Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 7 subscribers
  • Views 12711 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.508-10: Recipient varification with Active Directory still not working?

Franky83

Hi,

i have tried recipient verification with Active Directory, but that isn't working. I tried several ports (636, 389, 3268,3269) with Domain Controllers IP and FQDN, but i always get the following warning in the SMTP Live Log:

Warning: ACL "warn" statement skipped: condition test deferred: failed to bind the LDAP connection to server DOMAINCONTROLLERIP:636 - ldap_bind() returned -1

I can successfully test server connection and authenticate a user, but recipient verification is still not working. Any ideas?

Regards,

Frank



This thread was automatically locked due to age.
  • 0

    Exchange Server must be the AD server to query i think. Primary DC doesnt have information for mailboxes

  • 0 in reply to Ol Deda

    Unknown said:
    Exchange Server must be the AD server to query i think. Primary DC doesnt have information for mailboxes

    This is not correct! Mailboxes are also linked with the user account in AD... This is also said in webadmin description for this feature.

     

    We use this feature already before 9.506 so it'sworking now. We'll not update to 9.508 at the moment...

     

    regards

     

  • 0 in reply to SWeissflog

    Hi,

    thanks for your replies. AD recipient verification was already failing before 9.508-10. I think it has something to do with SSL settings. My domain controller is using a self signed certificate, could it be a problem, that the UTM can't validate the certificate? I don't wan't to use LDAP instead of LDAPs. Do you know a logfile on the UTM which give me a little bit more informations?

    regards,

    Frank

  • 0 in reply to Franky83

    Just give it a short try, if it's working without encryption. This would give you the right direction for further steps. Some time ago UTM had problems with LDAPs.

    Best

    Alex

    -

  • 0 in reply to Alexander Busch

    Wasn't this a bug (on more than one occasion) and you simply re-entered the details in again and it worked?

  • 0 in reply to SWeissflog

    On 9.508 for two days.  No problem with Recipient Verification in Active Directory.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    Just tested for the first time. No more emails for Group  "Disabled Users". I putted both AD Servers in Availability Group, just in case of Failure

    Maybe you have misconfigured the Server "Base DN:" that should match the group of users with mail addresses, Example:

    CN=Users,DC=COMPANY,DC=local 

     

     

    The same mus be in Recipient Verification

    Verify recipients:  In Acive Direcory

    Alternative Base DN: CN=Users,DC=COMPANY,DC=local   

     

  • 0

    Been on 9.508 since soft release, also have no problems, but run normal LDAP without LDAPS.

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Architect

  • 0 in reply to twister5800

    Hi @ all,

    tanks for your replies.

    I have configured the Domain Controller to accept plain LDAP connections. Now recipient verification is working. If I switch back to LDAPS, recipient verification is not working. Any ideas why LDAPS is not working with recipient verification? User authentication is working with LDAPS.

    regards,

    Frank

Unfiltered HTML