Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Postfix/LDAP beginner question

2 views
Skip to first unread message

Zhou, Yan

unread,
Aug 24, 2010, 10:32:12 AM8/24/10
to
Hi there,

I am using Postfix 2.4.3. As my first step to integrate with Postfix, I
wish to look up LDAP for local user.

I did not recompile Postfix because I thought it comes with LDAP
support. My ldap log does show that Postfix is trying to look up, so I
think it is fine there.

main.cf reads like this:
local_recipient_maps = ldap:ldaplocal
ldaplocal_server_host = ldap://hub-dev-app01.dev.medplus.com:389/
ldaplocal_search_base = ou=Person,dc=hubdirect,dc=Prod,dc=medplus,
dc=com
ldaplocal_query_filter = (mail=%s)
ldaplocal_result_attribute = mgrpDeliverTo

I am testing by sending an email to
"ldap...@hubdirect.prod.medplus.com", but it says: Recipient address
rejected: User unknown in local recipient table

My LDAP logs says, I do not quite understand if the log says anything
unusual.

[24/Aug/2010:14:13:33 +0000] conn=797 op=13 SRCH
base="dc=medplus,dc=com" scope=1 filter="(objectClass=*)"
attrs="hasSubordinates objectClass"
[24/Aug/2010:14:13:33 +0000] conn=797 op=13 RESULT err=0 tag=101
nentries=1 etime=0 notes=U
[24/Aug/2010:14:13:34 +0000] conn=797 op=14 SRCH
base="dc=Prod,dc=medplus,dc=com" scope=1 filter="(objectClass=*)"
attrs="hasSubordinates objectClass"
[24/Aug/2010:14:13:34 +0000] conn=797 op=14 RESULT err=0 tag=101
nentries=2 etime=0 notes=U
[24/Aug/2010:14:13:35 +0000] conn=797 op=15 SRCH
base="dc=hubdirect,dc=Prod,dc=medplus,dc=com" scope=1
filter="(objectClass=*)" attrs="hasSubordinates objectClass"
[24/Aug/2010:14:13:35 +0000] conn=797 op=15 RESULT err=0 tag=101
nentries=1 etime=0 notes=U
[24/Aug/2010:14:13:36 +0000] conn=797 op=16 SRCH
base="ou=Person,dc=hubdirect,dc=Prod,dc=medplus,dc=com" scope=0
filter="(objectClass=*)" attrs="* aci"
[24/Aug/2010:14:13:36 +0000] conn=797 op=16 RESULT err=0 tag=101
nentries=1 etime=0
[24/Aug/2010:14:13:37 +0000] conn=797 op=18 SRCH
base="ou=Person,dc=hubdirect,dc=Prod,dc=medplus,dc=com" scope=1
filter="(objectClass=*)" attrs="hasSubordinates objectClass"
[24/Aug/2010:14:13:37 +0000] conn=797 op=18 RESULT err=0 tag=101
nentries=1 etime=0 notes=U
[24/Aug/2010:14:13:40 +0000] conn=797 op=19 SRCH
base="cn=yzhou,ou=Person,dc=hubdirect,dc=Prod,dc=medplus,dc=com" scope=0
filter="(objectClass=*)" attrs="* aci"
[24/Aug/2010:14:13:40 +0000] conn=797 op=19 RESULT err=0 tag=101
nentries=1 etime=0

How would I go trouble shoot this?

When I run this command: postmap -q 'ldapuser' ldap:ldaplocal, it
does not return anything, neither success nor failure. That does not
sound right.

One thing I did notice is that my LDAP server does not support
objectClass like "people" or "virtualaccount" as I see in some
tutorials. I do not know whether that matters.

I have tried doing some homework on my own, but I cannot seem to find
anything in particular.

Thanks,
Yan


Confidentiality Notice: The information contained in this electronic transmission is confidential and may be legally privileged. It is intended only for the addressee(s) named above. If you are not an intended recipient, be aware that any disclosure, copying, distribution or use of the information contained in this transmission is prohibited and may be unlawful. If you have received this transmission in error, please notify us by telephone (513) 229-5500 or by email (postm...@MedPlus.com). After replying, please erase it from your computer system.

Victor Duchovni

unread,
Aug 24, 2010, 11:12:32 AM8/24/10
to
On Tue, Aug 24, 2010 at 10:32:12AM -0400, Zhou, Yan wrote:

> Hi there,
>
> I am using Postfix 2.4.3. As my first step to integrate with Postfix, I
> wish to look up LDAP for local user.
>
> I did not recompile Postfix because I thought it comes with LDAP
> support. My ldap log does show that Postfix is trying to look up, so I
> think it is fine there.
>
> main.cf reads like this:
> local_recipient_maps = ldap:ldaplocal
> ldaplocal_server_host = ldap://hub-dev-app01.dev.medplus.com:389/
> ldaplocal_search_base = ou=Person,dc=hubdirect,dc=Prod,dc=medplus,
> dc=com
> ldaplocal_query_filter = (mail=%s)
> ldaplocal_result_attribute = mgrpDeliverTo
>
> I am testing by sending an email to
> "ldap...@hubdirect.prod.medplus.com", but it says: Recipient address
> rejected: User unknown in local recipient table
>
> My LDAP logs says, I do not quite understand if the log says anything
> unusual.

Look in Postfix logs, not LDAP server logs. Test LDAP tables with
"postmap -q" first.

> How would I go trouble shoot this?
>
> When I run this command: postmap -q 'ldapuser' ldap:ldaplocal, it
> does not return anything, neither success nor failure. That does not
> sound right.

Wrong query, supply the full email address.

When the query finds nothing, there is no output, but the exit status
is non-zero.

$ postmap -q <query> <table-spec>
$ echo $?

> One thing I did notice is that my LDAP server does not support
> objectClass like "people" or "virtualaccount" as I see in some
> tutorials. I do not know whether that matters.

Not a problem, so long as it has the data required to return the expected
results for your queries.

--
Viktor.

0 new messages