-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 On 24/7/10 9:27, Pavel Dimow wrote:
> someone here can help me. I have a postfix with one "primary" domain and > dozen virtual domains. The problem is that users from primary domain use only > their username (without domain part) for SASL authentication and all > other users > (from virtual domains) are using usern...@somedomain as username. > Now my DIT is organized something like > > ou=people,o=somedomain.com,dc=acmecorp > ou=people,o=virtualdomain.com,dc=acmecorp > > > The question is how can I perform a search for a "primary" domain when I don't > have a domain part? Is there anyway that I can "append" a default domain when > %d is empty or I can make some sophisticated filter_search? If you have an attribute in your schema like mailAlternateAddress (from NS schema in the 389 server) for every entry in your DIT and uid at least for your "primary" domain users, then you can base the search at dc=acmecorp and use a subtree scope, the filter could look like this: (|(uid=%u)(mailAlternateAddress=%u)) Assuming %u represent the whole user identification, as per Dovecot SASL implementation that I'm familiar with. - -- Victoriano Giralt Systems Manager Central ICT Services University of Malaga SPAIN -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFMSq87V6+mDjj1PTgRA4ddAJ9bhxmCUiDrrPQzwN2m600o8l2SKQCfakhk eWb/LX5/6bq18jtq0F+BjHo= =8OGx -----END PGP SIGNATURE-----
