Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
524 views
in Technique[技术] by (71.8m points)

Postfix ldap query for enabledactive members only

Please help me to find how to do this. I have postfix integrated with AD and I have some issue with alias maps.

Here is my virtual_alias_maps.cf:

server_host     = test.local
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = [email protected]
bind_pw         = password
search_base     = dc=test,dc=local
scope           = sub
query_filter    = (&(mail=%s)(member=*))
special_result_attribute = member
leaf_result_attribute = mail
debuglevel      = 0

It works fine, but I need to select only ENABLED users in group, not all. And with a nested group(s).

Thanks in advance.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Solution

cat /etc/postfix/main.cf
...
virtual_alias_maps = pipemap:{ldap:/etc/postfix/ldap/ad_virtual_group.cf, ldap:/etc/postfix/ldap/ad_virtual_group_members.cf}
...

cat /etc/postfix/ldap/ad_virtual_group.cf
...
query_filter     = (&(mail=%s)(objectClass=group)(member=*))
result_attribute = distinguishedName
...

cat /etc/postfix/ldap/ad_virtual_group_members.cf
...
query_filter     = (&(userPrincipalName=*)(mail=*)(memberOf:1.2.840.113556.1.4.1941:=%s)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
result_attribute = mail
...

Check:

postmap -vfq "[email protected]" "pipemap:{ldap:/etc/postfix/ldap/ad_virtual_group.cf, ldap:/etc/postfix/ldap/ad_virtual_group_members.cf}"

Apply:

posfix reload

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...