postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: LDAP, groups and users without local accounts

Re: LDAP, groups and users without local accounts

From: Victor Duchovni <Victor.Duchovni_at_nospam>
Date: Tue Oct 12 2010 - 14:29:55 GMT
To: postfix-users@postfix.org

On Tue, Oct 12, 2010 at 10:05:10AM +0200, Jakob Lenfers wrote:

> perhaps you guys can help me. I'm integrating postfix into our ldap
> environment. We have groups (posixGroup) with memberUids in them (e.g.
> lenfers for me). Adding mail info to those groups works and all local users
> get resolved correctly. But sometimes there are users (e.g. externuser)
> that need to be in those groups (rights and mail related) but have only an
> external mail account. I cannot find a setup so that this is resolved
> accordingly, because postfix tries to deliver the mail to the memberUids
> (externuser instead of externuser@gmail.com).

If your posixGroup objects have a multi-valued member attribute that is a
sequence of strings representing login names, you must use /etc/aliases
or .forward files to handle mail for any user accounts that require remote
delivery.

If the posixGroup lists a sequence of member DNs, you can express
queries that directly fetch the primary mail address of the underlying
user. I am guessing the memberDN scenario is not what you've got in your
schema.

-- Viktor.