Re: Searching a different ou

> Hi,
>
>      In order to reduce the number of spam e-mails that our users get, I
> have been working on setting up a new mail server for the college that I
> work for. Users' information is stored in LDAP and postfix authenticates
> mail users through PAM, which in turn uses its LDAP module. This works for
> the majority of the email accounts, with postfix rejecting invalid users and
> accepting those that do have an account. However, there are a few email
> accounts that are shared by several individuals and are stored differently
> in ldap.  The users that are able to properly have mail delivered to them
> return the following when I perform an LDAP search:
>
> dn: cn=someuser,ou=accounts,ou=caedm,dc=et,dc=byu,dc=edu
>
> While those that have mail rejected by postfix return this:
>
> dn: cn=someuser,ou=mail,ou=caedm,dc=et,dc=byu,dc=edu
>
> with the cn being replaced by the various user trying to send or receive
> mail.
>
>      To figure out why the difference of ou=accounts and ou=mail did not
> cause a problem with the mail servers that were previoiusly in production, I
> checked the logs on the ldap server, and the following is the query that is
> sent by the new mail server
>
> slapd[5678]: conn=1410207 op=35 SRCH
> base="ou=accounts,ou=caedm,dc=et,dc=byu,dc=edu" scope=2 deref=0
> filter="(&(objectClass=posixAccount)(uid=someuser))"
>
> and this is the query sent by the old mail server.
>
> slapd[5683]: conn=1435049 op=2 SRCH base="ou=caedm,dc=et,dc=byu,dc=edu"
> scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=someuser))"
>
>       My question is where is it that I would specify to search using only
> "ou=caedm" rather that "ou=accounts,ou=caedm" so that these users can use
> mail on the new server. The /etc/ldap.conf file is identical between the old
> and new mail servers, and I'm not sure where else to look.