Hi all,
we just setup a new NS8 node with mail and roundcube, and it works with user “saverios@mydomain.com” (using mail attribute). What are the attributes used to add aliases thas NS8 mail checks? othermailbox, proxyaddresses, mailNickname? Can we customize the fields used? Thx!
Hi,
welcome to NethServer community.
NethServer 8 doesn’t save alias mail addresses in AD/LDAP yet.
Roundcube uses IMAP to authenticate AFAIK.
Alias addresses can be added on the NS8 mail addresses page, see also Mail — NS8 documentation
In Roundcube you could define identities to use an alias address for sending by default, see also Sender Identities — Roundcubemail documentation
LDAP/AD can be customized using LAM or specific tools like RSAT but maybe the apps don’t support custom fields yet, there’s already a feature request for Nextcloud: Nextcloud: ldapEmailAttribute and Samba userPrincipalname · Issue #7299 · NethServer/dev · GitHub
I am also missing that feature.
Most existing AD domains will probably have the fields mail and maybe proxyAddresses filled in LDAP, but it is not being used by NS8. Instead, it has to be reconfigured on the mail app, and other apps like nextcloud or sogo do not use the information from the mail app. This is cumbersome and error prone.
Things would be easier and more consistent if mail, nextcloud, sogo would simply all use the same information from LDAP.
1 Like
I think it was intended to keep it consistent and flexible without using LDAP/AD. Mail addresses are like username@userdomain and for custom configurations one can use LAM to set LDAP fields. It already works for sogo and there’s already an issue as regards Nextcloud.
NethServer 8 can use it’s database and the core to provide the needed data and doesn’t need LDAP.
Implementing AD/LDAP mail fields would be a lot of work, here are some ideas:
- At the user domain layer we’d need an optional field in the UI to set the default mail domain that is used to fill the LDAP mail field with the right default mail address
username@defaultmaildomainwhen users are created - Apps need to allow changing the LDAP mappings and keep these settings
- The mail server needs to be an LDAP client reading at least alias fields to sync addresses (coding)
- It should be possible to disable the mail server LDAP alias addresses configuration when joined to an AD/LDAP not supporting it or misusing the fields.
It would be a nice feature so feel free to open a Feature request.
2 Likes
In NS7 we used to modify a custom template, /etc/e-smith/templates-custom/etc/postfix/main.cf, and add a specific “.cf” to postfix to look for some fields in AD.
For example, adding “ldap:/etc/postfix/ldap-aliases.cf” for virtual_domains, with this lines in the file:
server_host = ldaps://192.168.x.x
search_base = DC=mydomain,DC=local
query_filter = (|(&(objectClass=person)(mail=%s))(&(objectClass=person)(otherMailbox=%s)))
version = 3
result_attribute = mail
bind = yes
bind_dn = CN=mail_service_user,CN=Users,DC=mydomain,DC=local
bind_pw = MYCOMPLEXPASS
Doing so, postfix look in “mail” and also in “otherMailbox” fields for user mail aliases.
NS 8 should be able to check standard ldap fields like this one.
Savieros, file a feature request, we will join!
1 Like