Skip to content

LDAP: add fallback to mailPrimaryAddress when determining user domain#1508

Open
erik-saarts wants to merge 2 commits into
Intermesh:masterfrom
erik-saarts:ldap-mail-fallback
Open

LDAP: add fallback to mailPrimaryAddress when determining user domain#1508
erik-saarts wants to merge 2 commits into
Intermesh:masterfrom
erik-saarts:ldap-mail-fallback

Conversation

@erik-saarts
Copy link
Copy Markdown

@erik-saarts erik-saarts commented May 8, 2026

When syncing LDAP users, GroupOffice determines the user domain from the DN and falls back to the LDAP "mail" attribute when the DN-derived domain is not configured.

Univention Corporate Server (UCS) stores the primary email address in "mailPrimaryAddress" instead of "mail".
This change keeps the existing behavior unchanged and adds "mailPrimaryAddress" as a fallback before failing.

Tested with LDAP setup where:

  • DN-derived domain is ad.example.com
  • configured GroupOffice domain is example.com
  • LDAP user has mailPrimaryAddress but no mail attribute

Result:

@mschering
Copy link
Copy Markdown
Member

mschering commented May 8, 2026

Hi,

Thanks for the PR! I've looked into it and it seems it would be even better if we'd use the LDAP mapping values (https://groupoffice.readthedocs.io/en/latest/system-settings/authentication/ldap.html#mapping) won't you agree?

Best regards,
Merijn

@erik-saarts
Copy link
Copy Markdown
Author

erik-saarts commented May 8, 2026

100%

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@erik-saarts @mschering