|
|
| Line 1: |
Line 1: |
| − | = Enable Generic LDAP Authentication =
| + | TODO |
| | | | |
| − | To activate the generic LDAP Server authentication open the MailStore Management Shell and execute the following command:
| |
| − |
| |
| − | store-setprop --name="public.ldap.type" --value="LdapGeneric"
| |
| − |
| |
| − | Now you are able configure your LDAP server settings at '''Management | LDAP Integration'''.
| |
| − |
| |
| − | <p class="msnote">'''Please note:''' In order to change the mode back to Active Directory, please set the value to <code>ActiveDirectory</code> instead of <code>LdapGeneric</code>.</p>
| |
| − |
| |
| − | = Synchronizing LDAP users =
| |
| − |
| |
| − | Since MailStore Server 4.5 it is possible to automatically sync user account from a generic LDAP server (e.g. OpenLDAP). For that purpose the MailStore Management command <tt>ldap-sync</tt> is available.
| |
| − |
| |
| − | ldap-sync --parameter1="value" --parameter2="value"
| |
| − |
| |
| − | The attr-* values depend on the chosen attribute names of you LDAP server.
| |
| − |
| |
| − | Parameter Meaning
| |
| − | =================================================================================
| |
| − | server IP address or hostname of your LDAP server
| |
| − | auth-type optional: Authentification method (None or SecureSocketsLayer)
| |
| − | user LDAP DN for username used for synchronization
| |
| − | pass password used for synchronization
| |
| − | base-dn LDAP Base-DN, e.g. dc=mycompany,dc=local
| |
| − | filter optional: LDAP filter string, e.g. (objectclass=posixAccount)
| |
| − | allow-create no value. If given, new users will be created in MailStore
| |
| − | dry-run no value. If given, simulate execution.
| |
| − | Only valid in conjunction with allow-create
| |
| − | attr-user LDAP attribute for usernames, e.g. cn or uid
| |
| − | attr-disp optional: LDAP attribute for displayed name, e.g. displayName
| |
| − | attr-mail optional: LDAP attribute for SMTP mail address, e.g. mail
| |
| − |
| |
| − | '''Example 1:''' Testing the creation of new users
| |
| − | ldap-sync --server="ldapserver.mycompany.local" \
| |
| − | --user="uid=mailstore,dc=mycompany,dc=local" --pass="secret123" \
| |
| − | --base-dn="ou=users,dc=mycompany,dc=local" --allow-create --dry-run
| |
| − |
| |
| − | '''Example 2:''' Create new users in MailStore
| |
| − | ldap-sync --server="ldapserver.mycompany.local" \
| |
| − | --user="uid=mailstore,dc=mycompany,dc=local" --pass="secret123" \
| |
| − | --base-dn="ou=users,dc=mycompany,dc=local" --allow-create
| |
| − |
| |
| − | '''Example 3:''' Sync existing users with MailStore
| |
| − | ldap-sync --server="ldapserver.mycompany.local" \
| |
| − | --user="uid=mailstore,dc=mycompany,dc=local" --pass="secret123" \
| |
| − | --base-dn="ou=users,dc=mycompany,dc=local" \
| |
| − | --attr-user="cn" --attr-disp="displayName" -attr-mail="mail"
| |
| | [[de:Generische_LDAP-Integration]] | | [[de:Generische_LDAP-Integration]] |
