In order to synchronize a domain's mailboxes and email aliases with LDAP, you need to configure the connection to the LDAP server in Mail Assure at the Domain Level, one at a time for each domain.
- Login to Mail Assure as the Domain Level user, or as an Admin Level user, then navigate into the domain via the Domains Overview page
- Once in the Domain Level Control Panel, navigate to General > LDAP mailbox sync
- Ensure you are viewing the Configuration tab
- In the Connection settings section enter:
- Host - the hostname or IP address that points to your LDAP server e.g.
exchange.domain1.invalid - Port - the port used for the LDAP server, the default ports are:
- LDAP (389)
- LDAPS (636)
- TLS - If you want to use TLS to connect, tick the checkbox
- Host - the hostname or IP address that points to your LDAP server e.g.
- In the Login settings section enter:
- Username / bind DN - the username of the login credentials to access the LDAP server
- Password - the password of the username that can access the LDAP server
- Base DN - the search base for the LDAP query e.g.
dc=domain1, dc=invalid - Synchronisation - toggle this switch to set whether you want to enable or disable LDAP Mailbox Sync
- Sync Frequency - if Synchronisation is enabled, choose how often you want the filtering server to check the LDAP server for changes:
- Recommended (Every day)
- 4 hours
- 12 hours
- Every Day
- Every 2 Days
- Every 5 Days
- Optionally, click on Show advanced settings where you can add:
- Filter - enter a filter to execute on the LDAP server to narrow down the list of directory entries that should be synchronised with the LDAP server.
For example to exclude Health Mailboxes and disabled accounts:
(&(!(mail=health*))(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
The filters are based on Python's regular expression (regex) syntax. For more information on regular expressions, we recommend using an online regex checker tool to ensure any expression created is correct before applying it in Mail Assure).
- Allow updates - enable if you want to allow the LDAP sync to update users that have already been synchronised
- Allow deactivations - enable if you want accounts to be removed from the Mail Assure Control Panel when they no longer exist on the LDAP server
- Filter - enter a filter to execute on the LDAP server to narrow down the list of directory entries that should be synchronised with the LDAP server.
- Click Saveor Save and Test if you want to preview the changes that will be made in the next sync
If you want to clear the configuration so LDAP Mailbox Sync is no longer used, click on the Clear button and then on Save.
If you use non-standard attributes in your AD you might need to add a custom mapping, see LDAP Mapping Rules
LDAP Sync Preview
The LDAP Sync Preview feature allows you to preview LDAP sync changes (e.g. mailbox/aliases added, removed and updated) and perform a manual LDAP sync immediately or at a scheduled time.
- In the Domain Level Control Panel select General - LDAP Mailbox Sync
- In the Configuration tab, click on the Save & Test button at the bottom of the page to open the LDAP Sync Preview dialog
- If you want to run the sync manually, click on the Save & sync now button at the bottom of the page
- If you want to schedule the sync at a later time, click Save & sync later to save the sync settings in the previous LDAP mailbox sync page and run the sync at the scheduled time
A summary table shows the number of mailboxes and aliases that will be added, removed or updated when the sync is performed.