Loading ...
Sorry, an error occurred while loading the content.

Re: Postfix, LDAP, Active Directory, NOT exchange

Expand Messages
  • Gellér Sándor
    ... I suggest to reading VIRTUAL_README, maybe virtual_mailbox_domains is what you are looking for. I suggest to create a local database instead of querying
    Message 1 of 4 , Feb 1, 2006
    • 0 Attachment
      james@... wrote:
      > We are trying to configure Postfix create mailboxes for each user that are users on our Windows Active Directory.
      >
      > So that when an email enters, if a user does not already have a mailbox, postfix (through LDAP) queries Active Directory to check if a user exists (using either "mail" attribute, or the sAMAccountName, or whatever you suggest) and then if user exists on AD, creates a mailbox on postfix.
      >
      > All mail would reside on the Postfix server, and would NOT be relayed to an exchange server.
      >
      > Adding another problem, our domain name: example.org does not match our active directory domain: schooldomain.local
      >
      > Which is why we were looking at perhaps stripping the first part of the user account i.e. email to: foo@... would be queried against the sAMAccountName: foo@... or the mail attribute foo@...
      >
      > We can successfully perform an LDAP bind against AD, but postfix reports "User unknown in local recipient table" (local_recipent_maps=aliases ldap/etc/ldap/ldapmaps.cf)
      >
      > ldapmaps.cf attached
      > --------------------------------------
      > server_host = server1.schooldomain.local
      > server2.schooldomain.local
      > server3.schooldomain.local
      > server_port = 389
      > search_base = OU=StaffUsers,,dc=schooldomain,dc=LOCAL
      > query_filter = (mail=%s)
      > bind_dn = CN=PostfixBind,OU=Users,DC=schooldomain,DC=LOCAL
      > bind_pw = postfixpassword
      > version = 3
      > result_attribute = (mail)
      > --------------------------------------
      >
      > Any help appreciated
      >
      > James

      I suggest to reading VIRTUAL_README, maybe virtual_mailbox_domains is
      what you are looking for. I suggest to create a local database instead
      of querying the AD server directly. Use ldapsearch to query the AD,
      create a suitable virtual_mailbox_map from the output, and use a modern
      POP3/IMAP server which can handle virtual users and can authenticate
      from the AD server.

      --
      Sandor Geller
      wildy@...
    • Tim Weippert
      Hi, ... If you want to search for user@schooldomain.local you can t user mail=%s as query filter. For this you should user something like
      Message 2 of 4 , Feb 1, 2006
      • 0 Attachment
        Hi,

        On Wed, Feb 01, 2006 at 10:01:39AM +0000, james@... wrote:
        > We are trying to configure Postfix create mailboxes for each user that are users on our Windows Active Directory.
        >
        > So that when an email enters, if a user does not already have a mailbox, postfix (through LDAP) queries Active Directory to check if a user exists (using either "mail" attribute, or the sAMAccountName, or whatever you suggest) and then if user exists on AD, creates a mailbox on postfix.
        >
        > All mail would reside on the Postfix server, and would NOT be relayed to an exchange server.
        >
        > Adding another problem, our domain name: example.org does not match our active directory domain: schooldomain.local
        >
        > Which is why we were looking at perhaps stripping the first part of the user account i.e. email to: foo@... would be queried against the sAMAccountName: foo@... or the mail attribute foo@...
        >
        > We can successfully perform an LDAP bind against AD, but postfix reports "User unknown in local recipient table" (local_recipent_maps=aliases ldap/etc/ldap/ldapmaps.cf)
        >
        > ldapmaps.cf attached
        > --------------------------------------
        > server_host = server1.schooldomain.local
        > server2.schooldomain.local
        > server3.schooldomain.local
        > server_port = 389
        > search_base = OU=StaffUsers,,dc=schooldomain,dc=LOCAL
        > query_filter = (mail=%s)
        > bind_dn = CN=PostfixBind,OU=Users,DC=schooldomain,DC=LOCAL
        > bind_pw = postfixpassword
        > version = 3
        > result_attribute = (mail)
        > --------------------------------------

        If you want to search for user@... you can't user mail=%s
        as query filter. For this you should user something like
        (mail=%u@...).

        For the rest try to look into the VIRTUAL_README.

        HTH,

        tim

        --
        The whole world is a scab. The point is to pick it constructively.
        -- Peter Beard

        Tim Weippert <weiti@...>
        http://www.topf-sicret.org/
      • Victor Duchovni
        ... Define mailbox ? Postfix is not an IMAP or POP server. How are the users going to access their mail? * Login to Unix and use mutt , elm , pine , ... ?
        Message 3 of 4 , Feb 1, 2006
        • 0 Attachment
          On Wed, Feb 01, 2006 at 10:01:39AM +0000, james@... wrote:

          > So that when an email enters, if a user does not already have a mailbox,
          > postfix (through LDAP) queries Active Directory to check if a user exists
          > (using either "mail" attribute, or the sAMAccountName, or whatever you
          > suggest) and then if user exists on AD, creates a mailbox on postfix.

          Define "mailbox"? Postfix is not an IMAP or POP server. How are the users
          going to access their mail?

          * Login to Unix and use "mutt", "elm", "pine", ... ?
          * Via qpopper or similar that access /var/spool/mail/$user mboxes?
          * Via WU-IMAP (which also supports mbox)?
          * Via Courier IMAP?
          * Via Dovecot?
          * Via Cyrus IMAP?

          Understanding this first is critical.

          > --------------------------------------
          > server_host = server1.schooldomain.local
          > server2.schooldomain.local
          > server3.schooldomain.local
          > server_port = 389
          > search_base = OU=StaffUsers,,dc=schooldomain,dc=LOCAL
          > query_filter = (mail=%s)
          > bind_dn = CN=PostfixBind,OU=Users,DC=schooldomain,DC=LOCAL
          > bind_pw = postfixpassword
          > version = 3
          > result_attribute = (mail)

          The result_attribute value is wrong, have you tested this table with
          "postmap -q" as advised in DATABASE_README or LDAP_README? Did you or
          will you first test your system with indexed files (dbm, hash, btree or
          cdb) and only then try LDAP?

          --
          Viktor.

          Disclaimer: off-list followups get on-list replies or get ignored.
          Please do not ignore the "Reply-To" header.

          To unsubscribe from the postfix-users list, visit
          http://www.postfix.org/lists.html or click the link below:
          <mailto:majordomo@...?body=unsubscribe%20postfix-users>

          If my response solves your problem, the best way to thank me is to not
          send an "it worked, thanks" follow-up. If you must respond, please put
          "It worked, thanks" in the "Subject" so I can delete these quickly.
        Your message has been successfully submitted and would be delivered to recipients shortly.