On Tue, Mar 19, 2013 at 08:00:51PM +0100, Patrick Lists wrote:
> On 03/19/2013 04:22 PM, Viktor Dukhovni wrote:
> >Nothing unusual at all about canonical mapping, the only anomaly
> >I'm making a fuss about is the underlying data model. It is OK to
> >turn secondary addresses into primary, it is generally risky to
> >try to turn target (delivery) addresses back into original addresses,
> >since the mapping is often not one-to-one (and the need to introduce
> >many-to-one may arise later).
>
> Thanks, I'll think this over more as I try to wrap my head around
> this. When I stray into this issue I'll make sure to reread your
> much appreciated advice. And probably a few more RFCs.
>
> Initially I thought adding LDAP was a fun idea. Given the archaic
> nature and complexity of this beast I'm not so sure anymore. I'm
> beginning to understand why I've heard sysadmins say that Microsoft
> has done a nice job with AD of hiding the complexity and making it
> work. But this is getting OT so I'll leave it at that.
Just in terms of data models and Microsoft, the corresponding pieces
in that case are:
mail: prim...@example.com
proxyAddresses: smtp:prim...@example.com
proxyAddresses: smtp:second...@example.com
proxyAddresses: ...
<some-mailbox-attribute>: mailbox
so it would be reasonable to use "proxyAddresses=smtp:%s" as the
lookup key for a canonical mapping with "mail" as the result, but
not reasonable to map the <some-mailbox-attribute> back to mail.
Don't think LDAP, think data-model, and then map that onto LDAP,
if you're not too discouraged.
--
Viktor.
