From 41539762bcecae18a9104d273df3a7a6c7a4e4db Mon Sep 17 00:00:00 2001
From: Nicolas <nicolas@gruber.info>
Date: Tue, 28 Apr 2026 15:07:32 +0200
Subject: [PATCH] fixes for start

---
 Setup-ByteTrail-AD.ps1 | 8 +++++++-
 mailserver.env         | 6 +++---
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/Setup-ByteTrail-AD.ps1 b/Setup-ByteTrail-AD.ps1
index 74594e2..dc72569 100644
--- a/Setup-ByteTrail-AD.ps1
+++ b/Setup-ByteTrail-AD.ps1
@@ -58,12 +58,18 @@ try {
     exit 1
 }
 
-# Quick-Write-Test: Versuche ein Dummy-Attribut zu lesen/schreiben
+# Quick-Write-Test: Versuche ein Dummy-Objekt zu erstellen und loeschen
 Write-Host "  [..] Schreibtest..." -ForegroundColor Gray
 try {
     $testOUName = "_ByteTrailSetupTest"
     $testOU = "OU=$testOUName,$DomainDN"
+    # Falls vom letzten Lauf noch vorhanden, erst loeschen
+    try {
+        Set-ADOrganizationalUnit -Identity $testOU -ProtectedFromAccidentalDeletion $false -ErrorAction Stop
+        Remove-ADOrganizationalUnit -Identity $testOU -Confirm:$false -Recursive -ErrorAction Stop
+    } catch { }
     New-ADOrganizationalUnit -Name $testOUName -Path $DomainDN -ErrorAction Stop
+    Set-ADOrganizationalUnit -Identity $testOU -ProtectedFromAccidentalDeletion $false -ErrorAction Stop
     Remove-ADOrganizationalUnit -Identity $testOU -Confirm:$false -Recursive -ErrorAction Stop
     Write-Host "  [OK] Schreibzugriff funktioniert" -ForegroundColor Green
 } catch {
diff --git a/mailserver.env b/mailserver.env
index 11a7e26..7ba1c6e 100644
--- a/mailserver.env
+++ b/mailserver.env
@@ -464,15 +464,15 @@ LDAP_SERVER_HOST=ldap://10.10.10.10
 
 # empty => ou=people,dc=domain,dc=com
 # => e.g. LDAP_SEARCH_BASE=dc=mydomain,dc=local
-LDAP_SEARCH_BASE=DC=bytetrail,DC=local
+LDAP_SEARCH_BASE=DC=byte,DC=trail
 
 # empty => cn=admin,dc=domain,dc=com
 # => take a look at examples of SASL_LDAP_BIND_DN
-LDAP_BIND_DN=CN=Mailserver Service Account,OU=Server,DC=bytetrail,DC=local
+LDAP_BIND_DN=CN=Mailserver Service Account,OU=Server,DC=byte,DC=trail
 
 # empty** => admin
 # => Specify the password to bind against ldap
-LDAP_BIND_PW=ByteTrail123456!
+LDAP_BIND_PW=Mail$3rv!ceAcc2026
 
 # e.g. `"(&(mail=%s)(mailEnabled=TRUE))"`
 # => Specify how ldap should be asked for users