[Date Prev][Date Next]
Re: does sendmail work with ldap groups?
Just a note that unlike other MTA's exim supports LDAP as a generic lookup
tool. Anywhere in the configuration file that you can specify a string you
can specify a lookup. And the lookup can be an LDAP search URL.
This means that while exim doesn't directly support any particular mail routing
concept vis a vis LDAP or LDAP groups specifically. But both concepts can be
implemented and used in an exim installation with a little effort.
See www.exim.org for more info on exim.
On Thu, Oct 14, 1999 at 05:18:36PM -0400, Chris Winters wrote:
> Sendmail may support this in the future. See:
> for people who have made the hack themselves.
> Me, I was a little scared futzing around with Sendmail code in a
> (for me) non-trivial way. So we worked around this problem by rolling
> our own -- an admin can edit groups via a web interface and an entry
> in /etc/aliases for that group directs the mail to a perl script that
> looks up the group in the LDAP server and sends the mail to the
> necessary people on the list.
> AFAIK, it's working okay. (I haven't received any panicked calls about
> it *not* working :) I'd be happy to share, but there are likely issues
> with doing this on a large scale that I haven't considered. This
> solution works for 80 people in a central office and about a dozen
> scattered around the Washington, D.C. area. Also, this doesn't do any
> sort of authentication checking -- anyone can send a message to any group.
> > Hi,
> > I'm in the process of migrating our userbase (~1500 users) from a
> > Netscape Messaging/Directory setup running on WindowsNT to
> > OpenLDAP/Sendmail/pop/IMAP/nss_ldap/pam_ldap running on RedHat Linux. So
> > far I've gotten everything to work perfectly. I can send mail, check
> > mail, etc with users only existing in the LDAP servers. However one big
> > thing I'm missing at this point is groups. In our existing Netscape
> > server we have lots of groupOfUniqueNames with uniquemembers in
> > them. Netscape's mail server can use these as email groups, and there (I
> > think, though don't hold me on this) are restrictions you can put on
> > these groups that only members in the group can email to the group,
> > etc. My questions is this: Will sendmail work with these groups (or
> > anyother groups stored in LDAP?
> > We are using the default sendmail (at this point anyways) that came with
> > RedHat, in otherwords we have no special LDAP support compiled
> > in. Sendmail currently works with nss_ldap and pam_ldap so it seems to be
> > working with LDAP just fine.
> > Does anybody have any experience with this or suggestions?
> > If we can't get sendmail to use group stored in LDAP for email groups and
> > get some sort of access control on them, we'll be forced to use majordomo
> > or something like that for lists (which won't be near as nice).
> > Also the current groups work for authentication web based services via the
> > auth_ldap apache module, so the solution needs to work with that too.
Stuart Lynne <email@example.com> __O
<http://edge.fireplug.net> _-\<,_ 604-461-7532
PGP Fingerprint: 28 E2 A0 15 99 62 9A 00 (_)/ (_) 88 EC A3 EE 2D 1C 15 68