1 (edited by yavuz.maslak 2015-07-10 19:29:06)

Topic: it has not be seen for any account in a new domain in ldap directory?

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.2
- Linux/BSD distribution name and version:  ubuntu-14.04.2
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
====
1-) I wish some accounts to be hidden from global address book using ldap.
I set a bit in slapd.conf. theirs email addresses is hidden now But when searching, their names going on come.
( note, in roundcube or sogo addresses are be hidden but in outlook or macmail directory search their names come, i attached)
How can fix it ?

My settings in slapd.conf as below;
access to dn.exact="mail=maslak@domain.com,ou=Users,domainName=domain.com,o=domains,dc=domain,dc=com"
    attrs=displayName,givenName,name,mail,alias,uid,sn,cn,mobile,telephoneNumber
    by peername.regex=127\.0\.0\.1 read
    by self write
    by self         read
    by users        =cdx


2-) when i add a new domain using iredadmin . the system doesn't add postmaster account as default. is it normal ?
3-) when i add a new domain and open their accounts, even i define a new ldap directory for the regarding domain in outlook or thunderbird, i can not see those accounts in ldap directory. How can i fix it ?

Post's attachments

Screen Shot 2015-07-10 at 14.25.06.png
Screen Shot 2015-07-10 at 14.25.06.png 37.63 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: it has not be seen for any account in a new domain in ldap directory?

yavuz.maslak wrote:

1-) I wish some accounts to be hidden from global address book using ldap.

Refer to our document to setup MUA:
http://www.iredmail.org/docs/configure. … dress-book

The most important filter part is 'enabledService=displayedInGlobalAddressBook', and you should remove 'enabledService=displayedInGlobalAddressBook' for the accounts you want to hide in Global Address Book.

yavuz.maslak wrote:

2-) when i add a new domain using iredadmin . the system doesn't add postmaster account as default. is it normal ?

Yes.

yavuz.maslak wrote:

3-) when i add a new domain and open their accounts, even i define a new ldap directory for the regarding domain in outlook or thunderbird, i can not see those accounts in ldap directory. How can i fix it ?

How did you setup global address book in Outlook/Thunderbird? Is your OpenLDAP server accessible from external network (iptables firewall rule)?

3

Re: it has not be seen for any account in a new domain in ldap directory?

ZhangHuangbin wrote:
yavuz.maslak wrote:

1-) I wish some accounts to be hidden from global address book using ldap.

Refer to our document to setup MUA:
http://www.iredmail.org/docs/configure. … dress-book

The most important filter part is 'enabledService=displayedInGlobalAddressBook', and you should remove 'enabledService=displayedInGlobalAddressBook' for the accounts you want to hide in Global Address Book.


I had removed 'enabledService=displayedInGlobalAddressBook'
https://server/SOGo and roundcube (https://server/mail) works well but thunderbird and outlook doesn't show hidden email addresses but its displayName.

yavuz.maslak wrote:

2-) when i add a new domain using iredadmin . the system doesn't add postmaster account as default. is it normal ?

Yes.

yavuz.maslak wrote:

3-) when i add a new domain and open their accounts, even i define a new ldap directory for the regarding domain in outlook or thunderbird, i can not see those accounts in ldap directory. How can i fix it ?

How did you setup global address book in Outlook/Thunderbird? Is your OpenLDAP server accessible from external network (iptables firewall rule)?

I installed the global address book as openldap directory. no firewall problem client can reach to the server's ldap port.

4

Re: it has not be seen for any account in a new domain in ldap directory?

yavuz.maslak wrote:

I installed the global address book as openldap directory.

Excuse me, i don't understand this.
What 'global address book'? How did you install it? What do you mean install it as openldap directory? sad

5

Re: it has not be seen for any account in a new domain in ldap directory?

ZhangHuangbin wrote:
yavuz.maslak wrote:

I installed the global address book as openldap directory.

