Your Message (07 June 2001 14:21) :
> > Ok here is our complete LDAP-exim configuration:
> > (sorry for the german comments)
>
> Thanks Oliver that exactly what I need, mind shedding some light on the
> German though :>) Just hthe section "Listenverarbeitung" would help a lot.
Ok,
I comment it a little bit stronger and in english.
See the attachments.
I keeped three relevant sections ("local_deliver", "userforward" and
"localuser") in "exim-dap.conf" for a better understanding.
In my first mail there was an (maybe) irritating "errors_to" line in the
"local_list" section. I changed it.
greetings
Oliver
--
Oliver Egginger
FH Giessen-Friedberg
DV-Zentrum
Wiesenstrasse 14
35390 Giessen
Tel. +49 641 309-1283
Fax +49 641 309-2908
Mail: Oliver.Egginger@???
# for the local delivery
local_delivery:
driver = appendfile
file = /var/spool/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
# mode = 0660
# ------- BEGINN OF LDAP-LIST PROCESSING -------
# list processing
# At first lists will be handled, then aliase will be resolved.
# (global mailaddress -> "othermailbox" (which is the real mailaddress; no aliase)).
# After this the address (if its local) have to be delivered to an local users
# (the user must exist).
# Lists are administered in LDAP.
# Membership of a group is strewn administered. LDAP-entrys of list members include
# a "memberOfGroup" attribut, which saves the name of the list.
# The "memberOfGroup" attribut type allowes multilple values.
# Lists as members of lists are not allowed.
# Lists are objects of the type "rfc822MailGroup".
# The name (cn) have to be unique.
# "preprocess_list" replaces the mail address by the list name
preprocess_list:
driver = aliasfile
search_type = ldap
query = "ldap://mailserv2.dvz.fh-giessen.de/o=FH%20Giessen,c=DE?cn?sub?(&(mail=$local_part@$domain)(objectclass=rfc822mailgroup))"
new_director = local_list
# "local_list" receives all the mailboxes of the users, which memberOfGroup attribut is set to the
# name of the group (the "cn" attribute is set in the section above).
# Exims "ldapm" search type can receive more than one entry, without generating an error.
local_list:
driver = aliasfile
search_type = ldapm
query = "ldap://mailserv2.dvz.fh-giessen.de/o=FH%20Giessen,c=DE?otherMailbox?sub?(memberOfGroup=$local_part)"
errors_to = ${lookup ldap {ldap://mailserv2.dvz.fh-giessen.de/o=FH%20Giessen,c=DE?errorsTo?sub?(&(cn=$local_part)(objectclass=rfc822mailgroup))} {$value} {postmaster}}
new_director = userforward
# ldap alias director; after this resolution af an alias a local_part
# is handed down to the "localuser" director (no multi level alias resolution).
# ------- END OF LDAP-LIST PROCESSING (jump to forwarding...) -------
# "ldap_lookup" is for normal LDAP entrys (normal users which are no lists)
ldap_lookup:
driver = aliasfile
search_type = ldap
query = "ldap://mailserv2.dvz.fh-giessen.de/o=FH%20Giessen,c=DE?otherMailbox?sub?(mail=$local_part@$domain)"
# new_director = localuser
# userforward
userforward:
driver = forwardfile
file = .forward
# no_verify
no_expn
check_ancestor
filter = true
# This director matches local user mailboxes.
localuser:
driver = localuser
transport = local_delivery
# Schemata der Fachhochschule
attributetype ( 1.3.6.1.4.1.8232.2.1.1 NAME 'memberOfGroup' SUP cn )
attributetype ( 1.3.6.1.4.1.8232.2.1.2 NAME 'moderator' SUP distinguishedName )
attributetype ( 1.3.6.1.4.1.8232.2.1.3 NAME 'joinable'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.8232.2.1.4 NAME 'rfc822RequestsTo' SUP mail )
attributetype ( 1.3.6.1.4.1.8232.2.1.5 NAME 'rfc822ErrorsTo' SUP mail )
objectclass ( 1.3.6.1.4.1.8232.2.2.1 NAME 'GroupMember' SUP top STRUCTURAL
MUST ( cn )
MAY ( memberOfGroup ) )
objectclass ( 1.3.6.1.4.1.8232.2.2.2 NAME 'rfc822MailGroup' SUP top STRUCTURAL
MUST ( owner $ cn )
MAY ( associatedDomain $ joinable $ mail $ member $ memberofGroup $
moderator $ rfc822RequestsTo $ rfc822ErrorsTo ) )
objectclass ( 1.3.6.1.4.1.8232.2.2.3 NAME 'fhgi-Member' SUP top STRUCTURAL
MAY ( givenName $ memberOfGroup) )
objectclass ( 1.3.6.1.4.1.8232.2.2.4 NAME 'fhgi-Person' SUP top STRUCTURAL
MAY ( cn $ uid $ uniqueIdentifier $ mail $ otherMailbox $ memberOfGroup $ uid) )
