Marco Gaiarin wrote on 05.12.2017 22:45:
> Mandi! Viktor Dukhovni
> In chel di` si favelave...
>
>> What's motivation behind this thread? Are you trying to expand a
>> group whose members are listed indirectly as member DNs? If so,
>
> Exactly. If tehre's a group that hame email 'groupname@???', expand
> automatically the recipient to the group members, users and group (that are
> expanded also).
This example allow to get mail addresses of all the groups, contacts and
non-disabled users which are members of the group with mail address
groupname@???:
${lookup ldapm{\
user="LDAP_USER" pass=LDAP_PASSWD REFERRALS=nofollow \
ldap:///dc=COMPANY,dc=TLD?distinguishedName?sub?\
(&\
(objectClass=group)\
(mail=${quote_ldap:groupname@???})\
)\
}{\
${lookup ldapm{\
user="LDAP_USER" pass=LDAP_PASSWD REFERRALS=nofollow \
ldap:///dc=COMPANY,dc=TLD?mail?sub?\
(&\
(|${sg{\
${map{<\n${sg{${sg{$value}{\n,}{\n}}}{,,}{,}}}\
{(memberOf=${quote_ldap:${item}})}}\
}{\n}{}})\
(|\
(objectClass=group)\
(objectClass=contact)\
(&\
(objectClass=user)\
(!(userAccountControl:1.2.840.113556.1.4.803:=2))\
)\
)\
)\
}}\
}}
It works even if two or more groups have the same e-mail address in mail
attribute.
>> is there not in Exim some mechanism to automatically expand (make
>> recursive queries for) DN and LDAP URI values in LDAP results?
>
> AFAIK, no.
>
--
Best wishes Victor Ustugov mailto:victor@corvax.kiev.ua
public GnuPG/PGP key: https://victor.corvax.kiev.ua/corvax.asc
Skype ID: corvax_nb JID: corvax_at_nb@???
