Home » Kerio User Forums » Kerio Connect » OS X Open Directory and Kerio mapping (Correct mapping of users, groups and emails OD LDAP attributes in Kerio)

Messages: 13
Karma: 0
Send a private message to this user
As could be seen in couple of other topics, a common issue is LDAP mapping of user name and email address. None of the other topics brought a solution.

A. Please provide a configuration guidelines to meet these requirements:
1. How to use the address defined in OD (LDAP attribute mail) as primary email address
2. How to use the email address defined in OD (LDAP attribute mail) as a Kerio login name

B. Consider having more then one email domain defined in Kerio. The users for all domains are maintained in Apple OD. Membership in particular domain is defined by Group membership in OD.
1. It is possible to map Groups to Kerio (but without any usability)
2. When a user is added to one email domain, he/she appears in other email domain as well. Group membership is not reflected.

KC 8.4, OS X 10.10.1


[Updated on: Thu, 01 January 2015 19:58]

Think Fixed

Messages: 495

Karma: 0
Send a private message to this user
I've never used the LDAP mail attribute. I leave this blank. The user's LDAP user name becomes the user name in Kerio Connect. Is there a specific technical reason why you want the LDAP mail attribute to map over to Kerio Connect?

Howie Isaacks
Systems Engineer | Apple Solutions Consultant
Think Fixed LLC, Dallas and Fort Worth


Messages: 13
Karma: 0
Send a private message to this user
Hi Howie,
Thanks for dealing with my question.

Concerning issue A: The ratio behind is, that:
- usernames are not the same as primary address (primary address should be "givenname.surname@domain" but username is just "surname")
- I use OS X 10.10 implementation of LDAP and OS X utilizes emails in LDAP attribute "mail" for its own purposes (like sending system messages to users, e.g. about homer quotas etc.)
- if you define secondary mail address (probably mail alias) in Kerio admin interface, then in Public Contacts you will see three email addresses for a user: address assigned by Kerio based on username (username<_at_>domain), alias defined in Kerio admin interface and "mail" attribute values from LDAP.

Concerning issue B: I have a setup where organization uses common LDAP, where users are distinguished into Groups. For each group there is its own email domain.
- user John Doe, username doe, group membership FirstGroup, mail john.doe<_at_>first.com
- user George Black, username black, group membership SecondGroup, mail gorge.black<_at_>second.com
- user Jane White, username white, group membership: FisrtGroup, SecondGroup, mail jane.white@first.com, jane.white<_at_>second.com

Thanks, Tom

[Updated on: Sun, 04 January 2015 18:24]

Previous Topic: Problem with S/MIME Certificate under iOS8
Next Topic: Admin access to user accounts using IMAP
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 18 17:00:25 CET 2018

Total time taken to generate the page: 0.79574 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.