ldap users & aliases config

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

ldap users & aliases config

Wojtek Bogusz-2
hi. i am looking for help in setting up users and aliases in ldap for
postfix. i am running on Ubuntu 7.10 with postfix 2.3.8-2

in main.cf i defined source for user accounts as:

        accounts_server_host = localhost
        accounts_search_base = ou=Users,dc=frontline
        accounts_query_filter = (&(objectClass=posixAccount)(uid=%u))
        accounts_result_attribute = uid
        accounts_bind = no
        virtual_transport = dovecot
        virtual_mailbox_base = /home/vmail/domains
        virtual_mailbox_maps = ldap:accounts
        virtual_mailbox_domains = frontlinedefenders.org
        virtual_domain = frontlinedefenders.org
        virtual_minimum_uid = 30000
        virtual_uid_maps = static:30000
        virtual_gid_maps = static:33

and source for user aliases as:
        aliases_server_host = localhost
        aliases_search_base = ou=EmailAliases,dc=frontline
        aliases_query_filter = (&(objectClass=inetOrgPerson)(sn=%u))
        aliases_result_attribute = cn
        aliases_bind = no
        virtual_alias_maps = ldap:aliases, hash:/etc/aliases

i defined ou=EmailAliases,dc=frontline records as inetOrgPerson class
type. so i have as 'cn' a user name (eg. 'wojtek') and as 'sn' different
aliases for this user name (eg. 'wojtekbogusz', 'admin', ...). so for
example you can do anonymous ldapsearch like this from command line:

$ ldapsearch -b 'ou=EmailAliases,dc=frontline' -x 'sn=admin' cn
# extended LDIF
# LDAPv3
# base <ou=EmailAliases,dc=frontline> with scope subtree
# filter: sn=admin
# requesting: cn

# wojtek, EmailAliases, frontline
dn: cn=wojtek,ou=EmailAliases,dc=frontline

# john, EmailAliases, frontline
dn: cn=john,ou=EmailAliases,dc=frontline

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2

i was trying to debug ldap by specifying 'loglevel acl filter' in
/etc/ldap/slapd.conf. but most bizarre is that when i am feeding postfix
by hand over smtp and give 'rcpt to:
[hidden email]'. 'wojtekbogusz' does not appear in
the /var/log/syslog (or debug or mail.info) at all. i can see a lot of
activity, looking through the entries in ldap but nothing corresponding
to query_filer specified above '(&(objectClass=inetOrgPerson)(sn=%u))' -
where i believe %u should be set to 'wojtekbogusz'........?

i do not understand this all and i am a bit crossed :-)
can anybody advice please?

best regards, Wojtek