Update active.directory.html.
This commit is contained in:
parent
a76480c70d
commit
a86a8db91c
|
@ -9,7 +9,7 @@ __NOTES__:
|
|||
accounts with Active Directory management tools.
|
||||
|
||||
* This tutorial has been verified on Windows Server 2000, 2003, 2008, 2012,
|
||||
2016, if you tested it on other versions and works well, please let us
|
||||
2016, 2019, if you tested it on other versions and works well, please let us
|
||||
know. [Contact us](https://www.iredmail.org/contact.html)
|
||||
|
||||
## Summary
|
||||
|
@ -102,6 +102,22 @@ If you're using LDAPS, replace `-h ad.example.com` by
|
|||
Enter password: password_of_vmail
|
||||
```
|
||||
|
||||
If LDAPS doesn't work, you may need to update parameter `TLS_CACERT` in
|
||||
`/etc/openldap/ldap.conf` (RHEL/CentOS) or `/etc/ldap/ldap.conf` to use correct CA
|
||||
certificate. For example:
|
||||
|
||||
- on CentOS: use `/etc/pki/tls/certs/ca-bundle.trust.crt`:
|
||||
|
||||
```
|
||||
TLS_CACERT /etc/pki/tls/certs/ca-bundle.trust.crt
|
||||
```
|
||||
|
||||
- on Debian/Ubuntu, use `/etc/ssl/certs/ca-certificates.crt`:
|
||||
|
||||
```
|
||||
TLS_CACERT /etc/ssl/certs/ca-certificates.crt
|
||||
```
|
||||
|
||||
### Enable LDAP query with AD in Postfix
|
||||
|
||||
Disable unused iRedMail special settings:
|
||||
|
|
|
@ -46,7 +46,7 @@
|
|||
</li>
|
||||
<li>
|
||||
<p>This tutorial has been verified on Windows Server 2000, 2003, 2008, 2012,
|
||||
2016, if you tested it on other versions and works well, please let us
|
||||
2016, 2019, if you tested it on other versions and works well, please let us
|
||||
know. <a href="https://www.iredmail.org/contact.html">Contact us</a></p>
|
||||
</li>
|
||||
</ul>
|
||||
|
@ -136,6 +136,21 @@ Enter password: password_of_vmail
|
|||
Enter password: password_of_vmail
|
||||
</code></pre>
|
||||
|
||||
<p>If LDAPS doesn't work, you may need to update parameter <code>TLS_CACERT</code> in
|
||||
<code>/etc/openldap/ldap.conf</code> (RHEL/CentOS) or <code>/etc/ldap/ldap.conf</code> to use correct CA
|
||||
certificate. For example:</p>
|
||||
<ul>
|
||||
<li>on CentOS: use <code>/etc/pki/tls/certs/ca-bundle.trust.crt</code>:</li>
|
||||
</ul>
|
||||
<pre><code>TLS_CACERT /etc/pki/tls/certs/ca-bundle.trust.crt
|
||||
</code></pre>
|
||||
|
||||
<ul>
|
||||
<li>on Debian/Ubuntu, use <code>/etc/ssl/certs/ca-certificates.crt</code>:</li>
|
||||
</ul>
|
||||
<pre><code>TLS_CACERT /etc/ssl/certs/ca-certificates.crt
|
||||
</code></pre>
|
||||
|
||||
<h3 id="enable-ldap-query-with-ad-in-postfix">Enable LDAP query with AD in Postfix</h3>
|
||||
<p>Disable unused iRedMail special settings:</p>
|
||||
<pre><code class="shell">postconf -e virtual_alias_maps=''
|
||||
|
|
Loading…
Reference in New Issue