Topic Last Modified: 2007-05-08

You can configure an SMTP virtual server so that it will consult a Lightweight Directory Access Protocol (LDAP) server to resolve senders and recipients. For example, you can use the Active Directory directory service as an LDAP server, and use the Active Directory Users and Computers administrative tool to create a group mailing list that is automatically expanded on the SMTP virtual server.

Use the LDAP Routing tab to enable LDAP routing and to specify the identity and properties of the directory services server that is used for this SMTP virtual server. The directory services store information about mail clients and their mailboxes. The SMTP virtual server uses LDAP to communicate with the directory services.

To start LDAP routing, select the Enable LDAP routing check box. Then you can configure the following fields:

Server

Type the name of the computer running the LDAP directory. The field is not applicable when you use the Microsoft LDAP Service schema type, because the service will find a nearby server and use it automatically.

Schema

Select the type of directory service being used. The available types are as follows:

  • Active Directory    Select this option to use Active Directory as the LDAP server. To manage mailboxes, use Active Directory Users and Computers in Microsoft Management Console.

  • Site Server Membership Directory   Select this option to use a Microsoft Site Server 3.0 LDAP server to manage mailboxes.

  • Exchange LDAP Service   Use this option when you have installed Exchange LDAP Service as part of Microsoft Commercial Internet System 2.0 Mail and you are using it to manage mailboxes.

Binding

Select the binding type. The binding type specifies how the SMTP virtual server is authenticated by the directory service. The available types are as follows:

  • Anonymous   No user name or password is sent to the directory service. This is the default for SMTP virtual servers you create.

  • Plain text   The User name and Password values are sent to the directory service as unencrypted clear text. This is the default for the default SMTP virtual server.

  • Windows SSPI   The client and server negotiate to determine which level of authentication is acceptable by both, and use the strongest method that is available. When this option is selected, user name and password information is required.

  • Service account   Uses the credentials of the account under which the SMTP service is running. This is controlled by Services, under Administrative Tools.

Domain

Type the domain of the account you want to use to bind to the LDAP directory. This option applies if you select the Plain text or Windows SSPI binding types.

User name

Type the distinguished name (DN) of the account you want to use to bind to the LDAP directory. For example: cn=user1,ou=users,o=company.

This option applies if you select the Plain text or Windows SSPI binding types.

Password

Type the password that is used for logging on to the directory service. This option applies if you select the Plain text or Windows SSPI binding types.

Base

Type the distinguished name of a container in the directory service you're accessing. This setting specifies where you want the SMTP service to start to search in the LDAP directory. The search will begin in the specified container and will continue to search subcontainers if it is necessary.

A Base may be necessary if the user accounts reside in a subcontainer within the LDAP directory. Specifying a Base could allow the LDAP directory to return results more quickly and, in some cases, is necessary if there are multiple naming contexts on the LDAP server.