Also, how do the users get pushed to the server? I have AD connected but the users are not populating. I can see them if I run a wbinfo -u, I do see all the users.
The documentation is seriously lacking on the AD integration and use. It may be something I consider writing up for future users of NS. Let’s face it, AD rules the world and to not have NS tightly integrated and documented, NS will only be “one of those other quasi-mail servers.” For professional IT shops, at least here in the US, ActiveDirectory integration is paramount to buying a product.
Users are not pushed to NethServer and you will be able to see them only on specific pages (like Web Content Filter), sadly the “Users” page is not one of them.
This is because the integration is partial, since there are many problems to face and most of them are not related to CentOS but to AD itself. I know we have some internal documentation but it is Italian-only and tailored for the Enterprise support.
This was the sad part, now the the bright one!
We are working very hard to have a full integration with AD for NS 7.
The goal is to have fully featured NS which can act as AD PDC and also can connect to a forest of existing AD.
Stay tuned!
So, NS is false advertising then? It CLEARLY states that AD and email addresses will be imported from AD and now you, as part of the Dev Team are saying that factually FALSE? Perhaps you are mistaken? Or I am not reading this correctly?
From the Administrator Manual:
"The Email module integrates with an Active Directory (AD) environment, if Active Directory member role is enabled in Windows Network page.
To make NethServer work with the external LDAP database provided by Active Directory, the following rules applies:
Only enabled accounts are considered (userAccountControl attribute).
IMAP and SMTP login name is the value of sAMAccountName attribute.
Email addresses associated with an user are the values of mail…"
You’re not reading correctly, the manual states that “The Email module integrates with an Active Directory (AD) environment”, no one talked about importing
NS reads the users directly from the AD server and no local copy is made. Also, the manual talks about Email modules, not a full integration.
Please be patient, we are working very hard on the next release to create the best user experience for anybody who wants to play with AD
Tthe documentation probably isn’t clear enough, as @giacomo already said NethServer 6.x can’t live alone without an AD active, so we’re speaking about syncing and not importing
What is the purpose of “integrating” with an AD server and mentioning emails if NS does nothing with that information? Sure, I understand the point of joining the domain for purely security reasons. But what value beyond that is there? Why set false expectations?
I disagree wholeheartedly and so does everyone I have shown this document to. We all read it as NS will use AD and pull the email addresses directly. One stop shopping so-to-speak. If I were NS, I would change the manual immediately to be clear that while you can have NS “talk” to AD, there is no exchange of information. And include a line like: “NS will not import, sync, or otherwise communication with AD for anything other than domain membership. Admins will still need to manually populate users and emails into NS.” THAT IS A FAIR STATEMENT.
Maybe we didn’t explained ourselves well enough.
I will try with an example, feel free to ask more!
You have a NS and an AD server acting as PDC of the LAN.
NS is joined to the AD.
NS can act as Mail Server and Web Content Filter using users from AD, but you always need to manage the users from AD server.
Example for Mail Server:
Join NS to the AD
Install the mail server
Create a user goofy on AD
Add an email field to goofy user on AD
NS is automatically configured to receive mails for the goofy user
Example for Web Content Filter:
Join NS to the AD
Install the web content filter
Create a user goofy on AD
On NS create a web content profile for the goofy user (you should see the user from NS web interface)
If that is the case, it is best news I have heard all week!!! However, the “automatically configured” part is not working. Like I said earlier, I can do a webinfo -u on the NS and see the users. But when trying to log in to the email portal, nothing works.
This is I believe the final step of my implementation. If someone could explain how to get NS to read the email addresses from AD and then send/receive for those addresses, my life would be great! Right now, I am stuck at “* NS is automatically configured to receive mails for the goofy user”
For background, we do have the email addresses listed properly in the AD entry.
No luck. Does any user actually have AD integrated with NethServer? I’m curious if I am chasing a rabbit here. I’ve done everything suggested but still no luck.
Yes, you are right so far. When trying to login, SOGo spins a little when you hit enter so it is doing something. I can completely login with an email account created directly in NS so SOGo works.
IMAP works for the NS user but none of the AD users.