Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Same username between domains?
  •  
Kymmy

Messages: 4
Karma: 0
Send a private message to this user
Hi everyone,

Running KMS 6.4 and setting it up with multiple domains.

Now I had user XXXX on the primary domain, then set up a user with the same name in another a second domain. Messages to the user on the 2nd domain are routing OK to thier mail store but from outlook (2007) they can't download any mail. The security log is showing a pop login error but outlook is saying that it logs in OK.

The only thing I can think of is that the user is logging in as the primary domain and checking the primary mailbox even though the outlook login details is set to user XXXX<_a.t_>2ndDomain.com.

Any help please?

Kymmy
  •  
Kymmy

Messages: 4
Karma: 0
Send a private message to this user
Looking further into this it seems to be two seperate problems (well ones a problem that seems well documented but not fixed in this forum, the other I don;t know if it's a problem or by design though I think it's a problem and I think they're both connected.

1#
A second domain name doesn't seem to allow the usage of usernames already taken by the primary domain. Whenn logging in it seems to default to the primary login before trying the secondary login. This then means that although you specify user<_a.t_>2ndDomain.com it checks the email for user<_a.t_>1stdomain.com .

2#
The secondary domains throws up login errors although they do work eventually. Now the knowledge base specifies that this is a secure authentification method though I'm a bit puzzled as to why this doesn't happen on the primary domain.

I'm more inclined to believe that the server is first checking the username<_a.t_>domain.com to the primary domain first before it then checks for secondary domains hence throwing up the error. This would account for both problems.

I've only recently started using a 2nd domain so only just noticed this problem. Is it fixed in 6.5???

Kymmy
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
There is no problem. When you log in with username without a domain part, default email domain is used. For logging to secondary domain you need to use full login name username<_a.t_>2nddomain.

When using NTLM, it is important that both domains have different Windows Domain name in Directory service setting. Otherwise first available domain will be used for authentication if there are two domains with same setting.
  •  
Kymmy

Messages: 4
Karma: 0
Send a private message to this user
This isn't a domain enabled server so not running directory services not is NTLM enabled. Server is Win2K3 with KMS and KWF installed, clients are Outlook 2007 (customer choice and not mine)

When the secondary domain had a user the same name as the primary domain the secondary domain would login using USER<_a.t_>SECONDDOMAIN.COM but tell me that there's no mail there even though there was some in it's mailstore.

Also the LOGIN error that exists for other secondary domain users (who do not have an identical user entry in the primary domain) don't pop up for these 2nd domain users who do have primary entries.

Users on the 2nd domin that have no equivelant in the primary domain do get the login error but can access thier mailstore after this error.

That leads me to believe that although I am specifying the domain in login username it's logging into the primary and not the secondary domain. This was confirmed as both usernames had the same password and when I changed the password on the 2nd domain and the client it failed login totally. Is there perhaps another domain delimiter that I can use just in case it's that being the problem????

All logins are in plain text with no secure authentification. (mainly as it's on my internal test server being configured before deployment)

Kymmy

[Updated on: Sat, 16 February 2008 14:21]

Previous Topic: On the style
Next Topic: Export users AND passwords
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Nov 22 16:06:31 CET 2017

Total time taken to generate the page: 0.00370 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.