Ldap and Imail |
Post Reply |
Author | |
luisduenas
Newbie Joined: 03 August 2009 Status: Offline Points: 2 |
Post Options
Thanks(0)
Posted: 03 August 2009 at 7:57pm |
Hello , I want to integrate the User Authentication whit the Imail mail software, SF is working in Standart Filters,
But i cant make it work whit differents domains. whit one domain ej isourcing.com.mx it works server : my server. Specify Account : cn=Myuser, o=isourcing.com.mx Search base DN : o=isourcing.com.mx Search mask : (|(sAMAccountName=%0:s)(uid=%0:s)(mail=%0:s)) test result= Account successfully logged it But if I left the search base dn empty , cause I want to use whit diferents domains. Account failed: Objet does not exist (No existe el objeto) the ldap structure is: My server o=myDomains.com ou=People uid=myUsers o=mysecondDomain.com ou=People uid=myUsers Do i need to change to enterprice filters in order to use a Ldap setting peer domain ? or the is a way to use a varible for domaing striping like "o=%1@:s" to use the email domain for the search base DN ? Regards. |
|
LogSat
Admin Group Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
|
luisduenas,
Both SpamFilter ISP "standard" and "Enterprise" have the same exact functionality with LDAP integration, so you can use either version. As you are able to obtain a successful authentication when filling in the "Search base DN" with "o=isourcing.com.mx", that indicates that your connection settings and the search mask are working correctly. The default search mask below: (|(sAMAccountName=%0:s)(uid=%0:s)(mail=%0:s)) is used to locate the specific user in the LDAP structure. The syntax above means that the "%0" place holder will be replaced by the username, and that the three attributes: sAMAccountNAme uid mail will all be tested to see if they match the username. If any of them match, that will trigger a positive match. According to the ldap structuure you included in the posting, you are most likely getting a "hit" on the "uid" attribute, indicating the default mask we provide works in your environment. Now going back to your issue when the base dn is empty, SpamFilter does need a base DN to tell SpamFilter from where to start searching in LDAP. Your root domain is specified as "o=myDomains.com". That would actually normally be indicated with something like "o=myDomains,o=com". If the LDAP structure is configured accordingly, this would allow you to specify a base dn of "o=com" with all your domains branching underneath it: o=com o=mydomains ou=People o=myotherdomain ou=People You may also be able to configure your LDAP server to handle referrals, and to provide a reference to which servers handle the other domains. SpamFilter should follow LDAP Referrals accordingly. |
|
luisduenas
Newbie Joined: 03 August 2009 Status: Offline Points: 2 |
Post Options
Thanks(0)
|
I'll try
thank you.
|
|
Post Reply | |
Tweet
|
Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.164 seconds.