[Griffiths M (ISeLS)]
> The lookup is of the form:
>
> *@glam.ac.uk ${lookup ldap {ldap:///....?displayName?sub?\
> (saMAccountName=$local_part)}}{$value}fail}@??? Ffr
>
> I know this needs to be "quoted" but I'm not sure where they need to
> sit
First, as the three parts of any rewrite rules are
whitespace-separated, you need to put the whitespace-containing second
part inside double quotes.
Secondly, to make the ldap query safe, you need to use
${quote_ldap:$local_part} where it now says just $local_part.
We do similar address rewriting here; the rewrite rules look like
this:
------------------------------------------------------------------------
# Rewrite user address to user's default address.
*@* \
"${lookup ldap {LDAP_BASE?defaultMailAddress?sub?\
(mail=${quote_ldap:$local_part@$domain})}\
{$value}fail}" hq
------------------------------------------------------------------------
--
Harald