On Mon, May 11, 2009 at 01:32:48PM -0500, Gmail said:
> Is there a way to expand variables to fill out the ldapauth line?
> I have clients that send in thier username and password as user@???,
> but it can also be user@???... etc... I need to pass the username
> but change the baseDN according to the domain name. Can this be done?
I use a multi-place lookup (files and ldap), but hopefully you get
the idea:
login_server:
driver = plaintext
public_name= LOGIN
server_prompts = "Username:: : Password::"
server_condition=${if ldapauth \
{user="uid=${quote_ldap_dn:${extract{1}{@}{$1}}},ou=People,${if eq{${extract{2}{@}{$1}}}{} {${lookup{$1}lsearch{/etc/exim4/user.map}{$value}fail}} {dc=${sg{${extract{2}{@}{$1}}}{\\.}{,dc=}}} }" \
pass=${quote_ldap_dn:$2} \
ldap://localhost/ \
} \
}
server_set_id=$1
This allows logins as 'steve' to be looked up in /etc/exim4/user.map
for the dn, and logins as steve@??? to be checked against
uid=steve,ou=People,dc=lobefin,dc=net without an additional lookup.
The extra layer is basically there for hysterical raisins for those
users who seem to be unable to move to the $user@$domain style auth.
There is probably a nicer way to do this.
Cheers,
--
--------------------------------------------------------------------------
| Stephen Gran | Television is a medium because anything |
| steve@??? | well done is rare. -- attributed to |
| http://www.lobefin.net/~steve | both Fred Allen and Ernie Kovacs |
--------------------------------------------------------------------------
