|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Andreas Hasenack (ahasenack
terra.com.br)
Date: Thu Aug 02 2007 - 16:23:23 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Aug 02, 2007 at 03:50:09PM -0400, Victor Duchovni wrote:
> On Thu, Aug 02, 2007 at 04:19:52PM -0300, Andreas Hasenack wrote:
> > cn=foo,ou=group,dc=example,dc=com
> > cn: foo
> > objectClass: posixGroup
> > memberUid: user1
> > memberUid: user2
> > memberUid: user3
> > ...
> >
> > uid=user1,ou=people,dc=example,dc=com
> > uid: user1
> > objectClass: inetOrgPerson
> > mail: user1test.com
> > ...
> >
> > There is no DN pointing back to the user entry, nor is there something
> > in the user entry hinting to which groups the user is part of, so I
> > can't use special_result_attribute.
> >
> > With the above, is there a way I could have postfix, after getting the
> > member list, to a subsequent query on each user to fetch their mail
> > attribute? Or some other solution?
>
> The unix user names will get $myorigin appended to them, these are then
> subject to further rewriting. It should just work.
Ok, that works if I use another expansion later, something like:
alias_maps = hash:/etc/postfix/aliases,ldap:/etc/postfix/group_expand.cf, ldap:/etc/postfix/ldap_alias.cf
group_expand.cf:
query_filter = (&(objectClass=posixGroup)(mail=%u*))
result_attribute = memberUid
ldap_alias.cf:
query_filter = (&(objectClass=inetOrgPerson)(uid=%u))
result_attribute = mail
One problem with this now is that users with no mail attribute in their
entries will remain in the recipient list. For example, let's say from
the list above (user1, user2 and user3) only user2 had no mail
attribute. He would still be in the final recipient list as user2$myorigin.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]