ldap_user_search_filter with Active Directory

Kopano Core is bothering me. I have

ldap_user_search_filter = (kopanoAccount=1)

I see in ADUC all filltered users with kopanoAccount=1. However, Kopano only sees with this filter only 2 users. If I set:

ldap_user_search_filter = (objectCategory=Person)

Kopano will create all users regardless of whether they are authorized or not.

Did not you meet someone with this behavior?

Hello @ZofreCZ ,

i had installed zarafa before i upgraded to kopano but still useing the zarafa-ADS…
all users had the zarafaAccount-Attribute…

Maybe you installed the kopano-ADS after/toghether with zarafa and all new users get the kopanoAccount attribute and all existent users have zarafaAccount…
If thats the case try:

ldap_user_search_filter = ((kopanoAccount=1)|(zarafaAccount=1))


Thanks for answer.

I make new instalation of Kopano with integrated Windows Server 2012 R2 Active Directory. Debug logs display no errors. Is way to test ldap search with Kopano and see results?

using ldapsearch:

ldapsearch -LLL -x -H ldap://<ldapserver> -D cn=<user>,cn=<userscn>,dc=<domain>,dc=<topdomain> -w <pass> -b dc=<domain>,dc=<topdomain> '(&(kopanoAccount=1)(|(zarafaAccount=1)))' uid |grep '^uid:' | awk '{print $2}' | sort -u

replace <user> with a user who has read rights on server (or for test you can use domainadmin)
replace <userscn> with something like cn=users (or in your case i think cn=people)
replace <pass> withj the users password of course
replace <topdomain> with yours (de/com/net/whatever)
and <ldapserver> with your server :)

should give you a list of all users ( returnvalue is uid) with the specified values


Thank You @Coffee_is_life for your help and right direction.

When I test lapdsearch, I found this was an account authorization problem used for ldap search.

Its solved.

Best regards.