmap: dict_ldap_debug: ldap_msgfree
postmap: dict_ldap_debug: ldap_search_ext
postmap: dict_ldap_debug: put_filter: "(&(objectclass=person)(userPrincipalName=aandreev@domain.com))"
postmap: dict_ldap_debug: put_filter: AND
postmap: dict_ldap_debug: put_filter_list "(objectclass=person)(userPrincipalName=aandreev@domain.com)"
postmap: dict_ldap_debug: put_filter: "(objectclass=person)"
postmap: dict_ldap_debug: put_filter: simple
postmap: dict_ldap_debug: put_simple_filter: "objectclass=person"
postmap: dict_ldap_debug: put_filter: "(userPrincipalName=aandreev@domain.com)"
postmap: dict_ldap_debug: put_filter: simple
postmap: dict_ldap_debug: put_simple_filter: "userPrincipalName=aandreev@domain.com"
postmap: dict_ldap_debug: ldap_send_initial_request
postmap: dict_ldap_debug: ldap_send_server_request
postmap: dict_ldap_debug: ber_scanf fmt ({it) ber:
postmap: dict_ldap_debug: ber_scanf fmt ({) ber:
postmap: dict_ldap_debug: ber_flush2: 149 bytes to sd 4
postmap: dict_ldap_debug: ldap_result ld 0x7fea31bfceb0 msgid 2
postmap: dict_ldap_debug: wait4msg ld 0x7fea31bfceb0 msgid 2 (timeout 10000000 usec)
postmap: dict_ldap_debug: wait4msg continue ld 0x7fea31bfceb0 msgid 2 all 1
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Connections:
postmap: dict_ldap_debug: * host: dcs-02.domain.tblocal  port: 389  (default)
postmap: dict_ldap_debug:   refcnt: 2  status: Connected
postmap: dict_ldap_debug:   last used: Wed Sep  7 08:47:14 2011
postmap: dict_ldap_debug:
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Outstanding Requests:
postmap: dict_ldap_debug:  * msgid 2,  origid 2, status InProgress
postmap: dict_ldap_debug:    outstanding referrals 0, parent count 0
postmap: dict_ldap_debug:   ld 0x7fea31bfceb0 request count 1 (abandoned 0)
postmap: dict_ldap_debug: ** ld 0x7fea31bfceb0 Response Queue:
postmap: dict_ldap_debug:    Empty
postmap: dict_ldap_debug:   ld 0x7fea31bfceb0 response count 0
postmap: dict_ldap_debug: ldap_chkResponseList ld 0x7fea31bfceb0 msgid 2 all 1
postmap: dict_ldap_debug: ldap_chkResponseList returns ld 0x7fea31bfceb0 NULL
postmap: dict_ldap_debug: ldap_int_select
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 msgid 2 all 1
postmap: dict_ldap_debug: ber_get_next
postmap: dict_ldap_debug: ber_get_next: tag 0x30 len 16 contents:
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 msgid 2 message type search-result
postmap: dict_ldap_debug: ber_scanf fmt ({eAA) ber:
postmap: dict_ldap_debug: read1msg: ld 0x7fea31bfceb0 0 new referrals
postmap: dict_ldap_debug: read1msg:  mark request completed, ld 0x7fea31bfceb0 msgid 2
postmap: dict_ldap_debug: request done: ld 0x7fea31bfceb0 msgid 2
postmap: dict_ldap_debug: res_errno: 0, res_error: <>, res_matched: <>
postmap: dict_ldap_debug: ldap_free_request (origid 2, msgid 2)
postmap: dict_ldap_debug: ldap_parse_result
postmap: dict_ldap_debug: ber_scanf fmt ({iAA) ber:
postmap: dict_ldap_debug: ber_scanf fmt (}) ber:
postmap: dict_ldap_debug: ldap_msgfree
postmap: dict_ldap_debug: ldap_free_connection 1 1
postmap: dict_ldap_debug: ldap_send_unbind
postmap: dict_ldap_debug: ber_flush2: 7 bytes to sd 4
postmap: dict_ldap_debug: ldap_free_connection: actually freed