LDAP mapping rules can be used to link LDAP attributes to Mail Assure control panel mailboxes or aliases. The Default Mappings remove the need for users to configure mappings themselves, thereby making configuring LDAP synchronisation simpler.
For each defined mapping, the specified attribute will be retrieved from the LDAP server, and matched against the provided regular expression. The match groups from the expression are then used in the formatter to provide the mailbox or alias in the control panel.
Custom LDAP Mapping
The Default Mapping tab in the General - LDAP Mailbox Sync page includes the most common methods of linking LDAP attributes to Control Panel mailboxes or email aliases.
To view the Default Mappings already set up for your system, click on Show Results.
You can also define your own set of custom mapping rules to link LDAP attributes to your mailboxes or aliases.
- In the Admin or Domain Level Control Panel, select General - LDAP Mailbox Sync
- Click on the Mapping tab
- Click Add mapping to open the Add a new mapping dialog
- Choose the Type of mapping - either Mailbox, Alias, Username, Distribution list or Shared Mailbox
- Select the Domain you want to map
- In the Attribute field enter the LDAP Attribute that contains the email address/alias - e.g. userPrincipalName
- Enter the Regular expression you want to use to find matches for the attribute you entered e.g.
^(.*)@domain.invalid - In the Formatter field, a string that will transform the matched value into an email address - e.g.
{} - Click Save
In some environments, where the LDAP username is required to sign in to the system, some users are unaware of their username and expect to use their email address. The Username mapping allows the users to sign in with their email address while the system authenticates using the LDAP username.
Default Mappings
A default mapping is provided in the Default Mapping tab for newly added domains, so, if your LDAP server is configured to standard, and you’re using the default mapping, your distribution lists are picked up automatically.
There are 5 rules configured within Default Mapping:
| Type | Attribute | Regular Expression | Meaning |
|---|---|---|---|
| Alias | ProxyAddress | ^(?)smtp:(.*)@.* | This looks at the universal proxyAddresses field in LDAP, which exchange servers use to list all a mailboxes assigned addresses. |
| Distribution List | objectClass | .*(group).* | This will pull in from LDAP/AD, all objects assigned the group objectClass. These will be marked as distribution lists in Mail Assure, causing incoming filtering to be non-billable. |
| Shared Mailbox | msExchRecipientDisplayType | (0|-2147483642)$ | Any mailbox where the msExchRecipientDisplayType ends in '2147483642' (which is an exchange server unique attribute for mail enabled shared mailboxes) is recognized as a shared mailbox and marked as non-billable for both incoming and outgoing filtering. |
| Mailbox | mailNickname | ^(.*)$ | This will pull in the primary address for a mailbox in the system, from the “mail” LDAP attribute. If a mailbox does not have this value, it will not be imported. |
| Username | userPrincipalName | ^(.*)$ | This looks for the users local username to the LDAP server (not an email address). This is then stored for later use, if LDAP authentication is to be used. This value allows disparate naming conventions to be used for email and local usernames. |