Using Active Directory LDAP might be more secure than using the standard Hmailserver user verification. This was really simple, as most things are with HmailServer.
I set the local Windows 2012 Server as the AD. Source: Install Active Directory on Windows Server 2012 show directions how to do this.
I did this for our pre-installed Charming Mail Servers on Windows.
After setting up AD, I only:
- the DNS needs to have an MX record. As a domain controller this needs to be set. The AD that I set up is stand alone, it wasn’t polling the Route 53 DNS. I know that I can set it to poll regular DNS in the universe, but I opted to just add the mx record in the domain controller. I also changed the domain A record to use the elastic IP address instead of the internal one.
- added the user to Active Directory,
- Set Password not to expire
- You can leave the standard “change password at next login” setting which requires login via RDP by the user
- In HmailServer I Added the user with the same username (though it looks like these can be different)
- clicked the Acitive Directory Tab
- checked the box to use Active Directory
- filled in the AD Domain Name
- Filled in the user name
Changing the password requires logging in on Windows. For this demo I set it to never expire.
I was able to login to Roundcube WebMail
I was also able to use Outlook 2016 to connect