[Exim] Ldap group expansion -- looping through ldap results

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Reijo Pitkanen
Date:  
À: exim-users
Sujet: [Exim] Ldap group expansion -- looping through ldap results
So here is the loose idea.

LDAP Box: A Windows 2000 PDC. I'm connecting to this (well, not really, but
for the sake of simplicity I am) via LDAP for authentication and other
various lookups.

Mail Box: A debian (Hey! what else runs on mipsel?) 3.0 box running exim
4.20/exiscan-acl-06.

Since you can connect to AD via LDAP, I was trying to create an LDAP lookup
that would expand group membership to aliases, but I just can't wrap my head
around it.

So first I need to lookup group/alias name -- This is easy, but it returns
multiple DN's...
        ${lookup ldapm \
        {user=${quote:LDAP_BINDDN} pass=${quote:LDAP_PW} \


ldap://ldap.houseofashes.net/CN=Groups,DC=houseofashes,DC=net?member?sub?(sa
maccountname=$local_part)}}

Then i need to take the DN's that the 'member' attribute returns and loop
through them, doing the folloing query on each:
        ${lookup ldap \
        {user=${quote:LDAP_BINDDN} pass=${quote:LDAP_PW} \


ldap://ldap.houseofashes.net/CN=Users,DC=houseofashes,DC=net?samaccountname?
sub?(dn=$ldapmvalue)}}