elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update active.directory.html.

This commit is contained in:
Zhang Huangbin 2020-05-05 10:33:18 +08:00
parent a76480c70d
commit a86a8db91c
2 changed files with 33 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
en_US/integrations/active.directory.md
View File

@ -9,7 +9,7 @@ __NOTES__:
accounts with Active Directory management tools.
* This tutorial has been verified on Windows Server 2000, 2003, 2008, 2012,
2016, if you tested it on other versions and works well, please let us
2016, 2019, if you tested it on other versions and works well, please let us
know. [Contact us](https://www.iredmail.org/contact.html)
## Summary
@ -102,6 +102,22 @@ If you're using LDAPS, replace `-h ad.example.com` by
Enter password: password_of_vmail
```
If LDAPS doesn't work, you may need to update parameter `TLS_CACERT` in
`/etc/openldap/ldap.conf` (RHEL/CentOS) or `/etc/ldap/ldap.conf` to use correct CA
certificate. For example:
- on CentOS: use `/etc/pki/tls/certs/ca-bundle.trust.crt`:
```
TLS_CACERT /etc/pki/tls/certs/ca-bundle.trust.crt
```
- on Debian/Ubuntu, use `/etc/ssl/certs/ca-certificates.crt`:
```
TLS_CACERT /etc/ssl/certs/ca-certificates.crt
```
### Enable LDAP query with AD in Postfix
Disable unused iRedMail special settings:

17
html/active.directory.html
View File

@ -46,7 +46,7 @@
</li>
<li>
<p>This tutorial has been verified on Windows Server 2000, 2003, 2008, 2012,
2016, if you tested it on other versions and works well, please let us
2016, 2019, if you tested it on other versions and works well, please let us
know. <a href="https://www.iredmail.org/contact.html">Contact us</a></p>
</li>
</ul>
@ -136,6 +136,21 @@ Enter password: password_of_vmail
Enter password: password_of_vmail
</code></pre>
<p>If LDAPS doesn't work, you may need to update parameter <code>TLS_CACERT</code> in
<code>/etc/openldap/ldap.conf</code> (RHEL/CentOS) or <code>/etc/ldap/ldap.conf</code> to use correct CA
certificate. For example:</p>
<ul>
<li>on CentOS: use <code>/etc/pki/tls/certs/ca-bundle.trust.crt</code>:</li>
</ul>
<pre><code>TLS_CACERT /etc/pki/tls/certs/ca-bundle.trust.crt
</code></pre>
<ul>
<li>on Debian/Ubuntu, use <code>/etc/ssl/certs/ca-certificates.crt</code>:</li>
</ul>
<pre><code>TLS_CACERT /etc/ssl/certs/ca-certificates.crt
</code></pre>
<h3 id="enable-ldap-query-with-ad-in-postfix">Enable LDAP query with AD in Postfix</h3>
<p>Disable unused iRedMail special settings:</p>
<pre><code class="shell">postconf -e virtual_alias_maps=''