Nerijus Kislauskas: > On 10/26/2011 08:11 PM, Viktor Dukhovni wrote: > > The LDAP table driver considers entries that match the query filter, > > but which lack the requested attributes, or have only empty values > > for the requested attributes to not be matching attributes. The Postfix > > dictionary abstraction above the Postfix LDAP driver therefore only sees > > entries with non-empty result (or leaf or terminal) attributes. > > Hi Victor and others, > > So in other words you want to say, that "our implementation of ldap > lookup table is strongly tied to LDAP ACLs. When I have enought rights > to read something from LDAP, entry exists, and when my drunk LDAP admin > thinks, that I have too much rights, lookup will fail, even when I got 1 > entry match". Wake up guys. [insults deleted]
You're welcome to provide a better design, provided that ***it does not break the Postfix table lookup interface***. You can start reading at http://www.postfix.org/DATABASE_README.html Wietse
