On Tue, Sep 15, 2009 at 11:08:55AM +0200, Edgar Fuß wrote:
> > You don't need a new "LDAP tree", just a suitable object endowed with
> > the right attributes.
> Yes, sure. But we wouldn't like to intermix alias information with user,
> group or host information.
>
> > Sorry, I don't do LDAP schema design, but you should be able to Google
> > some examples along these lines, separately from any interaction with
> > Postfix. Just look for schemas for dynammic LDAP groups.
>
> Yes. I just thought thyt you as the primary designer of LDAP integration
> into Postfix had a certain schema in mind when implementing that feature.
The schema is:
keyattribute: rfc822address
valueattribute: ldapURI
You name the key attribute, assign it to some object-class and tweak
its data-type and matching rules as you see fit. Ditto for the URI
attribute, except that the data-type is already understood. It would be
a good idea to index the key attribute.
> > The docs describe "special_result_attribute".
>
> Yes. But it seems that, without your help, I wouldn't have thought of
> that use case. You as the designer probably had that case in mind for
> implementing the feature.
The feature works for any URI or DN valued attribute. No preferred
schema! This gives you the flexibility to use Postfix with a variety of
schemas that are structurally along the lines above.
I did not design the original LDAP driver, I am its current maintainer,
and the author of the current "db-common" abstraction that provides
common features across the LDAP, MySQL and PgSQL drivers.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
