Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Managing maillists with AD groups
  •  
r1sh

Messages: 91
Karma: -3
Send a private message to this user
Hello!

WE've got Kerio Connect connected with AD.

Is there any way to manage mail lists with AD security groups?

For example, I have in AD groups IT, Sales, Management. Every group has members.

Can I somehow add AD security group to Kerio Connect, write letter to, for example, it<_at_>domain.com and this letter will recieve all members of this group?
  •  
MarkK

Messages: 454
Karma: 46
Send a private message to this user
Yes. On the AD server that you have the Kerio extensions loaded on, right click on the AD group and select the Kerio Connect Account tab > EMail Address button. There you can setup the email address for that group, and emails will be delivered to each individual member.
  •  
r1sh

Messages: 91
Karma: -3
Send a private message to this user
Hi!

I see AD groups in Kerio.

I can add email to AD group in Kerio

But when i send a letter to this email I recieve error that mailbox doesn't exists.

Why?
  •  
r1sh

Messages: 91
Karma: -3
Send a private message to this user
  •  
Charles B

Messages: 77
Karma: 3
Send a private message to this user
It is possible to have an AD group that shows up in the Kerio groups list, but does not have an email address.

You could check the following in Kerio: Edit your group, click the 'Email Addresses' tab, and verify that there is an email address listed, and it is indeed the one you are sending email to.

Mid 2015: Quit Kerio and moved to Exchange 2013 and Meraki.
Kerio Control 8.4.0--Used since it was WinRoute, many years ago
Kerio Connect 8.4.0 on Ubuntu. Bought Connect just in time for the switch to NO SUPPORT(aka pay for support). Not. Happy.
  •  
r1sh

Messages: 91
Karma: -3
Send a private message to this user
yes, I did it, everything is the same^ same group, same mailbox..
  •  
Charles B

Messages: 77
Karma: 3
Send a private message to this user
What kind of error do you see in your Kerio Warning log when the message fails? I would expect 2 lines. The first starts "No local mailbox", and the second says expanded to zero recipients.

Mid 2015: Quit Kerio and moved to Exchange 2013 and Meraki.
Kerio Control 8.4.0--Used since it was WinRoute, many years ago
Kerio Connect 8.4.0 on Ubuntu. Bought Connect just in time for the switch to NO SUPPORT(aka pay for support). Not. Happy.
  •  
r1sh

Messages: 91
Karma: -3
Send a private message to this user
Charles B wrote on Thu, 20 November 2014 21:14
What kind of error do you see in your Kerio Warning log when the message fails? I would expect 2 lines. The first starts "No local mailbox", and the second says expanded to zero recipients.



You are right!!!!!

In warning log:

[25/Nov/2014 13:33:14] Address <all<_at_>rostherm.ru> expanded to zero recipients
[25/Nov/2014 13:35:16] Address <all<_at_>rostherm.ru> expanded to zero recipients

In debug log:

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP connection acquired: hostname="10.11.10.15", poolSlot=0. (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP request: action=search, params=" dc=rost,dc=local??sub?(&(&(objectclass=user)(!(objec tclass=computer)))(&(sAMAccountName=all))(kerio-Mail-Act ive=*)) " (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} ControlList: Performing LDAP search using vlv, sort server side controls. ThreadID: 6080.

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP result: action=search, errcode=0, message="Success" (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP connection was released: poolSlot=0. (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP connection acquired: hostname="10.11.10.15", poolSlot=0. (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP request: action=search, params=" dc=rost,dc=local??sub?(&(&(objectclass=user)(!(objec tclass=computer)))(&(kerio-Mail-Address=all))(kerio-Mail -Active=*)) " (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} ControlList: Performing LDAP search using page server side controls. ThreadID: 6080.

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP result: action=search, errcode=0, message="Success" (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP connection was released: poolSlot=0. (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP connection acquired: hostname="10.11.10.15", poolSlot=0. (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP request: action=search, params=" dc=rost,dc=local??sub?(&(objectclass=group)(&(kerio- Mail-Address=all))(kerio-Mail-Active=*)) " (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} ControlList: Performing LDAP search using page server side controls. ThreadID: 6080.

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP result: action=search, errcode=0, message="Success" (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP connection was released: poolSlot=0. (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP connection acquired: hostname="10.11.10.15", poolSlot=0. (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP request: action=search, params=" dc=rost,dc=local??sub?(&(objectCategory=group)(name=Вс е сотрудники))" (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} ControlList: Performing LDAP search using page server side controls. ThreadID: 6080.

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP result: action=search, errcode=0, message="Success" (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP request: action=search, params=" dc=rost,dc=local??sub?(&(&(objectclass=user)(!(objec tclass=computer)))(&(|(memberOf=CN=Все сотрудники,OU=Mail,OU=Service  Groups,DC=rost,DC=local)(primaryGroupID=3656)))(kerio-Mail-A ctive=*)) " (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} ControlList: Performing LDAP search using page server side controls. ThreadID: 6080.

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP result: action=search, errcode=0, message="Success" (ThreadId=6080)

[25/Nov/2014 13:35:16][6080] {ldapdb} LDAP connection was released: poolSlot=0. (ThreadId=6080)

[Updated on: Tue, 25 November 2014 11:44]

  •  
r1sh

Messages: 91
Karma: -3
Send a private message to this user
Charles B wrote on Thu, 20 November 2014 21:14
What kind of error do you see in your Kerio Warning log when the message fails? I would expect 2 lines. The first starts "No local mailbox", and the second says expanded to zero recipients.


As I understand, Kerio doesn't support goups included in groups. Is there any way to make it work?....

[Updated on: Tue, 25 November 2014 13:19]

  •  
Charles B

Messages: 77
Karma: 3
Send a private message to this user
I don't know--AD groups work for me, and it sounds like you've done everything right. Maybe it is time to open a Kerio support ticket.

Before you do though, I suggest going into Kerio Groups, removing one of your AD groups from the Kerio list, then do an Add from directory service to put it back - then test. I have in the past had something be broken, called Kerio support who had me delete and re-create it, and it worked.

No, I have not been able to get groups within groups to work in Kerio. Very annoying, leading to several redundant groups.

Mid 2015: Quit Kerio and moved to Exchange 2013 and Meraki.
Kerio Control 8.4.0--Used since it was WinRoute, many years ago
Kerio Connect 8.4.0 on Ubuntu. Bought Connect just in time for the switch to NO SUPPORT(aka pay for support). Not. Happy.
  •  
r1sh

Messages: 91
Karma: -3
Send a private message to this user
Charles B wrote on Tue, 25 November 2014 19:27
I don't know--AD groups work for me, and it sounds like you've done everything right. Maybe it is time to open a Kerio support ticket.

Before you do though, I suggest going into Kerio Groups, removing one of your AD groups from the Kerio list, then do an Add from directory service to put it back - then test. I have in the past had something be broken, called Kerio support who had me delete and re-create it, and it worked.

No, I have not been able to get groups within groups to work in Kerio. Very annoying, leading to several redundant groups.


yeah, it's very annoying and the worst thing is that it doesn't metioned in any KB....just powershell scripts save me:)
Previous Topic: Free/Busy not available after the end of Dec
Next Topic: Forwarding mail and missing recipient
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Aug 17 23:16:47 CEST 2017

Total time taken to generate the page: 0.00506 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.