|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: access lists and multiple values
From: Tony Earnshaw (tericssonearnshaw
barlaeus.nl)
Date: Thu Dec 21 2006 - 04:59:38 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
mlsbuilders.com skrev:
> I'm fighting with access lists fo hours :-(
>
> I have a
> check_recipient_access = ldap:/etc/postfix/ldap/uid.cf
>
> with /etc/postfix/ldap/uid.cf:
> version = 3
> server_host = ...
> search_base = ...
> timeout = 150
> query_filter = (uid=%u)
> result_attribute = uid
> result_format = OK
> bind = yes
> bind_dn = ....
> bind_pw = ...
>
> but in some cases there's 2 uid for an entry so the lookup returns "OK, OK" and I get a server configuration error with <<warning: unknown smtpd restriction: "OK">>
Put 'OK %u' in result_format, which is actually what you want: You have
to have a LHS and a RHS in a (anyway most) table lookups. Funnily enough
the LDAP table result_format result is a mirror image of a hash table
result, so the above order is correct.
> So I tried:
> query_filter = (uid=%u)
> result_attribute = dn
> result_format = OK
>
> but this seems to returns nothing (at the end) even if it has found a matchinf entry (I suspect a recusion)
> <<
> dict_ldap_get_values[1]: Search
> found 1 match(es)
> dict_ldap_debug: ldap_first_attribute
> dict_ldap_debug: ber_scanf fmt ({xl{) ber:
> dict_ldap_get_values[1]: Leaving dict_ldap_get_values
> dict_ldap_lookup: Search returned nothing
>
> Is there a way to tell it to return only one result attribute ?
With the above, this shouldn't worry you any longer, you'll get a
comma-separated list of 'OK uid's.
--Tonni
--
Tonni Earnshaw
tonni barlaeus.nl
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]