Mail server + ADS

[froggo]

Hi my company currently has a W2k box running exchange with about 300+ users, and the problem is when it's time to renew license it's very costly so we are looking at using a Linux box as a mail server and get rid of the exchange, but because of the amount of users on ADS we need to have the Linux box authenticate on ADS.

Now hear this:
I have a working Linux Qmail+vpopmail server running with all the nice features Webmail\Clamv\Spamasassin etc. and would like to have that authenticate against the ADS for the 300+ users.

Is that possible??? or di i have to enter the 300+ users if the new mail server?

can anyone guide me as to how i can accomplish this?

[sarumont]

I try to stay away from ADS. I have buddies that are forced to work with it, and they are in much pain because of it.

My suggestion would be to just move your entire solution to OpenLDAP for centralized authentication. This also makes use of a mysql database, making user management easier. This being the case, you could also probably write a script to port the users from ADS (again...not sure as I've never worked with ADS).

[samb]

I've never actually done this, but there are two ways I can think of OTOH that you could use.

Firstly, you could make LDAP queries directly to the ADS server - it uses LDAP for its underlying structure. I don't use vpopmail, but I know Courier can use an LDAP backend quite easily.

Secondly, you could use PAM authentication, in conjuction with the pam_smb module.

No easy to use tutorial for you I'm afraid, but I wouldn't have thought either way would be massively difficult to do.
In my experience the main problem you'll face is that users will want to use Outlook still, but be unhappy with the crappy IMAP support that Outlook provides. Resistance to change is often a far greater problem than any mere technical issue..