1

Topic: Roundcube, auth by AD and two diffents domains

==== Required information ====
- iRedMail version: 0.8.2
- Store mail accounts in which backend LDAP
- Linux/BSD distribution name and version: CentOS 5.8
- Related log if you're reporting an issue:
====

I'am trying to use iRedmail with this scenario:
- ADdomain.local Active Directory domain
- maildomain.com for user's mail domain
The idea is that users use their account@ADdomain.local to authenticate, but using account@maildomain.com as their mail account.

I've configured dovecot and posftix accord to IntegrationTutorials. Postfix answer right and dovecot (telnel localhost 143), too.
I've queried:
http://www.iredmail.org/wiki/index.php? … y.iRedMail
http://www.iredmail.org/forum/topic3521 … ws-ad.html
http://www.iredmail.org/forum/topic3165 … omain.html
http://www.iredmail.org/forum/topic3827 … omain.html

But, when I made login through Roundcube, I get the user in ADdomain.local and not in maildomain.com.
What I making wrong? I'll be grateful with your help. Thanks in advance.

Here are my config files:
---------------------------------
/etc/postfix/ad_sender_login_maps.cf
------------------------------
server_host     = dc.ADdomain.local
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = vmail
bind_pw         = vmailpwd
search_base     = dc=ADdomain,dc=local
scope           = sub
query_filter    = (&(mail=%u@maildomain.com)(objectClass=person)(!(userAccountContr
ol:1.2.840.113556.1.4.803:=2)))
result_attribute= userPrincipalName
result_format  = %u@maildomain.com
debuglevel      = 0

---------------------------------
/etc/postfix/ad_virtual_mailbox_maps.cf
---------------------------------
server_host     = dc.ADdomain.local
server_port     = 389
version         = 3
xbind            = yes
start_tls       = no
bind_dn         = vmail
bind_pw         = vmailpwd
search_base     = dc=ADdomain,dc=local
scope           = sub
query_filter = (&(objectClass=person)(mail=%u@maildomain.com))
result_attribute= userPrincipalName
result_format   = maildomain.com/%u/Maildir/
debuglevel      = 0

------------------------------
/etc/postfix/ad_virtual_group_maps.cf
------------------------------
server_host     = dc.ADdomain.local
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = vmail
bind_pw         = vmailpwd
search_base     = dc=ADdomain,dc=local
scope           = sub
query_filter    = (&(objectClass=group)(sAMAccountName=%u))
special_result_attribute = member
result_attribute= userPrincipalName
debuglevel      = 0

---------------------
/etc/dovecot-ldap.conf
---------------------
hosts           = dc.ADdomain.local:3268
ldap_version    = 3
auth_bind       = yes
dn              = vmail
dnpass          = vmailpwd
base            = dc=ADdomain,dc=local
scope           = subtree
deref           = never
user_filter = (&(userPrincipalName=%n@ADdomain.local)(objectclass=person))
pass_filter     = (&(userPrincipalName=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_attrs      = userPassword=password
default_pass_scheme = CRYPT
user_attrs      = =home=/var/vmail/vmail1/%Ld/%Ln/Maildir/,=mail=maildir:/var/vmail/vmail1/%Ld/%Ln/Maildir/


---------------
/etc/dovecot.conf  (only modified this from original)
---------------
auth_default_realm = ADdomain.local

---------------------------
/etc/postfix/transport
---------------------------
maildomain.com dovecot


-----------------
/var/www/roundcubemail/config/main.inc.php (only modified this from original)
---------------
$rcmail_config['username_domain'] = "ADdomain.local";
$rcmail_config['smtp_user'] = "%u@maildomain.com";
$rcmail_config['mail_domain'] = 'maildomain.com';

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 (edited by PVerdin 2012-10-12 20:35:22)

Re: Roundcube, auth by AD and two diffents domains

I commented
$rcmail_config['username_domain'] = "ADdomain.local";
in /var/www/roundcubemail/config/main.inc.php
and it works as expected!!!

Now: Is it possible to manage accounts through "iRedAdmin"?  I not see new users logged.

3

Re: Roundcube, auth by AD and two diffents domains

PVerdin wrote:

Now: Is it possible to manage accounts through "iRedAdmin"?  I not see new users logged.

No, iRedAdmin doesn't work with AD. Why not manage users in AD directly.