1 Topic by misieq

  • misieq
  • Member
  • Offline
  • Registered: 2013-07-09
  • Posts: 109

Topic: Active Directory User Name change

==== Required information ====
- iRedMail version: 0.8.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP AD
- Linux/BSD distribution name and version: RH 6.5
- Related log if you're reporting an issue:
====
Hello,
I have following issue.
I have couple of users who changed their name.
I cannot modify userPrincipalName field in ad because it will interfere with my other systems.
Mail field differs from upn.
How can I make iRedmail to deliver mail to some nickname

For eg:
upn: john.smith
mail: john.blabla

It would be also nice that john.smith@domain routed emails to john.blabla@domain

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,094

Re: Active Directory User Name change

You can add one more LDAP query file in Postfix + Dovecot to query other LDAP attribute names (e.g. mail) for mail user addresses.
For example:

# Original setting:
#virtual_mailbox_maps = proxy:ldap:/etc/postfix/ad_virtual_mailbox_maps.cf

# New setting:
virtual_mailbox_maps =
    proxy:ldap:/etc/postfix/ad_virtual_mailbox_maps.cf,
    proxy:ldap:/etc/postfix/ad_virtual_mailbox_maps_addition.cf

And simply copy file file /etc/postfix/ad_virtual_mailbox_maps.cf to /etc/postfix/ad_virtual_mailbox_maps_addition.cf, then change "result_attribute= userPrincipalName" to "result_attribute= mail" in ad_virtual_mailbox_maps_addition.cf.

3 Reply by misieq

  • misieq
  • Member
  • Offline
  • Registered: 2013-07-09
  • Posts: 109

Re: Active Directory User Name change

Unluckily it didn't change.
I've figure out it's a dovecot issue.
Please find maillog

Jul 10 16:47:21 store01-ldap amavis[9138]: (09138-09) Passed CLEAN {RelayedInternal}, MYNETS/MYUSERS LOCAL [127.0.0.1]:55893 [127.0.0.1] <myuser@mydomein.pl> -> <some.nickname@mydomain.pl>, Mess
age-ID: <091b49026b9da5fc255711b235b048d1@mydomain.pl>, mail_id: XHi86VAaWbcy, Hits: -10.649, size: 514, queued_as: F305360579, dkim_new=dkim:mydomain.pl, 5118 ms
Jul 10 16:47:21 store01-ldap postfix/smtp[18527]: CCAB560A81: to=<some.nickname@mydomain.pl>, relay=127.0.0.1[127.0.0.1]:10024, delay=5.2, delays=0.06/0/0/5.1, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[
127.0.0.1]:10025): 250 2.0.0 Ok: queued as F305360579)
Jul 10 16:47:21 store01-ldap postfix/qmgr[5583]: CCAB560A81: removed
Jul 10 16:47:21 store01-ldap postfix/lmtp[9134]: F305360579: to=<some.nickname@mydomain.pll>, relay=10.4.13.10[10.4.13.10]:24, delay=0.01, delays=0/0/0/0.01, dsn=5.1.1, status=bounced (host 10.4.13.10[10.4.13.1
0] said: 550 5.1.1 <some.nickname@mydomain.pl> User doesn't exist: some.nickname@mydomain.pl (in reply to RCPT TO command))

And I get following bounce message:

This is the mail system at host store01-ldap.mydomain.pl.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<some.nickname@mydomain.pl>: host 10.4.13.10[10.4.13.10] said: 550 5.1.1
    <some.nickname@mydomain.pl> User doesn't exist:
    some.nickname@mydomain.pl (in reply to RCPT TO command)

Reporting-MTA: dns; store01-ldap.mydomain.pl
X-Postfix-Queue-ID: 39C5360583
X-Postfix-Sender: rfc822; myuser@mydomain.pl
Arrival-Date: Thu, 10 Jul 2014 17:02:22 +0200 (CEST)

Final-Recipient: rfc822; some.nickname@mydomain.pl
Original-Recipient: rfc822;some.nickname@mydomain.pl
Action: failed
Status: 5.1.1
Remote-MTA: dns; 10.4.13.10
Diagnostic-Code: smtp; 550 5.1.1 <some.nickname@mydomain.pl> User doesn't
    exist: some.nickname@mydomain.pl

But your hint gave me an idea to add second LDAP map to dovecot and it looks it works :-)
Here's a config

userdb {
    args = /etc/dovecot/dovecot-ldap.conf
    driver = ldap
}   

userdb {
    args = /etc/dovecot/dovecot-ldap2.conf
    driver = ldap
}   



passdb {
    args = /etc/dovecot/dovecot-ldap.conf
    driver = ldap
}   

passdb {
    args = /etc/dovecot/dovecot-ldap2.conf
    driver = ldap

Of course there's a need to change LDAP field in file