Topic Last Modified: 2007-05-08
You can configure an SMTP virtual server so that it will consult a Lightweight Directory Access Protocol (LDAP) server to resolve senders and recipients. For example, you can use the Active Directory directory service as an LDAP server, and use the Active Directory Users and Computers administrative tool to create a group mailing list that is automatically expanded on the SMTP virtual server.
Use the LDAP Routing tab to enable LDAP routing and to specify the identity and properties of the directory services server that is used for this SMTP virtual server. The directory services store information about mail clients and their mailboxes. The SMTP virtual server uses LDAP to communicate with the directory services.
To start LDAP routing, select the Enable LDAP routing check box. Then you can configure the following fields:
- Server
-
Type the name of the computer running the LDAP directory. The field is not applicable when you use the Microsoft LDAP Service schema type, because the service will find a nearby server and use it automatically.
- Schema
-
Select the type of directory service being used. The available types are as follows:
- Active Directory Select this option to
use Active Directory as the LDAP server. To manage mailboxes, use
Active Directory Users and Computers in Microsoft Management
Console.
- Site Server Membership Directory Select
this option to use a Microsoft Site Server 3.0 LDAP server to
manage mailboxes.
- Exchange LDAP Service Use this option
when you have installed Exchange LDAP Service as part of Microsoft
Commercial Internet System 2.0 Mail and you are using it to
manage mailboxes.
- Active Directory Select this option to
use Active Directory as the LDAP server. To manage mailboxes, use
Active Directory Users and Computers in Microsoft Management
Console.
- Binding
-
Select the binding type. The binding type specifies how the SMTP virtual server is authenticated by the directory service. The available types are as follows:
- Anonymous No user name or password is
sent to the directory service. This is the default for SMTP virtual
servers you create.
- Plain text The User name and
Password values are sent to the directory service as
unencrypted clear text. This is the default for the default SMTP
virtual server.
- Windows SSPI The client and server
negotiate to determine which level of authentication is acceptable
by both, and use the strongest method that is available. When this
option is selected, user name and password information is
required.
- Service account Uses the credentials of
the account under which the SMTP service is running. This is
controlled by Services, under Administrative Tools.
- Anonymous No user name or password is
sent to the directory service. This is the default for SMTP virtual
servers you create.
- Domain
-
Type the domain of the account you want to use to bind to the LDAP directory. This option applies if you select the Plain text or Windows SSPI binding types.
- User name
-
Type the distinguished name (DN) of the account you want to use to bind to the LDAP directory. For example:
cn=user1,ou=users,o=company.
This option applies if you select the Plain text or Windows SSPI binding types.
- Password
-
Type the password that is used for logging on to the directory service. This option applies if you select the Plain text or Windows SSPI binding types.
- Base
-
Type the distinguished name of a container in the directory service you're accessing. This setting specifies where you want the SMTP service to start to search in the LDAP directory. The search will begin in the specified container and will continue to search subcontainers if it is necessary.
A Base may be necessary if the user accounts reside in a subcontainer within the LDAP directory. Specifying a Base could allow the LDAP directory to return results more quickly and, in some cases, is necessary if there are multiple naming contexts on the LDAP server.