Hello everyone! First of all, I would like to congratulate the developers of the Mailcow project. It is an incredible tool, especially because it is a free project.

I am new to using the tool. I work in a medium-sized company with around 300 employees. Here’s the situation: we have an email server that is becoming obsolete, so we are studying the implementation of a new email server in our company.

We found Mailcow, which is perfect for our company, and now, being able to integrate it with Active Directory is even better since we have a Windows Server 2016 in our network.

So far, so good. We haven’t implemented Mailcow in our production environment yet, as it is still in the testing phase.

The problem I am facing is the following: in the latest update (2025-03), we configured LDAP to connect to Active Directory, making it possible to pull users from AD into Mailcow. The configuration appears to have been successful, as shown in the screenshots, but the users are not being imported from my Active Directory into Mailcow.

I searched on Mailcow’s official website, where it states:
“If a user does not exist in Mailcow and logs in via email protocols (IMAP/SIEVE/POP3/SMTP) or the Mailcow user interface, the user will be created automatically, provided that a corresponding attribute mapping is configured.”

I followed these steps, but still, nothing happened. The user import was unsuccessful.

I have checked the configurations several times, and so far, nothing has worked. If anyone here can help me, I would really appreciate it.

Another thing: we have two servers integrated into our Active Directory, working perfectly via LDAP, which are GLPI and Nextcloud. Both are operating correctly. I have already opened the LDAP ports on my Windows Server 2016 firewall (ports 389 and 636).

Your need to understand the way how that is working. The necessary thing in this is the “Attribute Field

Attribute Field: Specifies an LDAP attribute that holds a specific value which can be mapped to a mailbox

Attribute Mapping:

Attribute: Defines the LDAP attribute value that should be mapped.
Template: Specifies which mailbox template should be applied for the defined LDAP attribute value

Mailcow Example Configuration¶

The user has an LDAP attribute otherMailbox with the value default.
In mailcow, set Attribute Field to "othermailbox".
Under Attribute Mapping, set Attribute to default and select an appropriate mailbox template.

Our Example Configuration
The user has an LDAP attribute “employeetype” with one value of those values (default, Sales, Removed) that we are configured on the MailCow LDAP confiugration.
This mean you can definde many diffrent Mailbox Templates.

Updates on Login¶

Each time a user logs in, mailcow checks if the assigned template has changed. If so, it updates the mailbox settings accordingly.

Have something to say?

Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!

Thank you very much for your feedback, my friend, but I still haven’t been able to understand what I need to do. I thought I just needed to configure LDAP, and then my users registered in my Active Directory would be automatically created in Mailcow.

I have already tried configuring the (Attribute Field) as in your example, but without success.

You need to specifies an LDAP attribute in your Active Directory. That LDAP attribute holds a value for the name of the Mailbox Template that mapped to a mailbox. I mean the Mailbox Template name that used for updates the mailbox settings like the example in the images above. This value indicates what Mailbox Template used for updates the mailbox settings for the user.

When this attribute is exist in your Active Directory for the user. The “MailCow LDAP integration” will create the user in the MailCow automatically.

I have to confirm the issues stated by @Eliezal . In my case I defined the username field as well as the attribute field and got ldap synced for 3 mailboxes. But in my setup I have other 8 mailboxes which mailcow ldap client obviously couldn’t find. The filter seems to be correct as 3 mailboxes could be found and synced. Also the other 8 accounts a configured identically. Is there a way to debug ldap client behaviour properly?

Ok, after trying different things I found out that the attribute field set in mailcow MUST have an entry also set in ldap user object. Leaving this attribute empty in ldap does not fall back to default value in mailcow.

    timetrax Leaving this attribute empty in ldap does not fall back to default value in mailcow.

    That is basically what it says in the docs:
    docs.mailcow.email Icon LDAP - mailcow: dockerized documentation

    docs.mailcow.email Icon docs.mailcow.email
    LDAP - mailcow: dockerized documentation
    None
    docs.mailcow.email

    Confirm Attribute Mapping

    Make sure a matching Attribute Mapping is configured for the users.

    LDAP Filter

    Double-check your LDAP filter if one is configured.
      No one is typing