Product » A free email server for Windows and Linux » Knowledge Base

Document information

Document ID: 4680
Subject: Active Directory Integration in Xeams
Creation date: 12/14/15 4:35 PM
Last modified on: 8/10/18 10:26 AM


Active Directory Integration LDAP

Integrating Active Directory or any LDAP server is an important feature in Xeams that has several benefits. For example:

  • A new user needs to be created
  • To authenticate existing users
  • Reject invalid users when accepting inbound emails
  • To confirm if an incoming email belongs to a valid user

Important

Older versions of Xeams only used to work with Microsoft Active Directory. Therefore, you will see references to AD rather than LDAP in some documentation. The latest version can work with other LDAP server, Zimbra, besides AD.

Steps to enable Active Directory

  • Login as admin
  • Click Active Directory Integration under Server Configuration
  • Fill in the form on the following page. The fields are:
    • Enable AD Integration: None of the other fields matter if this is NOT checked
    • Inherit from local user: If checked, white/black list will be copied from local user to the newly created AD user. The local user will be removed.
    • Integrate Users: Check if you want Xeams to create users based on AD. Read below for more details.
    • Reject Invalid Users: If checked, recipients email is validated with AD before accepting an incoming email.
    • Auto-Sync associated emails: Xeams will automatically pull other email addresses belonging to this user.


To create one or more LDAP directories, click the Add Directory button while selecting the appropriate LDAP directory next to it.

Pulling users from an LDAP server

  • Click Active Directory Integration under Server Configuration
  • Click the user icon ( ) next your desired LDAP server
  • Follow instructions on the page to create users

Creating and authenticating new users

Xeams will create new user accounts automatically when AD integration is enabled AND the check box for Integrate Users is checked (see above). No additional steps are required for user creation. Consider the following scenario as an example:
  • This is a new install and no users exist in Xeams
  • A user named John Doe, who has a valid account in your AD tries to connect to Xeams's Admin Console. John's User ID is john.doe
  • He puts john.doe for login ID and his password to connect in Xeams.
  • Upon a successful authentication through AD, Xeams will automatically create an account for John in Xeams. Note: Ensure a valid email address is associated with John's account in your AD. Xeams will pull his email and automatically create an association with this new account.
  • Xeams will NOT store John's password. Whenever a password is needed, Xeams will query AD.
  • From now on, John can use his AD credentials to login to Xeams' Admin Console.

Rejecting invalid users

If you use the Regular SMTP server to receive inbound emails, Xeams can query AD before accepting emails. This reduces the number of overall email accepted by Xeams since invalid users will be rejected right at the door step. One additional benefit is that Xeams will not have to generate an NDR (non-delivery report) for this message. It is the responsibility of the sending SMTP server to generate an NDR.

To enable this feature, check Reject Invalid Users under Server Configuration/Active Directory Integration

NOTE: When using SMTP Proxy Server to receive inbound emails, you must check Use Active Directory box under SMTP Proxy Configuration

Using SSL LDAPS

If your Active Directory supports SSL, specify :636 at the end of your Active Directory host name. You must use a correctly signed and trusted SSL certificate for LDAPS to work.



Add a comment to this document

Do you have a helpful tip related to this document that you'd like to share with other users?

Important: This area is reserved for useful tips. Therefore, do not post questions here. Instead, use our public forums to post questions.