Re: [exim] Again nested LDAP queries...

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MMarco Gaiarin at <-
M+\Marco Gaiarin at ->
Delete this message
Reply to this message
Author: Mike Brudenell
Date:  
To: Exim Users
Subject: Re: [exim] Again nested LDAP queries...
If you're trying to get to values within a list, try using the *listextract*
expansion item:
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html#SECTexpansionitems

There's a bit more on it in the *File and database lookups* chapter in
the *Format
of data returned by LDAP* section, which talks about needing to use
*listextract* to parse returned LDAP data as it understands the doubling of
embedded commas within values:
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-file_and_database_lookups.html#SECID71

(And in passing, there's also the *extract* expansion item which parses
space-separated *keyword=value* pairs, although this isn't what you need
for this situation.)

Cheers,
Mike B-)

On 29 November 2017 at 14:58, Marco Gaiarin <gaio@???> wrote:

>
> >>> What i'm missing?!
> >> quote_ldap_dn ?
> > No, seems no. Same result.
>
> Boh. I've done some more tests, but insted of using:
>
>         exim -be

>
> i've used:
>
>         exim -d+deliver -v -bt test@domain

>
> and my LDAP query, as expected, work. The query finally is:
>
>         ${lookup ldapm {user=LOCAL_AD_BIND_DN pass=LOCAL_AD_PASS
> ldap:///LOCAL_AD_BASE_DN?uid?sub?(&(|(objectClass=user)(
> objectClass=group))(memberOf=\
>                 ${quote_ldap:${sg {${lookup ldap {user=LOCAL_AD_BIND_DN
> pass=LOCAL_AD_PASS ldap:///LOCAL_AD_BASE_DN?distinguishedName?sub?(&(
> objectClass=group)(mail=${quote_ldap:${local_part}}@${quote_ldap:${domain}}))}}}
> {,,} {,}}}\
>         ))}}

>
> and using '|(objectClass=user)(objectClass=group)' i can also ''expand''
> correctly nested group memberships; clearly exim do some loops, but finally
> get the result.
>
>
> >> Also, your sg's are problematic in the face of fields containing commas.
> > Some more hint? Thanks.
>
> Still i'm seeking feedback on 'sg', i don't see alternatives....
>
>
> Thanks.
>
> --
>   Errare è umano, ma per fare veramente casino
>   ci vuole la password di root                          (Zio Budda)

>
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>



--
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811

Web: www.york.ac.uk/it-services
Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Exim 4.90 RC3 uploadedRe: [exim] Exim 4.90 RC3 uploaded->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)