brucepennypacker
asked on
Configuring sendmail to perform LDAP address lookups
In a nutshell I need to set up a sendmail server (running on CentOS linux) that will look up recipient addresses via LDAP and I'm not having much luck. From what I've read we need to configure sendmail to use LDAP and it looks like I want to use the genericstable for LDAP queries but it doesn't look like its working for me.
Here are the gory details: We have an environment where we have a fairly large LDAP database of users and their primary e-mail addresses. We have a high-performance research cluster (and a second one being planned) that these users can log into and submit jobs for processing. Right now any e-mail generated as a result of those jobs is getting lost because sendmail was never configured properly. We need to set up sendmail to do a lookup in LDAP to determine a users primary e-mail address and use that as the delivery address.
To summarize our LDAP configuration, a typical entry contains the following fields (assuming myself) in ObjectClass=fooPerson:
cn: Bruce Pennypacker
uid: bpennypa (my login name on the servers)
mail: bruce.pennypacker@... (my primary e-mail address)
Assume the base DN for our LDAP setup is "dc=foo,dc=bar"
I know that LDAP lookups work properly from this particular server. I wrote a quick little perl script to verify that it can query the LDAP server and it's working properly.
The first thing I did was build a custom version of sendmail, enabling the LDAPMAP option. This is showing up in the sendmail output when I use -d so I'm sure it was built properly. I then added the following to my sendmail .mc file:
define(`confLDAP_DEFAULT_S
FEATURE(`ldap_routing')dnl
FEATURE(`genericstable', `ldap:-k (&(objectClass=fooPerson)(
I rebuilt sendmail.cf after doing the above and see the following in that file:
# default LDAP map specification
# need to set this now before any LDAP maps are defined
O LDAPDefaultSpec=-p 389 -h ldap.foobar.com -b dc=foo,dc=bar
# LDAP routing maps
Kldapmh ldap -1 -T<TMPF> -v mailHost -k (&(objectClass=inetLocalMa
Kldapmra ldap -1 -T<TMPF> -v mailRoutingAddress -k (&(objectClass=inetLocalMa
# Generics table (mapping outgoing addresses)
Kgenerics ldap:-k (&(objectClass=fooPerson)(
But if I run sendmail -d -bv bpennypa to see if it'll do a lookup and convert the name it doesn't work. I end up with a "user unknown" error. The debug output doesn't seem to indicate any LDAP query occurring. So what am I missing?
Here are the gory details: We have an environment where we have a fairly large LDAP database of users and their primary e-mail addresses. We have a high-performance research cluster (and a second one being planned) that these users can log into and submit jobs for processing. Right now any e-mail generated as a result of those jobs is getting lost because sendmail was never configured properly. We need to set up sendmail to do a lookup in LDAP to determine a users primary e-mail address and use that as the delivery address.
To summarize our LDAP configuration, a typical entry contains the following fields (assuming myself) in ObjectClass=fooPerson:
cn: Bruce Pennypacker
uid: bpennypa (my login name on the servers)
mail: bruce.pennypacker@... (my primary e-mail address)
Assume the base DN for our LDAP setup is "dc=foo,dc=bar"
I know that LDAP lookups work properly from this particular server. I wrote a quick little perl script to verify that it can query the LDAP server and it's working properly.
The first thing I did was build a custom version of sendmail, enabling the LDAPMAP option. This is showing up in the sendmail output when I use -d so I'm sure it was built properly. I then added the following to my sendmail .mc file:
define(`confLDAP_DEFAULT_S
FEATURE(`ldap_routing')dnl
FEATURE(`genericstable', `ldap:-k (&(objectClass=fooPerson)(
I rebuilt sendmail.cf after doing the above and see the following in that file:
# default LDAP map specification
# need to set this now before any LDAP maps are defined
O LDAPDefaultSpec=-p 389 -h ldap.foobar.com -b dc=foo,dc=bar
# LDAP routing maps
Kldapmh ldap -1 -T<TMPF> -v mailHost -k (&(objectClass=inetLocalMa
Kldapmra ldap -1 -T<TMPF> -v mailRoutingAddress -k (&(objectClass=inetLocalMa
# Generics table (mapping outgoing addresses)
Kgenerics ldap:-k (&(objectClass=fooPerson)(
But if I run sendmail -d -bv bpennypa to see if it'll do a lookup and convert the name it doesn't work. I end up with a "user unknown" error. The debug output doesn't seem to indicate any LDAP query occurring. So what am I missing?
ASKER
Well that redhat link just shows how to enable ldap routing which isn't what I'm trying to do. I'm trying to do ldap based address translation. The first link pretty much covered everything I've already attempted without any luck.
I did finally figure this out on my own after a bit more testing. I didn't want to be using the generics table but the aliases table. Here's what I needed to make this work:
define(`confLDAP_DEFAULT_S
define(`ALIAS_FILE', `/etc/aliases,ldap:-k (&(objectClass=fooPerson)(
I did finally figure this out on my own after a bit more testing. I didn't want to be using the generics table but the aliases table. Here's what I needed to make this work:
define(`confLDAP_DEFAULT_S
define(`ALIAS_FILE', `/etc/aliases,ldap:-k (&(objectClass=fooPerson)(
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://logout.sh/computers/sendmail/
http://www.redhatlinux.com/docs/manuals/linux/RHL-7.1-Manual/ref-guide/s1-sendmail-ldap.html