On 19/08/13 19:28, Viktor Dukhovni wrote:
On Mon, Aug 19, 2013 at 06:25:24PM +0100, Rowland Penny wrote:
query_filter = (&(objectclass=group)(mail=%s))
leaf_result_attribute = otherMailbox
special_result_attribute = member
I have added a couple of otherMailbox attributes to a user called
fred, one is f...@example.com, the other is f...@anotherdomain.com.
I then added fred to the example.com group.
When you specify a multi-valued result attribute (or leaf or terminal
result attribute) each value will be part of the result.
I then ran this command:
postmap -q mailgr...@example.com ldap:/etc/postfix/ldap/ad_virtual_group_maps.cf
This is where the problem comes in, I expected to just get back
f...@example.com, but instead I get f...@example.com and
f...@anotherdomain.com
As expected. If you want a single value back, use a single-valued
attribute.
Thanks, So what you are saying is to use the mail attribute, but on AD,
you can only have one mail attribute, what happens if your user has more
than one email address?
What I thought should happen is
A) search for the mailgroup via its mail address
B) Once the mailgroup is found, get all its members
C) Then from the members, get the relevant email addresses from the
'otherMailbox' attributes, based on the domain part of the email address
of the mailgroup I searched for in the first place.
D) Return only mail addresses that end in the mailgroups domain.
Can postfix do this? if so how? if not, where do I request that it does.
Rowland
