Hi List,
in
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20040816/075152.htm
l (or
http://www.exim.org/eximwiki/MsExchangeAddressVerification) is a
nice configuration examle to query the Active Directory for mail
addresses:
<snip>
LDAP_AD_BINDDN = "CN=MTA,OU=Restricted,DC=DOMAIN,DC=ORG"
LDAP_AD_PASS = "VerySecret"
LDAP_AD_BASE_DN = "DC=DOMAIN,DC=ORG"
To verify address one can query AD Global Catalog for exact attribute
matching, using this macro (note serverless LDAP URI):
LDAP_AD_MAIL_RCPT = \
user=LDAP_AD_BINDDN \
pass=LDAP_AD_PASS \
ldap:///LDAP_AD_BASE_DN\
?mail?sub?\
(&\
(|\
(objectClass=user)\
(objectClass=publicFolder)\
(objectClass=group)\
)\
(proxyAddresses=SMTP:${quote_ldap:${local_part}@${domain}})\
)
</snip>
When I use an adjusted form of this example I get the following error
message:
<snip>
search ended by ldap_result yielding 101
ldap_parse_result yielded 34: Invalid DN syntax
lookup failure forced
LDAP search failed - error 34: Invalid DN syntax/0000208F: LdapErr:
DSID-0C09062C, comment: Error processing name, data 0, vece
lookup failed
</snip>
The problem seems to be the quotation marks around the value of
LDAP_AD_BASE_DN. I have found two solutions: leaving out the quotation
marks or using LDAP_AD_BASE_DN = ${quote_ldap:DC=DOMAIN,DC=ORG}. I don't
know if this is a "feature" of Active Directory or LDAP.
-vol
