We would like to authenticate our mail users against a Win2003 DC, but we have several mail domains on our Kerio mailserver (6.2.2).
I did not find any documentation for this scenario, all i found was the authentication of one mail domain against one AD domain.
I hoped the installation of the KADE would add an additional "Domain" field in the AD schema, but it did not...
Has anybody an idea if this is even possible?
I am thankful for any hint!
The same is also true of the OpenDirectory extensions which is a real pain.
We have two Kerio servers but want both to poinit at the same OpenDirectory domain.
We want some users in OD to be active on one KMS server and others to be active on the other (in some cases we will need a user to be active on both, but that is another story). Presently if we activate a user on one server then the other server assumes that it should activate them. I am guessing that this is the result of having either the kerio-Mail-AccountEnabled or kerio-Mail-Active attributes set to 1.
The first server sets this when you enable the users account from the directory and then the second server looks to the directory, sees this set to true and says 'Okay I am responsible for mail for this user'.
The way round this that I can see is for Kerio to extend the schema slightly further and include a kerio-Mail-Domain (multi) in the schema which contains each domain for which mail should be active. Server 1 would then set this to domain1.com when the user is activated, server 2 would then ignore the user as it knows that it is not responsible for that domain. If the user was then explicitly activcated on server2 it would add it's domain2.com record to that attribute and therefore stop ignoring it.
This method, as far as I can see, would kill two birds with one stone by allowing multiple domains on one server to reference OD/AD and also allow multiple servers likewise.
I will post this in to Kerio as a feature request if someone can remind me of the address. Likewise all who desire this should also make a request. The more requests, the more likely it is to happen.
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of