Hi Phil,
Phil Pennock <exim-users@???> (Do 09 Apr 2009 13:03:34 CEST):
> On 2009-04-09 at 10:45 +0200, Heiko Schlittermann wrote:
> > yesterday I configured an Exim server to do LDAP queries, but somehow
> > I'm not satisfied. May be I was blind or too stupid ...
> >
> > In some LDAP directory (here: ADS) there are "mail groups"
>
> Does ADS have the concept of overlays, which OpenLDAP has?
I do not know almost anything about ADS, I'm using it (it's a customer
administering the ADS, and I'm not sure if the customer knows anything
else than how to click ... :/)
> I have a local globnixGroup auxiliary group which is pretty much
> identical (by design) to groupOfNames but for being auxiliary and for
...
> After this, any update to the 'member' attribute of any object with
> objectClass globnixGroup will automatically update the 'memberOf'
> attributes of the corresponding objects.
>
> So by updating the equivalent to your mailgroups:
>
> > dn: cn=edv,ou=mailgroups,o=org
> > mail: edv@???
> > member: cn=hans,ou=users,o=org <- CN here, no mailbox
> > member: cn=paul,ou=users,o=org ... or mail address
>
> the cn=hans,ou=users,o=org andcn=paul,ou=users,o=org entries would
> automatically gain:
> memberOf cn=edv,ou=mailgroups,o=org
> as operational attributes (so you have to explicitly request them
> (either by name or by requesting all operational attributes with +).
This solution look pretty clever. I'll keep it in mind for a case where
I can do more on the side of the directory service.
Thanks for your response.
--
Heiko
