Thanks Nathan. I added this Howto - http://directory.fedora.redhat.com/wiki/Howto:Postfix Please let me know if it works. Nathan Benson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Gabriele, > > i am using the courier LDAP schema for mail attributes. but i don't see > why you couldn't use what you currently have in place. if your uid of > the user is where you would actually deliver the mail, you could > probably just use that. your postfix configuration for alias lookups > would look something like this: > > ~ search_base = dc=example,dc=com > ~ scope = sub > ~ query_filter = (mail=%s) > ~ result_attribute = uid > ~ special_result_filter = %s@%d > > i would suggest investigating the default schemas offered, or finding > another mail schema to use. you will probably want the flexibility of > having an email address deliver outside of a user's account (forwarding > to your home account, etc). > > the postfix list will probably have a lot more to offer in the way of > configuring postfix to use LDAP. one thing i remember is that postfix > does two different LDAP lookups, one to verify there is a user by that > name (local_recipient_maps) on the system, and two, where to deliver the > email (virtual_alias_maps; my configuration above is for this second > part). here are my two lines out of the main.cf: > > ~ virtual_alias_maps = ldap:/etc/postfix/ldap-aliases.cf > ~ local_recipient_maps = $alias_maps, ldap:/etc/postfix/ldap-users.cf > > good luck, i hope this helped. > > nb > > Gabriele Chervatin thus spake on 07/01/2005 03:05 AM: > | Hi everyone, > | > | first i use Directory Server as a address book, and i tested it whit > | Thunderbird. It's fine I'm able to search the users an their emails. > | Now i try to configure postfix with virtual user but i a bit > | complicated task for me. > | > | What are the basic step for the success? > | I need to add new schema? > | > | Follow my Directory content: > | > | version: 1 > | > | # entry-id: 1 > | dn: dc=example,dc=com > | objectClass: top > | objectClass: domain > | dc: example > | creatorsName: cn=directory manager > | modifiersName: cn=directory manager > | createTimestamp: 20050629120831Z > | modifyTimestamp: 20050629120832Z > | nsUniqueId: 821fc9bf-1dd211b2-8050be72-f5080000 > | aci: (targetattr!="userPassword")(version 3.0; acl "Enable anonymous > access"; > | allow (read, search, compare)userdn="ldap:///anyone";;) > | aci: (targetattr="carLicense ||description ||displayName > ||facsimileTelephoneN > | umber ||homePhone ||homePostalAddress ||initials ||jpegPhoto > ||labeledURL || > | mail ||mobile ||pager ||photo ||postOfficeBox ||postalAddress > ||postalCode | > | |preferredDeliveryMethod ||preferredLanguage ||registeredAddress > ||roomNumbe > | r ||secretary ||seeAlso ||st ||street ||telephoneNumber > ||telexNumber ||titl > | e ||userCertificate ||userPassword ||userSMIMECertificate > ||x500UniqueIdenti > | fier")(version 3.0; acl "Enable self write for common attributes"; > allow (wr > | ite) userdn="ldap:///self";;) > | aci: (targetattr="*")(version 3.0; acl "Configuration Administrator"; > allow (a > | ll) userdn="ldap:///uid=admin,ou=Administrators, > ou=TopologyManagement, o=Ne > | tscapeRoot";) > | aci: (targetattr ="*")(version 3.0;acl "Configuration Administrators > Group";al > | low (all) (groupdn = "ldap:///cn=Configuration Administrators, > ou=Groups, ou > | =TopologyManagement, o=NetscapeRoot");) > | aci: (targetattr ="*")(version 3.0;acl "Directory Administrators > Group";allow > | (all) (groupdn = "ldap:///ou=Directory Administrators, > dc=example,dc=c > | om");) > | aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow > (all)groupdn = "ld > | ap:///cn=slapd-centos41, cn=Fedora Directory Server, cn=Server > Group, cn=cen > | tos41.example.com, ou=example.com, o=NetscapeRoot";) > | > | # entry-id: 2 > | dn: cn=Directory Administrators, dc=example,dc=com > | objectClass: top > | objectClass: groupofuniquenames > | cn: Directory Administrators > | creatorsName: cn=directory manager > | modifiersName: cn=directory manager > | createTimestamp: 20050629120831Z > | modifyTimestamp: 