#dominoforever | Product Ideas Portal

 

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Make the POP3/IMAP services work well with LDAP authentication (Directory Assistance)

Domino supports LDAP authentication for HTTP. For this to work one simply needs to link ie ActiveDirectory LDAP to Domino using Directory Assistance. With this link (and some name-mapping) users are able to use their e-mail and AD password to authenticate to Domino HTTP.  Nice!
We should be able to use the AD credentials for other internet protocols as well. However, testing shows that:
SMTP AUTH works
POP3/IMAP fail to find the users mailbox (lookups for mail-server/mailbox are done in ldap):
- POP3: -ERR The system was unable to log ... in.  Maildrop (file ) can not be located or opened.  Please contact your POP3 administrator.
- IMAP: ? NO LOGIN failure, cannot locate mail file or mail file not specified
  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Feb 3 2020
  • Likely to implement
Domino / Integration
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    27 Aug, 2020 04:09pm

    For those looking to have IMAP working with external LDAP "NOW" Matteo's post is useful: https://blog.msbiro.net/2015/04/ibm-domino-901-vs-imap-email-access-ldap.html

    ×

    Attachments Open full size

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    27 Aug, 2020 04:05pm

    We look forward to have IMAP and POP3 do "the right thing".

    If Directory Assistance is enabled with LDAP

    If Name mapping is in place

    Then lookup mailfile/server/domain from person document and not from LDAP.

    This will save us a lot of syncing between person docs and external LDAP.

    I look forward to see this happen !!!

    [Daniele Vistalli, Factor-y S.r.l.]

    ×

    Attachments Open full size

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    9 Jul, 2020 10:14pm

    We are suffering from the same issue, and have not found a workaround yet for IMAP/SMTP.

    The remote directory we need to use is not AD, but another 3rd party directory provider.

    [Toni Feric, Belsoft Collaboration]

    ×

    Attachments Open full size

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    19 Feb, 2020 08:22am

    Providing the Notes hierarchical username in an ActiveDirectory attribute, and mapping that attribute in DirAss does not work. POP3 and IMAP simply fail to lookup the mailserver/mailfile in the Domino NAB; they lookup this info in the LDAP directory. This can be seen with name-lookup debugging enabled.

    ×

    Attachments Open full size

  • Admin
    Thomas Hampel commented
    18 Feb, 2020 10:58pm
    True, the LDAP objext (=user object) needs to have the mailserver/filename attributes for this to work.
    I think this can be worked around by using the ldap config as described here https://blog.thomashampel.com/blog/tomcat2000.nsf/dx/moving-from-passwords-to-singlesignon-part-1.htm
    look at the section titled prerequisites
    ×

    Attachments Open full size

Related ideas