Playing around to get to know kopano I’v reached quite far in using FreeIPA as LDAP source for user management.
Now I have a small problem regarding group membership. In the example in the manual group membership is based on memberUid, but on in FreeIPA group membership is defined by the attribute member which contains a full dn
dn: cn=somegroup,cn=groups,cn=accounts,dc=int,dc=vink-slott,dc=dk objectClass: ipausergroup objectClass: nestedgroup objectClass: nestedGroup objectClass: posixgroup objectClass: groupofnames objectClass: ipantgroupattrs objectClass: kopano-group objectClass: groupOfNames objectClass: ipaobject objectClass: top cn: somegroup description:: Bla bla bla gidNumber: * ipaNTSecurityIdentifier: * ipaUniqueID: * member: uid=klaus,cn=users,cn=accounts,dc=int,dc=vink-slott,dc=dk memberUid: klaus
The last line (memberUid ) is added manually as a workaround - I cant figure out how to configure ldap.cfg to make kopano read members based on the member attribute.