You want to configure GFI MailEssentials Online (MEO) to sync its users and email aliases with your AD and Exchange.
You need to configure MEO for this and also allow access by MEO to your AD DC through the firewall.
Enable and Configure LDAP Synchronization
Note: you will need to verify that in the firewall/router that you have port 389 allowed and forwarded to the Domain Controller for this to work. Also you will need to create a service account user for authentication to the server that is a member of Domain Users Group.
- Open GFI Mail Essentials online and log in https://mail.controlnow.com/login/index.jsp?url=%2Findex.jsp
- Click View/manage my organizations
- Locate the client that you need to enable this for and click on manage domains next to their name under actions
- Select the users tab and click the Synchronization (LDAP,ECT.) link on the left under user management
- Select LDAP synchronization as you Synchronization method
- For the LDAP Connection Settings put the external IP of the clients DC for host
- For the Port put 389
- Don’t use SSL to connect unless it is enabled
- For LDAP Login/Query Settings you will need to put in the BINDDN (LDAP user name) to find this use the following command at the command prompt. dsquery user –name <account you set up for LDAP>
- Put in the password associated with this user account in the password section
- Select the interval you would like the sync to occur.
- Put in the BASEDN this is the domain ex. If you domain is xxxx.local then you BASEDN is dc=xxxx,dc=local
- For Override Existing Records section allow updates and deactivations as this will ensure that changes to AD will be reflected in MEO
- For Advanced LDAP Query Settings click the Prepopulate the filter and attribute settings below based on my LDAP server type link and it will fill in the correct information in the space below.
- Now click on the preview and save changes button on the bottom left.
- The preview will generate a preview of all the user email account on the server. Look through it and verify that it is collecting the data you need.Now click on the save configuration button on the bottom right.
- The users will not populate under the users tab until the sync interval that you selected in step 11 has passed.
Be sure to fully test end-to-end mail flow!