My business recently made the jump to Active Directory, and wanted our mail server to replicate AD accounts. Both the domain controller and the mail server are running Windows Server 2012, and we're using MDaemon for the mail server. Here's where it gets weird: I went through Alt-N's documentation but I'm only able to manually synchronize accounts.
I can use an LDAP search filter to identify the accounts I want to replicate correctly, and I can even use the "Perform Active Directory Scan Now" function to update all of my accounts as expected.
However, if I try to enable Active Directory Monitoring, accounts aren't updated and the mail server log is filled with errors that say "AD error: 1355 - The specified domain either does not exist or could not be contacted." Which is weird, because it clearly could contact the domain for the LDAP search and the forced account query.
Things I've tried:
- Turning off the firewall on both the DC and mail server
- Binding the mail server to the AD
- Adding the domain and DC's login credentials to the mail server's credential manager
- Enabled delegation to any service for the mail server after joining it to the domain
I've also checked the Event Viewer logs on both the mail server and the DC. On the mail server, a new event is created during each attempted sync that shows the username and domain logon attempt, (but I'm unable to determine if the logon was successful), and there are no logs for the mail server on the DC side that I can see.
Am I missing something obvious here? It seems bizarre that I can force an account sync, but it fails to do so automatically using the same domain name and credentials.