LDAP connectivity of the REDDOXX Appliance
The REDDOXX appliance supports a LDAP connectivity to a varity of user backend systems.
Depending on the LDAP server type the LDAP connector supports authorization of users, validation of recipient’s email addresses and the automated creation of users at the REDDOXX appliance.
The configuration of the LDAP connectivity are divided into 2 parts:
- The user login is configured in der REDDOXX Appliance as a so called Realm
- The validation of recipient’s email addresses is configured at the corresponding local domain.
In the following table set you will find the currently supported LDAP backend systems and the related feature sets:
| LDAP-Server | User authentication | Recipient check | User Auto creation | Email address import |
|---|---|---|---|---|
| Microsoft Active Directory | ✔ | ✔ | ✔ | ✔ |
| Exchange 5.5 | ✔ | |||
| Novell eDirectory | ✔ | |||
| Lotus Domino 6+ | ✔ | ✔² | ✔ | ✔² |
| OpenLDAP | ✔ | ✔ | ✔ | ✔ |
| OpenExchange AE | ✔ | ✔ | ✔ | ✔ |
² For Lotus Notes Domino there are following exceptions:
- Only follwing email addresses fields are valid:
The "Internet address" of a user or a group and UserID@internet.maildomain of a user - UserID must be unique!
- When importing email addresses only the field "Internet address" is supported.
- Additional addresses can be added manually.
Sample Realm configuration for the user login with Microsoft Active Directory
Following network configuration is used for the example below:
Active Directory Domain: reddoxx.net
Domain-Controller: domaincontroller.reddoxx.net
Sample local domain configuration for the email address validation with Microsoft Active Directory
Following network configuration is used for the example below:
Active Directory Domain: reddoxx.net
Domain-Controller: domaincontroller.reddoxx.net
LDAP-User: ldapuser
The LDAP user can be every simple user in the active directory.
Sample local domain configuration for the email address validation with Exchange 5.5
Following network configuration is used for the example below:
Exchange 5.5 Server: exchange.reddoxx.net
„Autocreate user“ needs to be deactivated, because this function is not supported with Exchange 5.5 .
Sample Realm configuration for the user login with Novell eDirectory
Following network configuration is used for the example below:
Novell Netware-Server: netware.reddoxx.net
„Import e-mail Addresses“ needs to be deactivated, because this function is not supported for Novell eDirectory.
„Set primary E-Mail Address“ needs to be deactivated, because this function is not supported for Novell eDirectory.
Sample Realm configuration for the user login with Lotus Notes Domino
Following network configuration is used for the example below:
Lotus Domino Server: domino.reddoxx.net
Sample local domain configuration for the email address validation with Lotus Notes Domino
Following network configuration is used for the example below:
Lotus Domino Server: domino.reddoxx.net
Sample Realm configuration for the user login with OpenLDAP
Following network configuration is used for the example below:
OpenLDAP-Server: openldap.reddoxx.net
The advanced settings can be used to provide further attributes for the ldap query.
The attributes "alias" and "mailAlternateAddress" for example can be added to the default attribute "mail".
Additional attributes can be addded in a comma separated line and have to include the attribute "mail" as well.
In this example the correct line would be: mail,alias,mailAlternateAddress
Information for Zimbra
To be able to use the realmlogin for zimbra, the anonymous bind needs to be enabled first.
Please use following command as zimbra user (suo su - zimbra):
/opt/zimbra/libexec/zmldapanon -eAn example for the base dn in realm configuration would then be: ou=people,dc=reddoxx,dc=net
Sample local domain configuration for the email address validation with OpenLDAP
Following network configuration is used for the example below:
OpenLDAP-Server: openldap.reddoxx.net
LDAP-User: admin
The LDAP user needs read access to the LDAP directory and to the attributes „uid“ and „mail“.
Since version 2032 additional query parameter can be provided in the "Advanced Configuration"
Example query for Kolab:
GetUserByUsernameQuery: (&(objectClass=inetOrgPerson)(uid=%USERNAME%))
GetUsernameByAddressQuery: (&(objectClass=inetOrgPerson)(|(mail=%ADDRESS%)(alias=%ADDRESS%)(mailAlternateAddress=%ADDRESS%)))
LDAPAddressExistsQuery: (|(mail=%ADDRESS%)(alias=%ADDRESS%)(mailAlternateAddress=%ADDRESS%))
Local Domain configuration example for zimbra :
Username=admin,ou=people,dc=reddoxx,dc=net
Base DN: ou=people,dc=reddoxx,dc=net
Sample Realm configuration for the user login OpenExchange AE
Following network configuration is used for the example below:
OpenExchange-Server: openexchangeae.reddoxx.net
Sample local domain configuration for the email address validation OpenExchange AE
Following network configuration is used for the example below:
OpenExchange AE: openexchangeae.reddoxx.net
LDAP-User: admin
The LDAP user must have read access to the LDAP directory and to the attributes „uid“ and „mail“.