3/09/2010

LDAP and Postfix Integration

After struggling a little while to make it happen, I finally asked the guy who was the speaker at SCALE 8x about LDAP integration about why my LDAP server wasn't working with my Postfix mail server to look up aliases. In just a few minutes, I got my response, and he was right. It can be good to ask for help!

Here was the setup:
I'm using Fedora 12. (postfix-2.6.5-2.fc12.i686 and
openldap-servers-2.4.19-1.fc12.i686).

My account entry in LDAP:

[root@earth postfix]# ldapsearch -LLL -x uid=keith
>> dn: uid=keith,ou=People,dc=fedora,dc=test
>> uid: keith
>> cn: Keith Wright
>> objectClass: account
>> objectClass: posixAccount
>> objectClass: top
>> objectClass: shadowAccount
>> shadowLastChange: 13363
>> shadowMax: 99999
>> shadowWarning: 7
>> loginShell: /bin/bash
>> uidNumber: 500
>> gidNumber: 500
>> homeDirectory: /home/keith
>> userPassword:: bXXXXXXXXXXXE=
>>
>> An entry for an alias:
>> [root@earth postfix]# ldapsearch -LLL -x '(&
>> (cn=wrightrocket)(objectclass=nismailalias))' rfc822MailMember
>> dn: cn=wrightrocket,ou=People,dc=fedora,dc=test
>> rfc822MailMember: keith
>>
>> From reading the LDAP_README, I have this parameter set in my main.cf:
>> [root@earth postfix]# postconf alias_maps
>> alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-aliases.cf
>>
>> Here is my /etc/postfix/ldap-aliases.cf:
>> server_host = localhost.localdomain
>> # defaults to localhost
>> server_port = 389
>> # default
>> timeout = 10
>> # default
>> bind = no
>> # default
>> search_base = ou=People,dc=fedora,dc=test
>> # location where aliases are stored in tree
>> ldapalias_result_attribute = rfc822MailMember
>> query_filter = (& (cn=%s)(objectClass=nisMailAlias))
>> debug_level = 4

As you can see, I pasted this from my email. What was the one change that made it work? Instead of ldapalias_result_attribute (several lines up), the proper parameter to set was result_attribute, and everything worked!

1 comment:

sentaidigital.com said...

Might not want to put your LDAP password in your post.

About Me - WrightRocket

My photo

I've worked with computers for over 30 years, programming, administering, using and building them from scratch.

I'm an instructor for technical computer courses, an editor and developer of training manuals, and an Android developer.