I am upgrading from 2.2.10 to the current 2.10.1 primarily because the former
does not understand milters and we are trying to implement DKIM. The problem
is that LDAP appears to be broken and we make extensive use of LDAP. When I
first copied the production main.cf over to my development box and tried to
start Postfix, I got 100's of warning bout unused parameters, and always, they
were LDAP configurations that were used and worked on 2.2.10.
A quick look at the Postfix HowTo at Postfix.orghttp://Postfix.org, I see I
need to create an ldap-aliases.cf file and add it to the alias_maps parameter.
But I also do virtual aliases which I specify using a virtual_alias_maps
parameter. So, to get me off to a good start, could someone please translate
the virtual configuration below into something that will work in 2.10.1:
virtual_alias_maps =
ldap:ldaptag,ldap:grouptag,ldap:dormtag,ldap:deptag,ldap:divtag
ldaptag_server_host = $default_ldap_host
ldaptag_bind_dn = cn=Postfix,ou=Special
Users,o=linfield.eduhttp://linfield.edu
ldaptag_bind_pw = pwd
ldaptag_search_base = o=linfield.eduhttp://linfield.edu
ldaptag_query_filter = ((|(mailLocalAddress=%s)(uid=%s))(!(ou=Alumni Email
Users)))
ldaptag_result_attribute = mailRoutingAddress
grouptag_server_host = $default_ldap_host
grouptag_bind_dn = cn=Postfix,ou=Special
Users,o=linfield.eduhttp://linfield.edu
grouptag_bind_pw = pwd
grouptag_search_base = ou=groups,o=linfield.eduhttp://linfield.edu
grouptag_query_filter = ((|(mailLocalAddress=%s)(uid=%s)))
grouptag_special_result_attribute = uniquemember
grouptag_result_attribute = mailRoutingAddress
dormtag_server_host = $default_ldap_host
dormtag_bind_dn = cn=Postfix,ou=Special
Users,o=linfield.eduhttp://linfield.edu
dormtag_bind_pw = pwd
dormtag_search_base = ou=DormLists,o=linfield.eduhttp://linfield.edu
dormtag_query_filter = (uid=%s)
dormtag_special_result_attribute = uniquemember
dormtag_result_attribute = mailRoutingAddress
deptag_server_host = $default_ldap_host
deptag_bind_dn = cn=Postfix,ou=Special Users,o=linfield.eduhttp://linfield.edu
deptag_bind_pw = pwd
deptag_search_base = ou=departments,o=linfield.eduhttp://linfield.edu
deptag_query_filter = (|(mailLocalAddress=%s)(uid=%s))
deptag_special_result_attribute = uniquemember
deptag_result_attribute = mailRoutingAddress
divtag_server_host = $default_ldap_host
divtag_bind_dn = cn=Postfix,ou=Special Users,o=linfield.eduhttp://linfield.edu
divtag_bind_pw = pwd
divtag_search_base = ou=divisions,o=linfield.eduhttp://linfield.edu
divtag_query_filter = (uid=%s)
divtag_special_result_attribute = uniquemember
divtag_result_attribute = mailRoutingAddress
In all but the ldaptag above, the query filter will return a single entry which
has a number of uniqueMember attributes, each of which contains the DN of an
entry that has a mailRoutingAddress attribute that contains the actual email
address. The divtag uniqueMember attribute actually returns the DNs for
departments in the division which, in turn, have uniqueMember attributes, each
of which contains the DN of an actual person with a mailRoutingAddress
attribute.
A translation of the above should give me what I need to translate the rest of
my LDAP configuration.
Thanks.
Rob Tanner
rtan...@linfield.edumailto:rtan...@linfield.edu
