Set up LDAP Mailbox Sync Details
In order to synchronize a domain's mailboxes and email aliases with LDAP, you need to add your LDAP server connection details at the Domain Level for each domain.
- At the Domain Level, select General - LDAP mailbox sync to display the Configuration tab
- In the Connection settings section:
- Enter the Host - the hostname or IP address that points to your LDAP server e.g.
exchange.domain1.invalid - Enter the Port (the default ports are LDAP (389), LDAPS (636))
- If you want to use TLS to connect, tick the checkbox
- Enter the Host - the hostname or IP address that points to your LDAP server e.g.
- In the Login settings section
- Enter the Username / bind DN
- Password of the username that can access the LDAP server
- Enter the Base DN - the search base for the LDAP query e.g.
dc=domain1, dc=invalid - Use the Synchronisation switch to toggle whether you want to enable or disable LDAP Mailbox Sync without having to delete the configuration added to this page
- Choose how often you want the filtering server to check the LDAP server for changes, from the Sync every dropdown:
- Recommended (Every day)
- 4 hours
- 12 hours
- Day
- 2 days
- 5 Days
- Optionally, click on Show advanced settings. and add the following:
- Use the Filter field to narrow the list of directory entries that should be synchronized with the LDAP server
For example:
(&(!(mail=health*))(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))to exclude Health Mailboxes and disabled accountsThe filters are based on Python's regular expression (regex) syntax. For more information on regular expressions, we recommend using an online regex checker tool to ensure any expression created is correct before applying it in Mail Assure).
- Allow updates - If you want to allow the LDAP sync to update users that have already been synchronised
- Allow deactivations - If you want accounts to be removed from the Mail Assure Control Panel when they no longer exist on the LDAP server
- Use the Filter field to narrow the list of directory entries that should be synchronized with the LDAP server
-
If you use non-standard attributes in your AD you might need to add a custom mapping, see Set up Custom LDAP Mapping Rules
- Click Save
- If you want to view what changes will be made in the next sync, click on the Save and Test button
If you want to clear the configuration so LDAP Mailbox Sync is no longer used, click on the Clear button and then on Save.
LDAP Sync Preview
The LDAP Sync Preview page allows you to preview LDAP sync changes (e.g. mailbox/aliases added, removed and updated) and perform a manual LDAP sync immediately or at a scheduled time.
- In the Domain Level Control Panel select General - LDAP Mailbox Sync
- In the Configuration tab, click on the Save & Test button at the bottom of the page to open the LDAP Sync Preview dialog
- If you want to run the sync manually, click on the Save & sync now button at the bottom of the page
- If you want to schedule the sync at a later time, click Save & sync later to save the sync settings in the previous LDAP mailbox sync page and run the sync at the scheduled time
A summary table shows the number of mailboxes and aliases that will be added, removed or updated when the sync is performed.