20050629120832Z > | nsUniqueId: 821fc9c0-1dd211b2-8050be72-f5080000 > | > | # entry-id: 3 > | dn: ou=Groups, dc=example,dc=com > | objectClass: top > | objectClass: organizationalunit > | ou: Groups > | creatorsName: cn=directory manager > | modifiersName: cn=directory manager > | createTimestamp: 20050629120832Z > | modifyTimestamp: 20050629120832Z > | nsUniqueId: 821fc9ef-1dd211b2-8050be72-f5080000 > | > | # entry-id: 4 > | dn: ou=People, dc=example,dc=com > | objectClass: top > | objectClass: organizationalunit > | ou: People > | aci: (targetattr ="userpassword || telephonenumber || > facsimiletelephonenumber > | ")(version 3.0;acl "Allow self entry modification";allow > (write)(userdn = "l > | dap:///self");) > | aci: (targetattr !="cn || sn || uid")(targetfilter > ="(ou=Accounting)")(version > | 3.0;acl "Accounting Managers Group Permissions";allow > (write)(groupdn = "ld > | ap:///cn=Accounting Managers,ou=groups,dc=example,dc=com");) > | aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Human > Resources)")(ve > | rsion 3.0;acl "HR Group Permissions";allow (write)(groupdn = > "ldap:///cn=HR > | Managers,ou=groups,dc=example,dc=com");) > | aci: (targetattr !="cn ||sn || uid")(targetfilter ="(ou=Product > Testing)")(ver > | sion 3.0;acl "QA Group Permissions";allow (write)(groupdn = > "ldap:///cn=QA M > | anagers,ou=groups,dc=example,dc=com");) > | aci: (targetattr !="cn || sn || uid")(targetfilter ="(ou=Product > Development)" > | )(version 3.0;acl "Engineering Group Permissions";allow > (write)(groupdn = "l > | dap:///cn=PD Managers,ou=groups,dc=example,dc=com");) > | creatorsName: cn=directory manager > | modifiersName: cn=directory manager > | createTimestamp: 20050629120832Z > | modifyTimestamp: 20050629120832Z > | nsUniqueId: 821fc9f0-1dd211b2-8050be72-f5080000 > | > | # entry-id: 5 > | dn: ou=Special Users,dc=example,dc=com > | objectClass: top > | objectClass: organizationalUnit > | ou: Special Users > | description: Special Administrative Accounts > | creatorsName: cn=directory manager > | modifiersName: cn=directory manager > | createTimestamp: 20050629120832Z > | modifyTimestamp: 20050629120832Z > | nsUniqueId: 821fc9f1-1dd211b2-8050be72-f5080000 > | > | # entry-id: 6 > | dn: cn=Accounting Managers,ou=groups,dc=example,dc=com > | objectClass: top > | objectClass: groupOfUniqueNames > | cn: Accounting Managers > | ou: groups > | description: People who can manage accounting entries > | creatorsName: cn=directory manager > | modifiersName: cn=directory manager > | createTimestamp: 20050629120832Z > | modifyTimestamp: 20050629120832Z > | nsUniqueId: 821fc9f2-1dd211b2-8050be72-f5080000 > | > | # entry-id: 7 > | dn: cn=HR Managers,ou=groups,dc=example,dc=com > | objectClass: top > | objectClass: groupOfUniqueNames > | cn: HR Managers > | ou: groups > | description: People who can manage HR entries > | creatorsName: cn=directory manager > | modifiersName: cn=directory manager > | createTimestamp: 20050629120832Z > | modifyTimestamp: 20050629120832Z > | nsUniqueId: 821fc9f3-1dd211b2-8050be72-f5080000 > | > | # entry-id: 8 > | dn: cn=QA Managers,ou=groups,dc=example,dc=com > | objectClass: top > | objectClass: groupOfUniqueNames > | cn: QA Managers > | ou: groups > | description: People who can manage QA entries > | creatorsName: cn=directory manager > | modifiersName: cn=directory manager > | createTimestamp: 20050629120832Z > | modifyTimestamp: 20050629120832Z > | nsUniqueId: 821fc9f4-1dd211b2-8050be72-f5080000 > | > | # entry-id: 9 > | dn: cn=PD Managers,ou=groups,dc=example,dc=com > | objectClass: top > | objectClass: groupOfUniqueNames > | cn: PD Managers > | ou: groups > | description: People who can manage engineer entries > | creatorsName: cn=directory manager > | modifiersName: cn=directory manager > | createTimestamp: 20050629120832Z > | modifyTimestamp: 20050629120832Z > | nsUniqueId: 821fc9f5-1dd211b2-8050be72-f5080000 > | > | # entry-id: 10 > | dn: uid=chervatin,dc=example,dc=com > | preferredLanguage: it > | givenName: Gabriele > | ntUserCreateNewAccount: true > | objectClass: top > | objectClass: person > | objectClass: