#dominoforever | Product Ideas Portal

 

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Make the POP3/IMAP services work well with LDAP authentication (Directory Assistance)

Domino supports LDAP authentication for HTTP. For this to work one simply needs to link ie ActiveDirectory LDAP to Domino using Directory Assistance. With this link (and some name-mapping) users are able to use their e-mail and AD password to authenticate to Domino HTTP.  Nice!
We should be able to use the AD credentials for other internet protocols as well. However, testing shows that:
SMTP AUTH works
POP3/IMAP fail to find the users mailbox (lookups for mail-server/mailbox are done in ldap):
- POP3: -ERR The system was unable to log ... in.  Maildrop (file ) can not be located or opened.  Please contact your POP3 administrator.
- IMAP: ? NO LOGIN failure, cannot locate mail file or mail file not specified
  • Guest
  • Feb 3 2020
  • Likely to implement
  • Attach files
  • Guest commented
    6 Oct 09:01am

    We have set up an HTMO server, url: http://outlook.acme.com


    All productive users use Active Directory LDAP to authenticate at the Domino web applications (e.g. Verse) - set up on the Domino via Directory Assistance.


    When I open http://outlook.acme.com in a browser, I can log in.

    BUT with Outlook, with the HTMO 301 client, I cannot set up the account with http://outlook.acme.com.

    I have to set an internet password for the HTMO use, to get it work.


    This is very annoying

  • Guest commented
    27 Aug, 2020 04:09pm

    For those looking to have IMAP working with external LDAP "NOW" Matteo's post is useful: https://blog.msbiro.net/2015/04/ibm-domino-901-vs-imap-email-access-ldap.html

  • Guest commented
    27 Aug, 2020 04:05pm

    We look forward to have IMAP and POP3 do "the right thing".

    If Directory Assistance is enabled with LDAP

    If Name mapping is in place

    Then lookup mailfile/server/domain from person document and not from LDAP.

    This will save us a lot of syncing between person docs and external LDAP.

    I look forward to see this happen !!!

    [Daniele Vistalli, Factor-y S.r.l.]

  • Guest commented
    9 Jul, 2020 10:14pm

    We are suffering from the same issue, and have not found a workaround yet for IMAP/SMTP.

    The remote directory we need to use is not AD, but another 3rd party directory provider.

    [Toni Feric, Belsoft Collaboration]

  • Guest commented
    19 Feb, 2020 08:22am

    Providing the Notes hierarchical username in an ActiveDirectory attribute, and mapping that attribute in DirAss does not work. POP3 and IMAP simply fail to lookup the mailserver/mailfile in the Domino NAB; they lookup this info in the LDAP directory. This can be seen with name-lookup debugging enabled.

  • Admin
    Thomas Hampel commented
    18 Feb, 2020 10:58pm
    True, the LDAP objext (=user object) needs to have the mailserver/filename attributes for this to work.
    I think this can be worked around by using the ldap config as described here https://blog.thomashampel.com/blog/tomcat2000.nsf/dx/moving-from-passwords-to-singlesignon-part-1.htm
    look at the section titled prerequisites