|
»
»
»
« Return to Thread: Searching a different ou
Searching a different ou
by The_Q
::
Rate this Message:
Hi,
In order to reduce the number of spam e-mails that our users get, I have been working on setting up a new mail server for the college that I work for. Users' information is stored in LDAP and postfix authenticates mail users through PAM, which in turn uses its LDAP module. This works for the majority of the email accounts, with postfix rejecting invalid users and accepting those that do have an account. However, there are a few email accounts that are shared by several individuals and are stored differently in ldap. The users that are able to properly have mail delivered to them return the following when I perform an LDAP search:
dn: cn=someuser,ou=accounts,ou=caedm,dc=et,dc=byu,dc=edu
While those that have mail rejected by postfix return this:
dn: cn=someuser,ou=mail,ou=caedm,dc=et,dc=byu,dc=edu
with the cn being replaced by the various user trying to send or receive mail.
To figure out why the difference of ou=accounts and ou=mail did not cause a problem with the mail servers that were previoiusly in production, I checked the logs on the ldap server, and the following is the query that is sent by the new mail server
slapd[5678]: conn=1410207 op=35 SRCH base="ou=accounts,ou=caedm,dc=et,dc=byu,dc=edu" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=someuser))"
and this is the query sent by the old mail server.
slapd[5683]: conn=1435049 op=2 SRCH base="ou=caedm,dc=et,dc=byu,dc=edu" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=someuser))"
My question is where is it that I would specify to search using only "ou=caedm" rather that "ou=accounts,ou=caedm" so that these users can use mail on the new server. The /etc/ldap.conf file is identical between the old and new mail servers, and I'm not sure where else to look.
Thanks in advance
In order to reduce the number of spam e-mails that our users get, I have been working on setting up a new mail server for the college that I work for. Users' information is stored in LDAP and postfix authenticates mail users through PAM, which in turn uses its LDAP module. This works for the majority of the email accounts, with postfix rejecting invalid users and accepting those that do have an account. However, there are a few email accounts that are shared by several individuals and are stored differently in ldap. The users that are able to properly have mail delivered to them return the following when I perform an LDAP search:
dn: cn=someuser,ou=accounts,ou=caedm,dc=et,dc=byu,dc=edu
While those that have mail rejected by postfix return this:
dn: cn=someuser,ou=mail,ou=caedm,dc=et,dc=byu,dc=edu
with the cn being replaced by the various user trying to send or receive mail.
To figure out why the difference of ou=accounts and ou=mail did not cause a problem with the mail servers that were previoiusly in production, I checked the logs on the ldap server, and the following is the query that is sent by the new mail server
slapd[5678]: conn=1410207 op=35 SRCH base="ou=accounts,ou=caedm,dc=et,dc=byu,dc=edu" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=someuser))"
and this is the query sent by the old mail server.
slapd[5683]: conn=1435049 op=2 SRCH base="ou=caedm,dc=et,dc=byu,dc=edu" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=someuser))"
My question is where is it that I would specify to search using only "ou=caedm" rather that "ou=accounts,ou=caedm" so that these users can use mail on the new server. The /etc/ldap.conf file is identical between the old and new mail servers, and I'm not sure where else to look.
Thanks in advance
« Return to Thread: Searching a different ou
| Free Forum Powered by Nabble | Forum Help |