What I used to do in openldap was use an objectclass inetLocalMailRecipient which was defined in the ''misc.schema'' and my primary usage was to use an attribute inetLocalMailAddress to stuff additional addresses as aliases because I struggled with multiple values in the mail attribute. Obviously I can import the openldap schema that I was using into FDS but now I am thinking that it is probably a better idea to re-examine my usage. To reduce my questions to basic... - is the mail attribute multi-valued? - How do I determine which attributes are multi-valued? - Is there an attribute better used for mail aliases? Thanks Craig
Craig White wrote:> What I used to do in openldap was use an objectclass > inetLocalMailRecipient which was defined in the ''misc.schema'' and my > primary usage was to use an attribute inetLocalMailAddress to stuff > additional addresses as aliases because I struggled with multiple values > in the mail attribute.The mail attribute is not multi-valued.> Obviously I can import the openldap schema that I was using into FDS but > now I am thinking that it is probably a better idea to re-examine my > usage.Why?> To reduce my questions to basic... > > - is the mail attribute multi-valued?No.> - How do I determine which attributes are multi-valued?Attributes are multi-valued by default. If you want them to be single-valued, you must specify it in the schema: attributeTypes: ( 1.3.6.1.4.1.300.1.8.1 NAME ''fooName'' DESC ''Foo Name'' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )> - Is there an attribute better used for mail aliases?That depends on the usage. If you are setting up an MTA to do deliveries based on LDAP queries, then the MTA might use multiple attributes. Qmail-LDAP reads "mail" first, and then "mailAlternateAddress" (which is multi-valued) second. So, with Qmail-LDAP, a user''s main address is assigned to mail and all subsequent addresses are assigned to mailAlternateAddress. See the following schema for examples: http://www.bayour.com/openldap/schemas/qmail.schema -- mike
Pierangelo Masarati wrote:> On Sat, 2005-12-10 at 13:47 +0200, Mike Jackson wrote: > >>>- is the mail attribute multi-valued? >> >>No. > > > ?!? > > from RFC 2798: > > ( 0.9.2342.19200300.100.1.3 > NAME ''mail'' > EQUALITY caseIgnoreIA5Match > SUBSTR caseIgnoreIA5SubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) > >Sorry, I contradicted myself :-) -- mike
On Sat, 2005-12-10 at 13:47 +0200, Mike Jackson wrote:> > - is the mail attribute multi-valued? > > No.?!? from RFC 2798: ( 0.9.2342.19200300.100.1.3 NAME ''mail'' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) p. Ing. Pierangelo Masarati Responsabile Open Solution SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------
On Sat, 2005-12-10 at 13:47 +0200, Mike Jackson wrote:> Craig White wrote: > > What I used to do in openldap was use an objectclass > > inetLocalMailRecipient which was defined in the ''misc.schema'' and my > > primary usage was to use an attribute inetLocalMailAddress to stuff > > additional addresses as aliases because I struggled with multiple values > > in the mail attribute. > > The mail attribute is not multi-valued. > > > > Obviously I can import the openldap schema that I was using into FDS but > > now I am thinking that it is probably a better idea to re-examine my > > usage. > > Why? > > > > To reduce my questions to basic... > > > > - is the mail attribute multi-valued? > > No. > > > - How do I determine which attributes are multi-valued? > > Attributes are multi-valued by default. If you want them to be > single-valued, you must specify it in the schema: > > attributeTypes: ( > 1.3.6.1.4.1.300.1.8.1 > NAME ''fooName'' > DESC ''Foo Name'' > SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 > SINGLE-VALUE > ) > > > - Is there an attribute better used for mail aliases? > > That depends on the usage. If you are setting up an MTA to do deliveries > based on LDAP queries, then the MTA might use multiple attributes. > > Qmail-LDAP reads "mail" first, and then "mailAlternateAddress" (which is > multi-valued) second. So, with Qmail-LDAP, a user''s main address is > assigned to mail and all subsequent addresses are assigned to > mailAlternateAddress. > > See the following schema for examples: > > http://www.bayour.com/openldap/schemas/qmail.schema---- OK - I don''t use Qmail and it does require loading an alternate schema which means that I am no better off than just keep doing the things that I''ve been doing which is the use the ''misc'' schema from openldap. I am capable of entering multiple values into ''mail'' attribute but have had some issues with delivery when I used them which is when I went the alternative attribute for mail aliases. Thanks Craig
Craig, I''ve been using: objectClasses: ( 1.3.6.1.4.1.10147.1 NAME ''inetLocalMailRecipient'' SUP inetorg person STRUCTURAL MAY ( mailAlternateAddress $ mailHost $ mailRoutingAddress ) X-ORIGIN ''user defined'' ) The attributes already exist with FDS, but I used that objectclass because of some legacy configs that had it (for reasons I forget - maybe because it was what OpenLDAP used at the time, but my Netscape Directory server had the other attributes for NS Messaging services). Works fine for me - aliases go in mailAlternateAddress, final destination mailbox is mailRoutingAddress. The mail attribute is what''s displayed publicly for address book type lookups. Postfix checks mailAlternateAddress, if it finds a match, it relays the message to the account at mailRoutingAddress. Kevin -- Kevin M. Myer Senior Systems Administrator Lancaster-Lebanon Intermediate Unit 13 http://www.iu13.org
On Mon, 2005-12-12 at 15:34 -0500, Kevin M. Myer wrote:> Craig, > > I''ve been using: > > objectClasses: ( 1.3.6.1.4.1.10147.1 NAME ''inetLocalMailRecipient'' SUP inetorg > person STRUCTURAL MAY ( mailAlternateAddress $ mailHost $ mailRoutingAddress > ) X-ORIGIN ''user defined'' ) > > The attributes already exist with FDS, but I used that objectclass > because of some legacy configs that had it (for reasons I forget - > maybe because it was what OpenLDAP used at the time, but my Netscape > Directory server had the other attributes for NS Messaging services). > Works fine for me - aliases go in mailAlternateAddress, final > destination mailbox is mailRoutingAddress. The mail attribute is > what''s displayed publicly for address book type lookups. Postfix > checks mailAlternateAddress, if it finds a match, it relays the message > to the account at mailRoutingAddress.That definitely sounds like a personalization of <draft-lachman-laser- ldap-mail-routing>, which expired in 2001 and was initially implemented in sendmail and later replaced by more sophisticated inhouse schemas, while other MTAs directly took their own direction. Only, that draft uses mailLocalAddress instead of mailAlternateAddress (which definitely sounds like a Netscape dfined attribute), and it''s AUXILIARY rather than derived from inetOrgPerson. p. Ing. Pierangelo Masarati Responsabile Open Solution SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------