On Tue, Sep 15, 2009 at 11:08:55AM +0200, Edgar Fuß wrote: > > You don't need a new "LDAP tree", just a suitable object endowed with > > the right attributes. > Yes, sure. But we wouldn't like to intermix alias information with user, > group or host information. > > > Sorry, I don't do LDAP schema design, but you should be able to Google > > some examples along these lines, separately from any interaction with > > Postfix. Just look for schemas for dynammic LDAP groups. > > Yes. I just thought thyt you as the primary designer of LDAP integration > into Postfix had a certain schema in mind when implementing that feature.
The schema is: keyattribute: rfc822address valueattribute: ldapURI You name the key attribute, assign it to some object-class and tweak its data-type and matching rules as you see fit. Ditto for the URI attribute, except that the data-type is already understood. It would be a good idea to index the key attribute. > > The docs describe "special_result_attribute". > > Yes. But it seems that, without your help, I wouldn't have thought of > that use case. You as the designer probably had that case in mind for > implementing the feature. The feature works for any URI or DN valued attribute. No preferred schema! This gives you the flexibility to use Postfix with a variety of schemas that are structurally along the lines above. I did not design the original LDAP driver, I am its current maintainer, and the author of the current "db-common" abstraction that provides common features across the LDAP, MySQL and PgSQL drivers. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the "Reply-To" header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: <mailto:majord...@postfix.org?body=unsubscribe%20postfix-users> If my response solves your problem, the best way to thank me is to not send an "it worked, thanks" follow-up. If you must respond, please put "It worked, thanks" in the "Subject" so I can delete these quickly.