organizationalPerson > | objectClass: inetorgperson > | objectClass: ntuser > | objectClass: posixAccount > | sn;lang-af: Chervatin > | facsimileTelephoneNumber: 338 175 1966 > | uid: chervatin > | mail: gabriele.chervatin at example.com > | uidNumber: 2000 > | cn: Gabriele Chervatin > | ntUserComment: Accoutn Test NT > | loginShell: /bin/bash > | telephoneNumber;lang-af: 338 175 1966 > | gidNumber: 2000 > | ntUserDomainId: gchervatin > | cn;lang-af:: R2FicmllbGUgQ2hlcnZhdGluIA== > | gecos: Gabriele Chervatin > | givenName;lang-af: Gabriele > | homeDirectory: /home/ghcervatin > | sn: Chervatin > | userPassword: {SSHA}** > | creatorsName: > uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot > | modifiersName: > uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoo > | t > | createTimestamp: 20050629131933Z > | modifyTimestamp: 20050629131933Z > | nsUniqueId: 6d483381-1dd211b2-805abe72-f5080000 > | > | # entry-id: 15 > | dn: ou=domains,dc=example,dc=com > | ou: domains > | description: domini di posta > | objectClass: top > | objectClass: organizationalunit > | creatorsName: > uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot > | modifiersName: > uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoo > | t > | createTimestamp: 20050630140356Z > | modifyTimestamp: 20050630140356Z > | nsUniqueId: a9969501-1dd111b2-807fbe72-f5080000 > | > | # entry-id: 17 > | dn: ou=example.com,ou=domains,dc=example,dc=com > | ou: example.com > | objectClass: top > | objectClass: organizationalunit > | creatorsName: > uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot > | modifiersName: > uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoo > | t > | createTimestamp: 20050630140640Z > | modifyTimestamp: 20050630140640Z > | nsUniqueId: 14e06701-1dd211b2-807fbe72-f5080000 > | > | # entry-id: 18 > | dn: uid=vtest1,ou=example.com,ou=domains,dc=example,dc=com > | mail: vtest1 at example.com > | givenName: vtest1 > | objectClass: top > | objectClass: person > | objectClass: organizationalPerson > | objectClass: inetorgperson > | sn: vtest1 > | cn: vtest1 > | userPassword: {SSHA}** > | creatorsName: > uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot > | modifiersName: > uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoo > | t > | createTimestamp: 20050630140725Z > | modifyTimestamp: 20050630142229Z > | nsUniqueId: 38a3ad01-1dd211b2-807fbe72-f5080000 > | uid: vtest1 > | passwordGraceUserTime: 0 > | > | # entry-id: 19 > | dn: uid=vtest2,ou=example.com,ou=domains,dc=example,dc=com > | mail: vtest2 at example.com > | givenName: vtest2 > | objectClass: top > | objectClass: person > | objectClass: organizationalPerson > | objectClass: inetorgperson > | sn: vtest2 > | cn: vtest2 > | userPassword: {SSHA}** > | creatorsName: > uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot > | modifiersName: cn=server,cn=plugins,cn=config > | createTimestamp: 20050630140940Z > | modifyTimestamp: 20050630142223Z > | nsUniqueId: 802a3901-1dd211b2-807fbe72-f5080000 > | uid: vtest2 > | passwordGraceUserTime: 0 > | > | # entry-id: 20 > | dn: uid=vtest3,ou=example.com,ou=domains,dc=example,dc=com > | mail: Vtest3 at example.com > | givenName: vtest3 > | objectClass: top > | objectClass: person > | objectClass: organizationalPerson > | objectClass: inetorgperson > | sn: vtest3 > | cn: vtest3 > | userPassword: {SSHA}** > | creatorsName: > uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot > | modifiersName: cn=server,cn=plugins,cn=config > | createTimestamp: 20050630141046Z > | modifyTimestamp: 20050630142312Z > | nsUniqueId: a3ed7f01-1dd111b2-8080be72-f5080000 > | uid: vtest3 > | passwordGraceUserTime: 0 > | > > - -- > Nathan Benson > http://sourcefire.com/ > > 1C1A F2C1 82AD F75F 9B6B E501 0D73 DC9B E96B DD96 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (GNU/Linux) > > iD8DBQFCxVjKDXPcm+lr3ZYRAjapAKCVVQSVOm6xRevUg3cJPAYArkD25ACgmB36 > rNhKIaws2GGamDWigqc36cc= > =Vb3H > -----END PGP SIGNATURE----- > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3312 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20050701/f6b18cfa/attachment.bin
