Topic: Only allow specific AD users to login.

- iRedMail version (check /etc/iredmail-release): 1.4.0 OPENLDAP edition.
- Deployed with iRedMail Easy or the downloadable installer? Downloadable installer
- Linux/BSD distribution name and version: CentOS 8
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.

I just finished setting up iredmail and followed these instructions to allow AD users to login: https://docs.iredmail.org/active.directory.html but I have a question, how do I make so only AD users that are members of a specific AD group can log in? at the moment it seems that every user in AD can login.

I tried messing with the query_filter in /etc/postfix/ad_virtual_group_maps.cf to see if I could make it only return users that are members of the "mailgroup" group in AD but no bueno, I (of course) tried searching for a solution but I couldn't find anything about it oddly.


Re: Only allow specific AD users to login.

IMO, the only solution is tuning your LDAP filter to return expected result.


Buy me a cup of coffee ($5) to support iRedMail:

buy me a cup of coffee