Hello,
There is table_ldap in the opensmtpd-extras package, but I've never used
it, it's undocumented and I've heard that the author sees it as a proof
of concept only at this point. So no idea how far this will take you,
but it's your best shot. :-)
A quick look through the source shows me the following snippet of the
config parser:
else if (!strcmp(key, "username"))
read_value(&username, key, value);
else if (!strcmp(key, "password"))
read_value(&password, key, value);
else if (!strcmp(key, "basedn"))
read_value(&basedn, key, value);
else if (!strcmp(key, "alias_filter"))
read_value(&queries[LDAP_ALIAS].filter, key, value);
else if (!strcmp(key, "alias_attributes")) {
ldap_parse_attributes(&queries[LDAP_ALIAS],
key, value, 1);
} else if (!strcmp(key, "credentials_filter"))
read_value(&queries[LDAP_CREDENTIALS].filter, key,
value);
else if (!strcmp(key, "credentials_attributes")) {
ldap_parse_attributes(&queries[LDAP_CREDENTIALS],
key, value, 2);
} else if (!strcmp(key, "domain_filter"))
read_value(&queries[LDAP_DOMAIN].filter, key, value);
else if (!strcmp(key, "domain_attributes")) {
ldap_parse_attributes(&queries[LDAP_DOMAIN],
key, value, 1);
} else if (!strcmp(key, "userinfo_filter"))
read_value(&queries[LDAP_USERINFO].filter, key, value);
else if (!strcmp(key, "userinfo_attributes")) {
ldap_parse_attributes(&queries[LDAP_USERINFO],
key, value, 3);
} else if (!strcmp(key, "mailaddr_filter"))
read_value(&queries[LDAP_MAILADDR].filter, key, value);
else if (!strcmp(key, "mailaddr_attributes")) {
Hope this works for you.
martijn@
On Tue, 2020-12-01 at 09:02 +0300, Родин Максим wrote:
> Hello
> Is there a way to make opensmtpd work
> with ldap aliases over a secure connection?
>
> I do not know where to find working examples of this
> My current /etc/mail/ldap.conf look like this:
> 1 url>---->------->-------ldap://ldap1.mydomain.ru
> 2 basedn>->------->-------dc=mydomain,dc=ru
> 3 username>------->-------cn=service,dc=mydomain,dc=ru
> 4 password>------->-------passpasspass
> 5
> 6 domain_filter>-->-------(&(objectClass=domain)(dc=%s))
> 7 domain_attributes>------dc
> 8
> 9 credentials_filter>-----(&(objectClass=posixAccount)(uid=%s))
> 10 credentials_attributes>-uid,userPassword
> 11
> 12 userinfo_filter>>-------(&(objectClass=posixAccount)(uid=%s))
> 13 userinfo_attributes>----uid,uidNumber,gidNumber,homeDirectory
> 14
> 15 alias_filter>--->-------(&(objectClass=nisMailAlias)(cn=%s))
> 16 alias_attributes>-------rfc822MailMember
>
> ldapd daemon is set up on another host to work over tls and ssl and
> working correctly.
>
> If I change url to ldaps://ldap1.mydomain.ru
> or to ldap+tls://ldap1.mydomain.ru
> then smtpd -dv shows:
> """
> _____________________________________________
> vdomains[50952]: warn: ldap_parse_url fail
> vdomains[50952]: warn: ldap_connect error
> vdomains[50952]: fatal: failed to connect
> """
> _____________________________________________
>
