Re: [Exim] Is there any classic schema for Exim-LDAP (OpenLDAP-2)?

Autor: Oliver Egginger
Datum:
To: Levin Lee
CC: exim-users
Betreff: Re: [Exim] Is there any classic schema for Exim-LDAP (OpenLDAP-2)?

> Is there any classic schema for Exim-LDAP (OpenLDAP-2)? I didn't find
> any schema files in Exim distribution.

Here is our cofiguration (only as an example).
At first the slapd.conf file.
(An example ldif file you will find at the bottom of this message)

slapd.conf
----------------------------------------------------------------------------------------------
# important LDAP-Schemata
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/fh-giessen.de.schema

pidfile /usr/local/var/slapd.pid
argsfile /usr/local/var/slapd.args

schemacheck on

# ldbm-Definitionen fuer fh-giessen.de
database ldbm
suffix "O=FH Giessen,C=DE"
directory /usr/local/var/openldap-ldbm

# Admiin Access
rootdn "cn=root,O=FH Giessen,C=DE"
rootpw ChooseAPassword

# Index definitions

index otherMailbox,uid,mail,memberOfGroup pres,eq
index cn,sn,givenname pres,eq,sub
index objectClass eq

#ldbm ACL
access to *
    by dn="cn=root,O=FH Giessen,C=DE" write
    by * read
---------------------------------------------------------------------------------------------

O u r S c h e m a :

fh-giessen.de.schema
---------------------------------------------------------------------------------------------
attributetype ( 1.3.6.1.4.1.8232.2.1.1 NAME 'MemberOfGroup' SUP cn)

attributetype ( 1.3.6.1.4.1.8232.2.1.2 NAME 'moderator' SUP distinguishedName)

attributetype ( 1.3.6.1.4.1.8232.2.1.3 NAME 'joinable'
    EQUALITY caseIgnoreMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.8232.2.1.4
    NAME ('rfc822RequestsTo')
    DESC 'Requests'
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.8232.2.1.5
    NAME ('rfc822ErrorsTo' 'ErrorsTo')
    DESC 'Errors'
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.8232.2.1.6 NAME 'status'
    EQUALITY caseIgnoreMatch
    SUBSTR caseIgnoreSubstringsMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )

objectclass ( 1.3.6.1.4.1.8232.2.2.1 NAME 'quipuObject' SUP top STRUCTURAL)

objectclass ( 1.3.6.1.4.1.8232.2.2.2 NAME 'quipuNonLeafObject' SUP top STRUCTURAL)

objectclass ( 1.3.6.1.4.1.8232.2.2.3 NAME 'GroupMember' SUP top STRUCTURAL
    MUST ( cn )
    MAY ( memberOfGroup ) )

objectclass ( 1.3.6.1.4.1.8232.2.2.4 NAME 'rfc822MailGroup' SUP top STRUCTURAL
    MUST ( owner $ cn )
    MAY ( associatedDomain $ joinable $ mail $ member $ memberofGroup $
    moderator $ rfc822RequestsTo $ rfc822ErrorsTo  ) )

objectclass ( 1.3.6.1.4.1.8232.2.2.5 NAME 'fhgi-Member' SUP top STRUCTURAL
    MAY ( givenName $ memberOfGroup ) )

objectclass ( 1.3.6.1.4.1.8232.2.2.6 NAME 'fhgi-Person' SUP top STRUCTURAL
    MAY ( givenName $ cn $ uid $ uniqueIdentifier $ mail $ otherMailbox $ memberOfGroup $ uid $ status) )
--------------------------------------------------------------------------------------

Also we made a change to the default cosine.schema file:

# We changed
# attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
#    SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )
# to this:
attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
    EQUALITY caseIgnoreIA5Match
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )

An example ldif file
-----------------------------------------------------------------------------
dn: o=FH Giessen,c=DE
objectClass: top
objectClass: organization
objectClass: quipuObject
objectClass: quipuNonLeafObject
o: FH Giessen
o: Fachhochschule Giessen

dn: ou=People, o=FH Giessen,c=DE
ou: People
objectClass: organizationalUnit
objectClass: top
objectClass: quipuObject
objectClass: quipuNonLeafObject

dn: ou=Groups, o=FH Giessen,c=DE
ou: Groups
objectClass: top
objectClass: organizationalUnit
objectClass: quipuObject
objectClass: quipuNonLeafObject

dn: ou=DVZ,ou=People, o=FH Giessen,c=DE
ou: DVZ
ou: People
description: Fachbereich Mathematik Naturwissenschaften und Informatik
objectClass: top
objectClass: organizationalUnit
objectClass: quipuObject
objectClass: quipuNonLeafObject

dn:cn=Oliver Egginger,ou=dvz,ou=People,o=FH Giessen,c=DE
objectclass:top
objectclass:pilotObject
objectclass:person
objectclass:newPilotPerson
objectclass:inetOrgPerson
objectclass:fhgi-Person
objectclass:GroupMember
o:FH Giessen
ou:dvz
ou:People
l:Giessen
street:Wiesenstrasse 14
cn:Oliver Egginger
sn:Egginger
givenname:Oliver
userClass:Angestellt
uid:hg6522
mail:oliver.egginger@???
mail:o.egginger@???
mail:egginger@???
mail:oliver.egginger@???
otherMailbox:hg6522@???
memberOfGroup:DVZ

dn:cn=DVZ,ou=Groups,o=FH Giessen,c=DE
cn:DVZ
objectclass:rfc822MailGroup
owner:dn=cn=Oliver Egginger,ou=dvz,ou=People,o=FH Giessen,c=DE
mail:dvz@???
joinable:FALSE
rfc822errorsTo:oliver.egginger@???
rfc822requestsTo:oliver.egginger@???
member:cn=Oliver Egginger,ou=dvz,ou=People,o=FH Giessen,c=DE
-----------------------------------------------------------------------------

I hope this gives you some clue.

> Is there any comparison between Exim-MySQL and Exim-LDAP? It's so hard
> to make a decision.
Sorry, I don't know.

Your message:
> Hello,
>
> Is there any classic schema for Exim-LDAP (OpenLDAP-2)? I didn't find
> any schema files in Exim distribution.
>
> I have made a test about Exim-MySQL performance. If mailboxes in MySQL
> are more than 200000, it takes a lot of time in mysql lookups. So I want
> to know how Exim-LDAP works, faster or slower?
>
> Is there any comparison between Exim-MySQL and Exim-LDAP? It's so hard
> to make a decision.
>
> Thanks a lot.

Diese Nachricht ist Teil des folgenden Threads:
	Der komplette Thread sortiert nach Datum
	Levin Lee am

Re: [Exim] Is there any classic schema for Exim-LDAP (OpenLD…