"Luzynski, Steve" <steve.luzynski@???> writes:
| It looks like your AD query is returning multiple email
| addresses, which is fairly typical - many AD setups have more
| than one email address in them, especially if they were
| migrated from an NT 4.0 environment. One is generally the old
| NT4 short login name and the other is generally the actual
| email address.
This pointed me in the right direction. Although each ldap lookup
can return only one value, I discovered that the system_aliases
router is run twice, one for stian.grytoyr and one for stian.
With eDirectory, the last lookup returned nothing, but for various
reasons we have <username>@nr.no defined as an alias in AD, so
the last query also returns something.
So problem solved, or at least understood. Thanks!
But I'm still not quite sure what a result such as this means:
stian@???
<-- stian@???
<-- stian.grytoyr@???
router = procmail, transport = procmail_pipe
Do the two <-- lines simply mean that there were two levels of
"nesting" involved to look up the ultimate destination address?
| You didn't list your configuration out to have a look at, but
| this is what I'm doing in a router for incoming email to make
| sure that the email address the message is addressed to
| actually matches to a person:
My configuration is very similar to yours, and the AD query is
almost identical:
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup ldap\
{user="cn=user,cn=Users,dc=company,dc=com" pass="password" \
ldap:///cn=Users,dc=company,dc=com?sAMAccountName?sub?\
(proxyAddresses=smtp:${quote_ldap:$local_part}@${domain})}\
{$value}\
{\
${lookup{$local_part}lsearch{/etc/aliases}}\
}}
file_transport = address_file
pipe_transport = address_pipe
--
Regards,
Stian Grytoyr
