I’m trying to build following configuration:
- MS AD on Windows SBS2003 (yes, it’s deep legacy, that’s why slowly moving from it)
- UCS as MS AD member (still member, but if it’s ok we’re planning to make it PDC)
- MS AD domain domain0 .local, NETBIOS name DOMAIN0
- MS AD email domain domain0 .com (space is because “new user can not put more than two links in a post”)
- UCS email domain domain1 .com (when we will migrate, the goal is multihome UCS server with possibility to send messages both from domain0 .com and from domain1 .com, while storing messages in a single storage)
- UCS upon installation is configured with the name new-pdc. domain0. local
- DNS records seems to be OK on UCS
- UCS is NATed perfectly from external network
- users have their primary email address set on domain0 .com and this cannot be changed on UCS
- UCS is set with Mail domain domain1 .com
- users must be able to receive on their domain0 .com on MS AD and on domain1 .com on UCS
So, when I nslookup to UCS server and look for domain1 .com, it points me to UCS server. This means that if an external connection is looking for mail exchanger for domain1 .com, it finds UCS (as it is perfectly NATed) and a message to a username@ domain1 .com is successfully delivered. Further UCS will forward immediately the message to MS AD Exchange server. I guess this is due to the fact that username’s primary address is username@ domain0 .com. If I login via WebApp and send myself a message the same happens. So, on UCS no message will remain. Update: But this can be corrected if I set domain0 .com on UCS in Domain/Mail module along with domain1 .com.
Other behavior that don’t suite my configuration is that Kopano won’t authenticate/authorize a user over SMTP at all, although IMAP is OK. I’m not proficient and think that this happens on Postfix level, but I can’t understand how this can be worked on UCS.
I was advised to authenticate with primary email address instead of ADdomain\username (or username@ ADdomain), but this didn’t work.
So, is it possible to make Kopano not forward the messages to MS AD and leave them on UCS and also authenticate users on SMTP?
n.b. To be mentioned, the goal is to build a multihome LDAP server with 2 (may be 3) email domains delivering to a single email storage, with possibility of sending from addresses in two different email domain. UCS seemed to be perfect for a SOHO, but it looks like it’s not that simple to achieve this.
Any help is highly appreciated!