Chapter 10  Mapping users from directory services

Table of Contents

10.1  Active Directory
10.1.1  Setting mapping in the administration interface
10.1.2  Kerio Active Directory Extension
10.2  Apple Open Directory
10.2.1  Setting mapping in the administration interface
10.2.2  Kerio Open Directory Extension

Kerio MailServer can also work with accounts or groups that are managed through an LDAP database (currently, the Microsoft Corporation“sActive Directory as well as Apple OpenDirectory database are supported). The benefits are as follows:

Example: A company uses a Windows 2000 domain with Active Directory as well as Kerio MailServer. A new employee was introduced to the company. This is what has been done until now:

  1. A new account has been created in Active Directory.

  2. The user has been imported to Kerio MailServer (or an account using the same name has been created and this name was verified by the Kerberos system).

  3. Within the user creation or later, user information (full name and email address) has been added to the public contact folder.

If LDAP database is used, only the step 1 would be followed.

Note: Kerio MailServer allows internally managed user accounts (stored in LDAP database) to be added within the same email domain as Active Directory users. This can be helpful when creating an administrator account that will be available even when the directory server cannot be accessed.