Postfix Active Directory integration

From Zarafa wiki

This article describes how you can integrate a Postfix MTA with an Active Directory environment.

When using ADS the default email addresses are stored in the attribute mail. After the Zarafa Active Directory plugin is installed, you can also administrate aliases. The email aliases of users are stored in the attribute otherMailbox.

In this example config Postfix will be coupled to an Active Directory server for administration of email addresses and aliases. The email domains should still be configured in the Postfix configuration file (/etc/postfix/main.cf)

Configure Postfix for Active Directory support

The Postfix package in most Linux distributions has LDAP support by default. In the following steps we will explain how to configure Postfix with a LDAP backend.

• Add the following lines to the end of the /etc/postfix/main.cf

zarafa_destination_recipient_limit = 1
virtual_transport = lmtp:localhost:2003
#
virtual_mailbox_domains = example.com, domain.com
# 
virtual_mailbox_maps = ldap:ldap-users
ldap-users_server_host = ip-address
ldap-users_bind = yes
ldap-users_version = 3
ldap-users_bind_dn = cn=Administrator,cn=Users,dc=example,dc=local
ldap-users_bind_pw = secret
ldap-users_search_base = cn=Users,dc=example,dc=local
ldap-users_scope = sub
ldap-users_query_filter = (mail=%s)
ldap-users_result_attribute = mail
# 
virtual_alias_maps = ldap:ldap_virtual_alias
ldap_virtual_alias_server_host = ip-address
ldap_virtual_alias_bind = yes
ldap_virtual_alias_version = 3
ldap_virtual_alias_bind_dn = cn=Administrator,cn=Users,dc=example,dc=local
ldap_virtual_alias_bind_pw = secret
ldap_virtual_alias_search_base = cn=Users,dc=example,dc=local
ldap_virtual_alias_scope = sub
ldap_virtual_alias_query_filter = (otherMailbox=%s)
ldap_virtual_alias_result_attribute = mail

The virtual_transport will specify the delivery method for all incoming emails. The transport has be defined the master.cf.

Add your email domains to the option virtual_mailbox_domains.

The search base of the users and aliases need to be set to the correct search base of your LDAP server.

After you changed your configuration files reload Postfix via the init-script:

 /etc/init.d/postfix reload

Make sure the zarafa-dagent run as daemon and is started at boot time:

chkconfig zarafa-dagent on
/etc/init.d/zarafa-dagent start

To configure Zarafa with Active Directory you can use the Administrator Manual and see the Zarafa example configuration files in /usr/share/doc/zarafa/example-configs.