Problems with .cf files for LDAP
Hi! Since there is high traffic on this mailing list I am not sure whether this problem has been discussed already. I'm having trouble constructing the .cf files for LDAP. While the test using postmap was successful, the test with sendmail fails. The debug show that for some reason '%s' is holding just the domain. Why is that? M. -- # cat /etc/postfix/ldap/virtual-mailbox-maps.cf debuglevel = 7 bind = yes bind_dn = uid=nobody,ou=people,dc=example,dc=de bind_pw = guessme version = 3 server_host = broccoli.example.net search_base = dc=example,dc=de query_filter = (&(objectClass=nsOrgPerson)(mail=%s)) result_attribute = mail # postconf -n | grep virtual-mailbox virtual_mailbox_maps = ldap:/etc/postfix/ldap/virtual-mailbox-maps.cf -- postmap -q al...@example.net ldap:/etc/postfix/ldap/virtual-mailbox-maps.cf; echo $? al...@example.net 0 Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: put_filter: "(&(objectClass=nsOrgPerson)(mail=al...@example.net))" Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: put_filter: AND Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: put_filter_list "(objectClass=nsOrgPerson)(mail=al...@example.net)" Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: put_filter: "(objectClass=nsOrgPerson)" Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: put_filter: simple Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: put_simple_filter: "objectClass=nsOrgPerson" Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: put_filter: "(mail=al...@example.net)" Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: put_filter: simple Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: put_simple_filter: "mail=al...@example.net" Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: ldap_build_search_req ATTRS: mail Jan 28 00:23:41 broccoli postfix/postmap[29422]: dict_ldap_debug: ldap_send_initial_request -- sendmail al...@example.net < /tmp/gtube.txt Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: ldap_search_ext Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: put_filter: "(&(objectClass=nsOrgPerson)(mail=broccoli.example.net))" Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: put_filter: AND Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: put_filter_list "(objectClass=nsOrgPerson)(mail=broccoli.example.net)" Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: put_filter: "(objectClass=nsOrgPerson)" Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: put_filter: simple Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: put_simple_filter: "objectClass=nsOrgPerson" Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: put_filter: "(mail=broccoli.example.net)" Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: put_filter: simple Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: put_simple_filter: "mail=broccoli.example.net" Jan 28 00:31:06 broccoli postfix/trivial-rewrite[29459]: dict_ldap_debug: ldap_build_search_req ATTRS: mail
Re: Problems with .cf files for LDAP
On Thu, Jan 28, 2021 at 12:45:30AM +0100, Michael Agbaglo wrote: > While the test using postmap was successful, the test with sendmail > fails. The debug show that for some reason '%s' is holding just the > domain. Why is that? $ postconf -d virtual_mailbox_domains virtual_mailbox_domains = $virtual_mailbox_maps Set "virtual_mailbox_domains" explicitly if you want to specify these in some other way. > # postconf -n | grep virtual-mailbox > virtual_mailbox_maps = ldap:/etc/postfix/ldap/virtual-mailbox-maps.cf Best practice is generally "proxy:ldap:" rather than "ldap:". > postmap -q al...@example.net > ldap:/etc/postfix/ldap/virtual-mailbox-maps.cf; echo $? > al...@example.net The result of "virtual_mailbox_maps" is typically a mailbox path, if virtual delivery is to be via the Postfix built-in virtual(8) delivery agent. If you're using LMTP or dovecot-lda, ... then the RHS is of course irrelevant, and returning the original address as-is is fine. -- Viktor.
