Postfix ldap query for enabled\active members only

0
votes

Please help me to find how to do this. I have postfix integrated with AD and I have some issue with alias maps.

Here is my virtual_alias_maps.cf:

server_host     = test.local
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = [email protected]
bind_pw         = password
search_base     = dc=test,dc=local
scope           = sub
query_filter    = (&(mail=%s)(member=*))
special_result_attribute = member
leaf_result_attribute = mail
debuglevel      = 0

It works fine, but I need to select only ENABLED users in group, not all. And with a nested group(s).

Thanks in advance.

1
active-directorypostfix-mtaldap-query

1 Answers

0
votes

Solution

cat /etc/postfix/main.cf
...
virtual_alias_maps = pipemap:{ldap:/etc/postfix/ldap/ad_virtual_group.cf, ldap:/etc/postfix/ldap/ad_virtual_group_members.cf}
...

cat /etc/postfix/ldap/ad_virtual_group.cf
...
query_filter     = (&(mail=%s)(objectClass=group)(member=*))
result_attribute = distinguishedName
...

cat /etc/postfix/ldap/ad_virtual_group_members.cf
...
query_filter     = (&(userPrincipalName=*)(mail=*)(memberOf:1.2.840.113556.1.4.1941:=%s)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
result_attribute = mail
...

Check:

postmap -vfq "[email protected]" "pipemap:{ldap:/etc/postfix/ldap/ad_virtual_group.cf, ldap:/etc/postfix/ldap/ad_virtual_group_members.cf}"

Apply:

posfix reload