Excuse me, i don't understand this.
What 'global address book'? How did you install it? What do you mean install it as openldap directory? sad

i added a ldap directory for global address book  in thunderbird.

let me explain, I had a one domain before in  iredmail and ldap works for the domain on the server and i can searching accounts in thunderbird, after that i added second domain on the iredmail using iredadmin.  But i can search accounts in the second domain on https://server/SOGo.
But i can not search on my thunderbird or ms outlook client. I had added a ldap directory for the first domain on Thunderbird mail client. I can not search accounts that belongs the second domain on ldap directory.
I added a second ldap directory for second domain on the thunderbird. but i can not search email addresses on second domain.
i didn't do anything on slapd.conf.
How can i fix the problem ?

Also I would like some accounts can search all domains on the server using ldap. How can i do that ?

6

Re: it has not be seen for any account in a new domain in ldap directory?

Please show us how you configure LDAP address book in Thunderbird.
Looks like you use different search base dn ('Base DN' in Thunderbird LDAP address book setup page), and it just contains accounts under first domain.

7

Re: it has not be seen for any account in a new domain in ldap directory?

ZhangHuangbin wrote:

Please show us how you configure LDAP address book in Thunderbird.
Looks like you use different search base dn ('Base DN' in Thunderbird LDAP address book setup page), and it just contains accounts under first domain.

ok  i tried on either macoutlook2011 and thunderbird
in outlook2011

I configured ldap server and port default 389. my client can reach to the ldap service.
1-) authentication method username and password
2-) username=mail=test@domain.com,ou=Users,domainName=domain.com,o=domains,dc=domain,dc=com
3-)i entered its password
i attached above conf as picture
and then i entered advanced tab
i defined search base: domainName=domain.com,o=domains,dc=domain,dc=com
i attached it as picture.

Already with the similiar conf first ldap conf works for my first domain.

my slapd.conf is also attached;

my first domain is test.com  and second domain is example.com 
there are some expressions about test.com in slapd.conf but there is nothing about domain.com.
do i have to add it manually ?
Thanks

Post's attachments

Screen Shot 2015-07-10 at 21.42.39.png
Screen Shot 2015-07-10 at 21.42.39.png 44.95 kb, file has never been downloaded. 

Screen Shot 2015-07-10 at 21.50.20.png
Screen Shot 2015-07-10 at 21.50.20.png 32.06 kb, file has never been downloaded. 

slapd.conf.rtf 6.09 kb, 2 downloads since 2015-07-10 

You don't have the permssions to download the attachments of this post.

8

Re: it has not be seen for any account in a new domain in ldap directory?

Use 'o=domains,dc=xxx,dc=xxx' as 'Search base'.

9

Re: it has not be seen for any account in a new domain in ldap directory?

it works,  sorry bother your time,  I had entered the second domain for part of root dc on thunderbird ldap directory (my namely, root dc is dc=test,dc=dom  username mail=test@domain.com,ou=Users,domainName=domain.com,o=domains,dc=domain,dc=com). my fault.


well, if i need to change the root dc, can i change root dc  without any problem? otherwise will i need to reinstall iredmail ?

thank you


ZhangHuangbin wrote:

Use 'o=domains,dc=xxx,dc=xxx' as 'Search base'.

10

Re: it has not be seen for any account in a new domain in ldap directory?

yavuz.maslak wrote:

well, if i need to change the root dc, can i change root dc  without any problem? otherwise will i need to reinstall iredmail ?

The easiest way is reinstalling iRedMail with a proper root dn during installation.
if you cannot reinstall this server, try this:

*) Export whole data into LDIF file with either ldapsearch or slapcat command.
*) Edit exported LDIF file manually, replace (all) root dn by the new one.
*) Stop LDAP server, remove the data directory (it's defined in setting 'directory' in /etc/ldap/slapd.conf).
*) Start LDAP server, import modified LDIF file.

We have a document for you:
http://www.iredmail.org/docs/backup.restore.html