GFI Software

Welcome to the GFI Software community forum! For support please open a ticket from https://support.gfi.com.

Home » GFI User Forums » Kerio Connect » 2 Kerio Connect Server syncing users from 1 AD Issue (Users are created in both servers once the email is enabled in KADE)
2 Kerio Connect Server syncing users from 1 AD Issue [message #149897] Thu, 17 June 2021 04:27
augustoferreira is currently offline  augustoferreira
Messages: 4
Registered: August 2020
Hi All,

We are experiencing an issue with a customer.

The scenario:
They have two email domains (example): financeweek.com (Defined in Kerio Connect server 1 - KC1 - 300 real users) and financeday.com (Defined in Kerio Connect server 2 - KC2 - 100 real users). Their Windows domains is financecorp.net (Domain Controller - DC). Kerio Active Directory Connector (KADE) is installed in DC. In both KC servers, Directory Service is configured equally in both servers for each email domain.

The problem:
Once we activate a mailbox for a user mapped from Active Directory (AD) in KC1, a mailbox is created in KC2. If we enable the mailbox in DC, in the Kerio Connect Connector tab in user's properties, the user is created in both servers. This is undesired.

We know that if he had a good organization in his AD, that would be easy to fix (example: OU= financeweek, DC= financecorp DC= net and OU= financeday, DC= financecorp DC= net) but that is not how it is organized. It is like financeday is a child of financeweek. So if would be like OU= financeday, OU= financeweek, DC= financecorp DC= net. So to make it work for KC1, we would need to get all users and exclude the ones that are in financeday. And for financeday it would be easier to fix if it wasn't also split (real scenario would look more like OU= financeday,OU=monday/tuesday/wednesday OU= financeweek, DC= financecorp DC= net, so there are many small groups to be added). So we would need to have a way to select only the specific users/groups to be added/excluded in the mapping.


The questions:
Has someone faced this issue before? How was it solved?
In this customer we should forget the option to fix their AD infrastructure. It must be solved within Kerio Connect.

Is there a way tune KADE to let it know if we want to create the mailbox in one server or the other? Is there a way to add multiple UserBaseDn variables and exclude others from the mapping?


If we don't have a solution, there is a technical issue (mailboxes being created without the intention) and a commercial issue (300 + 100 = 400 users. Both server would have to be licensed for 400 users instead of 300 and 100 users).

Any help is welcome.

Augusto Ferreira
FCBrasil


Previous Topic: Outlook for iOS and Connect
Next Topic: Folders with diacritics missing in Outlook
Goto Forum:
  


Current Time: Sun Sep 25 01:52:16 CEST 2022

Total time taken to generate the page: 0.02065 seconds