[Samba] some samba4 AD questions, after a week of playing around
Achim Gottinger
achim at ag-web.biz
Wed Nov 20 13:15:52 MST 2013
Am 20.11.2013 20:45, schrieb Davor Vusir:
> On 2013-11-19 21:52, Achim Gottinger wrote:
>>
>>>>
>>>> 2. We have many openldap users with more than one mail attribute.
>>>> Works good with postfix/dovecot. I found out that in AD users can
>>>> only have one single mail attribute? I'm guessing we're not alone
>>>> in this... How to best deal with this?
>>>>
>>> There is another mail attribute, otherMailbox - this is multi-valued
>>> unlike mail which is single-valued, but it cannot be used with groups.
>> Glad you posted that it can not be used with groups. Now I have to
>> rethink e-mail handling for an samba4 environment i had planed to
>> deploy this weekend.
>> Have you tried to add the Organisational-Person class to an group to
>> get otherMailbox for groups working?
>>
>> achim~
> Hi Achim!
>
> This link,
> http://www.iredmail.org/wiki/index.php?title=Integration/Active.Directory.iRedMail,
> might give you the ideas to solve your problem.
>
> Regards
> Davor
Hi Davor,
Thank you for the Link. I think i had skimmed over it while i configured
dovecot/postfix. That document describes how to use AD groups like
mailinglists. I use two types of groups on my setup, if an group is an
"distribution group" it acts like an mailinglist, if it's an "security
group" it has an own mail account which is shared with all members of
the group.
Also in addition to that document i also look for otherMailbox
attributes in my postfix ldap queries. Thought i can use these
attributes for groups as well, but like Rowland mentioned this attribute
does not exist for groups. Guess i'll use the url attribute instead, it
is not used otherwise here, can have multiple values and can be edited
via Windows AD GUI.
achim~
More information about the samba
mailing list