The connection of a Microsoft Exchange Server is described in detail in the article Microsoft Exchange

Die Authentisierung wird generell gemäß der Beschreibung im Artikel Authentisierung durchgeführt.

If users are to log in with their Active Directory accounts, authentication is configured via LDAP Bind against Active Directory. For this to work, the LDAP authentication module may need to be activated via a symbolic link in the authentication stack directory.

ln -s /usr/lib/benno-web/benno_ldapauth /etc/benno-web/auth.d/

To authenticate against the LDAP directory of an Active Directory domain, a user with read permissions on the directory is required in Active Directory. Before the actual authentication, this user performs a search of the directory and determines the full distinguished name (DN) of the user to be authenticated.

Active Directory sieht per Default keine E-Mail Alias Adressen für die Benutzer vor. Mit der Aktivierung des Attributs proxyAddresses im ActiveDirectory können die Aliase im AD LDAP gespeichert werden. Die Aktivierung erfolgt automatisch mit Installation eines MS Exchange Servers oder kann auch wie in der Microsoft Technet Dokumentation beschrieben manuell durchgeführt werden.

In der Datei /etc/benno-web/ldapauth.conf werden die Daten für den Domänencontroller eingetragen.

For Active Directory, a minimal configuration is required as follows:

# LDAP host host = dc1.badiburg.lw-systems.net # LDAP Base DN basedn = dc=lw-systems,dc=net # username attribute userattr = sAMAccountName # objectClass for all users objectClass = user # enable tls if true #tls = false # bind with this user for search operations (<username>@<windows-domain>) binddn = benno@lw-systems.net # Password of the bind user password = secret # email attribute email = mail # email alias attribute (with proxyAddresses attribute enabled or MS Exchange Schema extensions installed) alias = proxyAddresses # List of username who will always assigned the admin role adminuser = administrator