postfix, reading information from ldap

Question

For registration restrictions in Postfix, I want to use as a map, an existing group in ldap. Here is its contents

dn: cn=mailFullAccess,ou=mail,ou=Groups,dc=my,dc=myorggidNumber: 5555memberUid: user1memberUid: user2memberUid: user3memberUid: user4memberUid: user5description: for unlimited access to mailobjectClass: topobjectClass: posixGroupcn: mailFullAccess

ldapseach query result (existing user query)

 [root@mail ~]# ldapsearch -LLL -x -h ldap.host -b 'cn=mailFullAccess,ou=mail,ou=Groups,dc=my,dc=myorg' memberuid=user1dn: cn=mailFullAccess,ou=mail,ou=Groups,dc=my,dc=myorggidNumber: 5555memberUid: user1memberUid: user2memberUid: user3memberUid: user4memberUid: user5description: for unlimited access to mailobjectClass: topobjectClass: posixGroupcn: mailFullAccess

ldapseach query result (non-existent user request)

 [root@mail ~]# ldapsearch -LLL -x -h ldap.host -b 'cn=mailFullAccess,ou=mail,ou=Groups,dc=my,dc=myorg' memberuid=user1234

- NO OUTPUT-

Request to group as a file for Postfix - ldap_full.cf

 search_base = cn=mailFullAccess,ou=mail,ou=Groups,dc=my,dc=myorgserver_host = ldap.hostquery_filter = (memberUid=%u)result_attribute = memberUidscope = onebind = yesbinddn = cn=poweruser,ou=Service,dc=my,dc=myorgbindpw = latropassworddebuglevel = 0

Trying to check

 postmap -q "user1@domain.ru" ldap:/etc/postfix/ldap/full_ldap.cf

empty try a non-existent abrucadabra

 postmap -q "user123456" ldap:/etc/postfix/ldap/full_ldap.cf

also empty .. what's wrong?

Accepted Answer · 2012-12-28T08:14:33

search_base level up, filter a little fix and everything works!

 search_base = ou=mail,ou=Groups,dc=my,dc=myorgserver_host = ldap.hostquery_filter = (&(cn=mailFullAccess)(memberUid=%u))result_attribute = memberUidscope = subbind = yes

and depending on what you need to return as a key value, add it (for OK)

 result_format = %s OK

postfix, reading information from ldap

1 answer 1

More articles: