Re: [Exim] LDAP Lookups + Exim4

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMJohn Horne at <-
..MPhilip Hazel at ->
Delete this message
Reply to this message
Author: Tony Earnshaw
Date:  
To: Joseph Kezar
CC: exim-users
Subject: Re: [Exim] LDAP Lookups + Exim4
tor, 2002-08-15 kl. 18:20 skrev Joseph Kezar:

> I am currently undergoing a migration from Exim 3 to 4.
> I compiled Exim4 with the OpenLDAP2 libraries without a hitch. Now I am
> trying to convert my configuration file.
> Apparently this Router is not syntatically correct:
> external_ldap_aliases:
> driver = redirect
> search_type = ldapm
> query = ldap://ldap.doc.state.vt.us/ou=Groups,o=Vermont Department of
> Corrections,c=US?rfc822MailMember?sub?(cn=${local_part})
> file_transport = address_file
> pipe_transport = address_pipe
> unseen

> And one know how I can rewrite this or point me to some documentation on
> how to write LDAP enable routers

Below is a snippet of my config file that works for me with 4.10. It's
for the more or less standard Openldap 2.1.3 schemas and replaces
system aliases, group aliases, user mail addresses and "virtual" user
mail addresses. My source docs for it were the standard Exim 4.0
searchable spec.txt and a Dman example in this list. I just changed the
examples around until they worked, checking a tail -f of the slapd.log
the whole time to see what was happening.

You'll have to change things that you don't use, or use differently. For
example, ldaps works for me, not for many others, so I've gathered.

I also use ldap for (encrypted) auth plain user authorisation, again the
source doc was spec.txt.

Best,

Tony
--

## This router handles ldap-based aliases
#
# Obviously ldap has to be configured and running before it will work.
# In this case it's configured for the Lachman-Laser Internet draft.
# The usual /etc/aliases file can be renamed, since it won't be used
# any more.
#
# Make sure that it comes before any local routers, including
# Spamassassin,
# since subseqent to these it will use the standard /etc/ldap.conf
# filter
# and it expressly uses its own filter *before* the standard filter is
# called. 

system_aliases:
  driver = redirect
  allow_fail
  allow_defer
  data  = ${lookup ldapm {ldaps://localhost/\
    ou=groups,dc=billy,dc=demon,dc=nl?mailRoutingAddress?sub?\
(&(objectClass=inetLocalMailRecipient)(mailLocalAddress=${quote_ldap:$local_part@$domain}))\
    }\
    {$value} fail }
# user = exim
  file_transport = address_file
  pipe_transport = address_pipe


group_aliases:
  driver = redirect
  allow_fail
  allow_defer
  data  = ${lookup ldapm {ldaps://localhost/\
    dc=billy,dc=demon,dc=nl?rfc822MailMember?sub?\
    (&(objectClass=nisMailAlias)(cn=${quote_ldap:$local_part@$domain}))\
    }\
    {$value} fail }
# user = exim
  file_transport = address_file
  pipe_transport = address_pipe



--

Tony Earnshaw

The usefulness of RTFM is vastly overrated. 

e-post:        tonni@???
www:        http://www.billy.demon.nl
gpg public key:    http://www.billy.demon.nl/tonni.armor


Telefoon:    (+31) (0)172 530428
Mobiel:        (+31) (0)6 51153356


GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981
3BE7B981





This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] Re: relaying problemRe: [Exim] domain-dependent envelope-mods->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)