Solved: Re: Routing based on Active Directory Attribute

BigRed · ‎08-30-2017

Hi,

i am just wondering if there is a way to route based on a special AD attribute.

We have Notes and Exchange Servers. At the moment the whole email traffic is sent via the notes system.

Both systems have the same mail domain.

Now i just want to configure routing which is based on the AD attribute HomeMDB. This attribute only exists in Active Directory for those users that are already migrated to exchange.

So the challenge is to route all mails that are sent to a user which has the AD attribute HOMEMDB to exchange and for those who does not have the attribute i want to route the mails to the notes system.

I already tried with group ldap query but i do not get along with this.

Thanks and regards,

Tom

dmccabej · ‎09-01-2017

Hello Tom,

Your LDAP profile should look similar to the screenshot below (query syntax may need to be modified depending on your LDAP environment). The 'Alternative Mailhost Attribute' would be set to HomeMDB within the LDAP profile on the ESA, and then on the LDAP server itself, you setup that custom attribute to point to the FQDN of your Exchange server.

Thanks!

-Dennis M.

View solution in original post

dmccabej · ‎08-31-2017

Hello Tom,

You should be able to accomplish this by using LDAP Routing on the ESA/s, which would then be setup to use the HomeMDB attribute to deliver to an alternate mailhost. You can find more info on this in our user guide: here.

The default SMTP route would then be set to Notes, and when the attribute is found the alt-host configuration would override the default SMTP route and deliver to Exchange.

This would obviously require some testing within your environment to confirm proper setup, but should be able to do what you require.

Thanks!

-Dennis M.

BigRed · ‎09-01-2017

Hi Dennis,

thanks for the answer.

so the query has to look like this ?

(&(proxyaddress = {a})(HomeMDB=*)
Alternative Mailhost = ExchangeServerName

I am not sure how to check if an LDAP Attribute exists.

Thanks,

Regards,

Tom

dmccabej · ‎09-01-2017

Hello Tom,

Your LDAP profile should look similar to the screenshot below (query syntax may need to be modified depending on your LDAP environment). The 'Alternative Mailhost Attribute' would be set to HomeMDB within the LDAP profile on the ESA, and then on the LDAP server itself, you setup that custom attribute to point to the FQDN of your Exchange server.

Thanks!

-Dennis M.

BigRed · ‎09-01-2017

Hi Dennis,

thanks for your answer.

i have a Little Problem with that.

The attribute homemdb is an existing attribute i Can Not change.

Easy Said i just wann to Check if the Attribute exists and if it exists i wann to Route to a host that i specify in the filter.

Regards,

tom

dmccabej · ‎09-01-2017

Hello,

The name itself is irrelevant. The name can be whatever custom attribute you set on the object. So, all you would have to do is come up with a custom attribute name and then set that on the object, set the value to fqdn of Exchange and then set it to that value on the LDAP profile on the ESA.

Thanks!

-Dennis M.

Ken Stieers · ‎09-01-2017

To be clear that would mean either setting an existing AD attribute (actually not hard for some stuff, a couple clicks in ADUC) to the fqdn of an exchange box or extending the schema (not likely)

Do some digging in the ldap.schema for Notes. Do the users have an attribute that has the server name? If so, you can set the default mail destination to Exchange and then the query as "Alternary host" you will just have to nuke the user out of notes afree migrate them....

BigRed · ‎09-06-2017

Hi,

thanks for your answers. I'll try it and give you feedback. But this will take some time.

Regards,

Tom

BigRed · ‎09-18-2017

Hi,

i have a additional question. Is it possible to do the accept query to one LDAP Server and the LDAP Routing query from another LDAP Server? Can i do this with chained querys?

Regards,

Thomas

dmccabej · ‎09-18-2017

Hello,

You can do that fairly easily with a separate LDAP profile. For example, on your ESA you would have two LDAP profiles setup :

1) Profile Name: LDAP1 - Host: Server1

2) Profile Name: LDAP2 - Host: Server2

For the accept query you would choose either 1 or 2, and then for the routing query you would select the other. Chained queries would be more for if you wanted to query ALL LDAP servers within the chained query, and a domain assignment would be if you wanted to query specific LDAP servers based on the domain.

Thanks!

-Dennis M.

BigRed · ‎11-27-2017

Hello,

thanks to all for support.

It works fine.

Regards,

Tom

dmccabej · ‎11-27-2017

You're very welcome! Glad you got it figured out and working successfully. :)

sebastiaanvd · ‎02-26-2019

Hi,

Is there also a way to make this redundant? if the first redirect fails to take a second host? like 2 mx records?

Many thanks!

BigRed · ‎02-26-2019

Hello,

you can do this with smtp routes. Just create a new smtp route with two ip adresses and different priority (if you take the same you have a loadbalancing scenario). If the first one is failing the second one is taken.

So you can fill an Active Directory field with e.g. nexthop.yourdomain.local and just make an entry for this in your smtp routes with two or more destinations

I hope this is what you are searching for.

Regards,

Tom

sebastiaanvd · ‎02-27-2019

Hi Tom,

Thanks for the answer, this is working fine!

Many thanks!