Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Multiple mail domains and active directory
  •  
Ste73

Messages: 18
Karma: 0
Send a private message to this user
We have a big problem:

we have 1 server with active directory users mapping.

on this server we need to have 3 mail domain (<_a.t_>xxx.it, <_a.t_>yyy.it and <_a.t_>zzz.it)

some of the users of the AD has to have the 1st domain mail, some others the second, some others again the 3rd, so each domain is connected to the AD

Now, we have this problem: if we activate a new user on KERIO going on users, right click and then "activate active directory user" the same user is activated on all 3 domains, but it's not what we need for 2 reasons:

1) user STEFANO must have mail <_a.t_>zzz (3rd domain) but absolutely NOT <_a.t_>xxx.it (primary domain)

2) each user uses 3 licenses in this way!

What to do?

is it a bug???

Tks
  •  
sedell

Messages: 1168
Karma: 1
Send a private message to this user
No bug, that's how it works. Active Directory mapping is a 1-to-1 relationship. You've got 3 mail domains mapped to one LDAP domain. Activate an account, and all three mail domains see the same setting - an account that's active, there's no way to know for which. There also isn't enough information provided by clients during login to determine which mail domain to use, especially if you use SPA.

Scott
  •  
Ste73

Messages: 18
Karma: 0
Send a private message to this user
sedell wrote on Wed, 12 November 2008 18:04

No bug, that's how it works. Active Directory mapping is a 1-to-1 relationship. You've got 3 mail domains mapped to one LDAP domain. Activate an account, and all three mail domains see the same setting - an account that's active, there's no way to know for which. There also isn't enough information provided by clients during login to determine which mail domain to use, especially if you use SPA.


I don't understand: if i have each user active in only 1 domain it's really easy to understand what mailbox to open ... no?

sorry, what's SPA?

Sad

Ste
  •  
sedell

Messages: 1168
Karma: 1
Send a private message to this user
No, it's not that easy. There's no way for the mail domain to know which mail domain the user is active for. All 3 mail domains point to a single domain that has a single setting if a mail account is active. So all 3 mail domains see the same setting that says the mail account is active.

SPA - Secure Password Authentication - AKA use Microsoft NTLM authentication. Prevents the users from having to specify a username and password when logging in, and instead uses the domain login information to authenticate.

Scott
  •  
Ste73

Messages: 18
Karma: 0
Send a private message to this user
With organizational unit is possible !!!

thanks to the us support !!!

Wink
Previous Topic: SpamRepellent and Telnet
Next Topic: Follow Ups Not Working In Outlook 2007 KOC
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 09:55:15 CET 2017

Total time taken to generate the page: 0.00443 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.