ldap_user_search_filter with Active Directory
-
Kopano Core is bothering me. I have
ldap_user_search_filter = (kopanoAccount=1)I see in ADUC all filltered users with kopanoAccount=1. However, Kopano only sees with this filter only 2 users. If I set:
ldap_user_search_filter = (objectCategory=Person)Kopano will create all users regardless of whether they are authorized or not.
Did not you meet someone with this behavior?
-
Hello @ZofreCZ ,
i had installed zarafa before i upgraded to kopano but still useing the zarafa-ADS…
all users had the zarafaAccount-Attribute…Maybe you installed the kopano-ADS after/toghether with zarafa and all new users get the kopanoAccount attribute and all existent users have zarafaAccount…
If thats the case try:ldap_user_search_filter = ((kopanoAccount=1)|(zarafaAccount=1))Coffee_is_life
-
Thanks for answer.
I make new instalation of Kopano with integrated Windows Server 2012 R2 Active Directory. Debug logs display no errors. Is way to test ldap search with Kopano and see results?
-
using ldapsearch:
ldapsearch -LLL -x -H ldap://<ldapserver> -D cn=<user>,cn=<userscn>,dc=<domain>,dc=<topdomain> -w <pass> -b dc=<domain>,dc=<topdomain> '(&(kopanoAccount=1)(|(zarafaAccount=1)))' uid |grep '^uid:' | awk '{print $2}' | sort -ureplace <user> with a user who has read rights on server (or for test you can use domainadmin)
replace <userscn> with something like cn=users (or in your case i think cn=people)
replace <pass> withj the users password of course
replace <topdomain> with yours (de/com/net/whatever)
and <ldapserver> with your server
should give you a list of all users ( returnvalue is uid) with the specified values
Coffee_is_life
-
Thank You @Coffee_is_life for your help and right direction.
When I test lapdsearch, I found this was an account authorization problem used for ldap search.
Its solved.
Best regards.
