How to integrate E.F.A with Active Directory 3.0.2.3

Questions and answers about how to do stuff
Post Reply
t3kn04r33k
Posts: 1
Joined: 15 Jul 2017 16:48

How to integrate E.F.A with Active Directory 3.0.2.3

Post by t3kn04r33k »

Hello All,
I thought I would share my final configuration for successfully integrating with AD 2012 R2.
For whatever reason this was a struggle to get working properly.

The configuration I used was this in the Mailscanner conf.php
Case matters here, that will get you everytime.
The Ldap DN should be as it is in AD.
Ldap filter and Ldap username Fields are case sensitive.

--------------------------------------------

Code: Select all

// LDAP settings for authentication
define('USE_LDAP', true);
define('LDAP_SSL', false); // Set to true if using LDAP with SSL encryption.
define('LDAP_HOST', 'xxx.xxx.xxx.xxx');
define('LDAP_PORT', '389');
define('LDAP_DN', 'OU=Users,OU=Corp,DC=Corp,DC=local');
define('LDAP_USER', 'ldapuser@sonoma.local'); // If no email set: cn=admin,dc=example,dc=com
define('LDAP_PASS', 'xxxxxxxxxxxxxx');
define('LDAP_SITE', 'default-first-site-name');
define('LDAP_FILTER', 'mail=%s'); //%s will be replaced by username eg. 'mail=%s', 'mail=SMTP:%s', 'sAMAccountName=%s'
define('LDAP_PROTOCOL_VERSION', 3);
// can be set to 'proxyaddresses' or 'mail'. Please refer to your LDAP system manual for the right keyword
define('LDAP_EMAIL_FIELD', 'mail');
// Ldap field that is used to bind to the ldap server to check the credentials.
// The value of the LDAP_USERNAME_FIELD will be extended by LDAP_BIND_PREFIX and LDAP_BIND_SUFFIX to created the binding username.

define('LDAP_USERNAME_FIELD', 'userprincipalname');

// define('LDAP_BIND_PREFIX', 'cn=');
// define('LDAP_BIND_SUFFIX', ',' . LDAP_DN);
// Microsoft Active Directory compatibility support for searches from Domain Base DN

define('LDAP_MS_AD_COMPATIBILITY', true);
---------------------------------------------------------

With this setup you will use the email address as the username and your domain password and you should be authenticated and taken to your spam.
MooreSys
Posts: 6
Joined: 08 Apr 2018 02:43

Re: How to integrate E.F.A with Active Directory 3.0.2.3

Post by MooreSys »

Where is this conf.php files located exactly? I do not have a conf.php files in the /etc/MailScanner path.
Odon Garma
Posts: 33
Joined: 08 May 2017 14:10

Re: How to integrate E.F.A with Active Directory 3.0.2.3

Post by Odon Garma »

look here:
/var/www/html/mailscanner/conf.php

Greetz
Post Reply