我正在尝试为我的Postfix设置构建一个ldap过滤器,它充当下面的示例伪代码:
return uidNumber OF objectClass=posixAccount IF they have a ou=mail AND the mailAddress in this ou=mail IS EQUAL to test@Mydomain.TLD
更具体这样,而%s持有例如:test@Mydomain.TLD:
search_base = ou=people,dc=Mydomain,dc=TLD
query_filter = ( &(objectClass=posixAccount)(ou=mail)(mailAddress=%s) )
result_attribute = uidNumber
但规则(ou = mail)不起作用,我无法弄清楚如何过滤这个ou = mail。我的LDAP结构如下所示:
=> DC = MYDOMAIN,DC = TLD
==> OU =人
===> UID =用户1
====> uidNumber = 4035
====> OU =邮件
=====> mailAddress=test@Mydomain.TLD
===> UID =用户2
这是我将常规用户添加到LDAP DB的方式:
cat << EOF > ./add_user.ldif
dn: uid=User-1,ou=people,dc=MyDomain,dc=TLD
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uidNumber: 2001
gidNumber: 2001
homeDirectory: /home/User-1
loginShell: /usr/local/bin/bash
uid: User-1
userPassword: TopSecretPassword
displayName: User-1
givenName: User-1
mail: SomeMail@SomeDomain.TLD
telephoneNumber: 0123456
cn: User-1
sn: Surname
o: Some Corporation
jpegPhoto:< file://Picture.jpg
EOF
然后我会添加User-1的邮件容器,其中包含托管相关信息的所有邮件。
cat << EOF > ./add_users_mail_container.ldif
dn: ou=mail,uid=User-1,ou=people,dc=MyDomain,dc=TLD
objectclass: top
objectclass: organizationalUnit
ou: mail
EOF
现在我将邮件帐户添加到ou = mail容器中。这个想法是,这可以使用不同的mailAddress重复几次:
cat << EOF > /add_users_mail_account.ldif
dn: mailAddress=test@Mydomain.TLD,ou=mail,uid=User-1,ou=people,dc=MyDomain,dc=TLD
objectclass: mailAccount
mailAddress: test@Mydomain.TLD
MailPassword: {SSHA}TopSecretPasswordHash
MailAccountStatus: active
mailStorageDirectory: /home/User-1/mail
#mailAlias: NONE
mailDelivery: dovecot
mailSizeMax: 10240
mailReplyText: Nothing to reply here
mailQuotaSize: 10240
mailQuotaCount: 0
mailservice: smtp
mailservice: pop3
mailservice: imap
mailservice: managesieve
EOF
答案 0 :(得分:0)
您无法通过单个搜索过滤器执行此操作。搜索过滤器中的所有条件仅适用于单个对象。
但在您的情况下,过滤器中涉及3个对象:
<强>替代:
另一种方法是首先搜索mailAccount(grand child)对象
(&(objectClass=mailAccount)(mailAccount=test@Mydomain.TLD))
然后获取uidNumber的搜索结果的父级父级。