Hi Davide
The migration is completed and the old server is shutdown. Good question about user accounts but it should be Samba, have container named samba-dc that is running and it lists all users. The server is used externally.
I have assigned 2 vCPU and 8 GB RAM to the VM and that has been enough so far, the installation has only a few users.
Here is a short extract from the logs that points to a timeout issue with ldap.
2026-06-24T20:46:42+02:00 \[1::systemd\] Starting prometheus-node-exporter-apt.service - Collect apt metrics for prometheus-node-exporter…
2026-06-24T20:46:42+02:00 \[1::systemd\] Starting prometheus-node-exporter-nvme.service - Collect NVMe metrics for prometheus-node-exporter…
2026-06-24T20:47:18+02:00 \[1:mail1:dovecot\] imap(84630): Error: auth-master: login: request \[298844161\]: Login auth request failed: Internal auth failure (auth connected 60025 msecs ago, request took 60025 msecs, client-pid=84626 client-id=1)
2026-06-24T20:47:18+02:00 \[1:mail1:dovecot\] imap-login: Disconnected: Internal login failure (pid=84626 id=1): user=, method=PLAIN, rip=95.193.70.43, lip=192.168.1.106, mpid=84630, TLS, session=
2026-06-24T20:47:18+02:00 \[1:mail1:dovecot\] imap(user1)<1469>: copy from INBOX: box=Trash, uid=41417, msgid=<2028694997.66199.1782326239011@lor1-app145158.prod.linkedin.com>, from=LinkedIn <messages-noreply@linkedin.com>, subject=\*\*\*\*\*\*\*\*\*, flags=(\\Seen NonJunk)
2026-06-24T20:47:18+02:00 \[1:mail1:rspamd\] (controller) ; monitored; rspamd_monitored_dns_cb: DNS reply returned ‘no error’ for score.senderscore.com while ‘no records with this name’ was expected when querying for ‘1.0.0.127.score.senderscore.com’(likely DNS spoofing or BL internal issues)
2026-06-24T20:47:18+02:00 \[1:mail1:dovecot\] auth: Error: auth client 0 disconnected with 1 pending requests: EOF
2026-06-24T20:47:18+02:00 \[1:crowdsec1:crowdsec1-firewall-bouncer\] time=“2026-06-24T18:46:45Z” level=info msg=“56 decisions deleted”
2026-06-24T20:47:18+02:00 \[1:mail1:rspamd\] (rspamd_proxy) ; proxy; proxy_milter_finish_handler: finished milter connection
2026-06-24T20:47:25+02:00 \[1:mail1:dovecot\] auth-worker(84631): Error: ldap(/etc/dovecot/passdb.conf.ext): Initial binding to LDAP server timed out
2026-06-24T20:47:25+02:00 \[1:ldapproxy1:ldapproxy\] 2026/06/24 18:47:25 \[info\] 25#25: \*33363 client disconnected, bytes from/to client:71/0, bytes from/to upstream:0/71
2026-06-24T20:47:25+02:00 \[1:mail1:dovecot\] auth-worker(84631): Error: ldap(/etc/dovecot/userdb.conf.ext): Initial binding to LDAP server timed out
2026-06-24T20:47:27+02:00 \[1:mail1:dovecot\] indexer-worker(user1)<84628><>: Error: auth-master: userdb lookup(user1): Auth USER lookup failed
2026-06-24T20:47:27+02:00 \[1:mail1:dovecot\] indexer-worker(84628): Error: conn unix:indexer-worker (pid=84627,uid=90): User user1 lookup failed: Internal error occurred. Refer to server log for more information.
2026-06-24T20:47:27+02:00 \[1:ldapproxy1:ldapproxy\] 2026/06/24 18:47:27 \[info\] 25#25: \*33379 client 127.0.0.1:38580 connected to 127.0.0.1:20000
2026-06-24T20:47:29+02:00 \[1::promtail\] ts=2026-06-24T18:47:29.23426925Z level=info msg=“reporting Alloy stats” date=2026-06-24T18:47:29.234Z
2026-06-24T20:47:29+02:00 \[1::promtail\] ts=2026-06-24T18:47:29.258462864Z level=info msg=“failed to send usage report” retries=0 err=“Post "https://stats.grafana.org/alloy-usage-report\”: tls: failed to verify certificate: x509: certificate is valid for autoconfig.domain.tld, mail.domain.tld, mail.valhall.domain.tld, mist.valhall.domain.tld, smtp.domain.tld, smtp.valhall.domain.tld, webmail.domain.tld, webtop.domain.tld, not stats.grafana.org"
2026-06-24T20:47:31+02:00 \[1::promtail\] ts=2026-06-24T18:47:31.290979691Z level=info msg=“failed to send usage report” retries=1 err=“Post "https://stats.grafana.org/alloy-usage-report\”: tls: failed to verify certificate: x509: certificate is valid for autoconfig.domain.tld, mail.domain.tld, mail.valhall.domain.tld, mist.valhall.domain.tld, smtp.domain.tld, smtp.valhall.domain.tld, webmail.domain.tld, webtop.domain.tld, not stats.grafana.org"
2026-06-24T20:47:34+02:00 \[1::promtail\] ts=2026-06-24T18:47:34.845261929Z level=info msg=“failed to send usage report” retries=2 err=“Post "https://stats.grafana.org/alloy-usage-report\”: tls: failed to verify certificate: x509: certificate is valid for autoconfig.domain.tld, mail.domain.tld, mail.valhall.domain.tld, mist.valhall.domain.tld, smtp.domain.tld, smtp.valhall.domain.tld, webmail.domain.tld, webtop.domain.tld, not stats.grafana.org"
2026-06-24T20:47:36+02:00 \[1:mail1:dovecot\] auth: Error: auth-worker: Aborted USER request for admin: Lookup timed out
2026-06-24T20:47:36+02:00 \[1:mail1:dovecot\] auth-worker(84634): Error: ldap(/etc/dovecot/passdb.conf.ext): Initial binding to LDAP server timed out
2026-06-24T20:47:36+02:00 \[1:mail1:dovecot\] auth-worker(84634): Error: ldap(/etc/dovecot/userdb.conf.ext): Initial binding to LDAP server timed out
2026-06-24T20:47:36+02:00 \[1:mail1:dovecot\] imap(84633): Error: auth-master: login: request \[4194172929\]: Login auth request failed: Internal auth failure (auth connected 60036 msecs ago, request took 60036 msecs, client-pid=84632 client-id=1)
2026-06-24T20:47:36+02:00 \[1:mail1:dovecot\] auth-worker(84634): Warning: conn unix:auth-worker (pid=83359,uid=90): Auth master disconnected us while handling request for admin for 60 secs (result=FAIL)
2026-06-24T20:47:36+02:00 \[1:mail1:dovecot\] imap-login: Disconnected: Internal login failure (pid=84632 id=1): user=, method=PLAIN, rip=10.5.4.1, lip=10.5.4.1, mpid=84633, secured, session=