> On Apr 1, 2016, at 10:06 AM, tbucha...@vinu.edu wrote:
>
> My successful ldapsearch command is this: ldapsearch -x -H
> ldap://ldapserver.example.com:389/ -b
> "ou=People,o=oldserver.example.com,o=example.com" -D "uid=admin,
> ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" -w "bindpw"
> "(pdsLoginId=user)" mailForwardingAddress
Postfix rewriting for virtual users maps input email addresses
to forwarding email addresses, not user accounts to forwarding
addresses.
> I have these lines in my main.cf:
> alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-virtual-aliases.cf
> virtual_alias_maps = ldap:/etc/postfix/ldap-virtual-aliases.cf
The same table is unlikely to be useful as both an aliases(5) table
and a virtual(5) alias table.
If at all possible there needs to be a field in the LDAP schema
that contains the full user@domain addresses that you want to
forward, and NOT the just the localpart of the address.
> The content of /etc/postfix/ldap-virtual-aliases.cf is:
> server_host = ldapserver.example.com:389
> search_base = ou=People,o=oldserver.example.com,o=example.com
> bind = yes
> bind_dn = uid=admin, ou=Administrators, ou=Management, o=VendorRoot
> bind_pw = bindpw
> query_filter = pdsLoginId=%u
> result_attribute = mailForwardingAddress
This map definition is rather bad, because it would rewrite addresses
in remote domains. At the very least you'd have to set the "domain"
property to constrain the domains for which you're ignoring the domain
part and querying by user address.
> I am using the query filter with the %u to only use the user part of the
> original email address. I would like to forward/relay the mail to the
> mailForwardingAddress attribute from the LDAP info.
You're not thinking through all the consequences. Just ignoring the
domain part is not correct.
--
Viktor.
