Create email aliases directly in LDAP

Support
, , ,
2

About the LDAP and commands

The LDAP database is visible at

/etc/ldap/slapd.d/

Changing of the LDAP is not possible with the usual commands:

* ldapadd
* ldapmodify
* ldappdelete
* etc.

because crednetials are to be entered

The solution is to connect as root, and then use the slap commands:

* add entries
    slapadd -l file.ldif    

* change entries
    slappmodify -l file.ldif

* list of the LDAP
    slapcat

* search for info on 'uid'
    ldapsearch -x -LLL -b dc=yunohost,dc=org 'uid=contact'

format of LDIF File

never start by empty line
see manuals

First: create LDAP organization for aliases

slapadd -l fichier.ldif

fichier.ldif is

dn: ou=alias,dc=yunohost,dc=org
objectClass: organizationalUnit
objectClass: top
ou: alias
structuralObjectClass: organizationalUnit

Exemple 1 ; creating aliases for contact1 and contact2

slapadd -l fichier.ldif

fichier.ldif :

dn: ou=alias,dc=yunohost,dc=org
objectClass: organizationalUnit
objectClass: top
ou: alias
structuralObjectClass: organizationalUnit

dn: uid=contact1,ou=alias,dc=yunohost,dc=org
uid: annabelle
objectClass: inetOrgPerson
objectClass: mailAccount
cn: Contact1 NAME1
sn: NAME1
mail: Contact1@domain.tld
maildrop: contact1@yahoo.fr

dn: uid=contact2,ou=alias,dc=yunohost,dc=org
uid: contact2
objectClass: inetOrgPerson
objectClass: mailAccount
cn: contact2 NAME2
sn: NAME2
mail: contact2@domain.tld
maildrop: contact2@wanadoo.fr
maildrop: contact2@gmail.com

Exemple 2 : deleting entries

slapmodify -l fichier.ldif

fichier.ldif:

dn: uid=contact1,ou=alias,dc=yunohost,dc=org
changetype: delete

dn: uid=contact2,ou=alias,dc=yunohost,dc=org
changetype: delete

Adapting Postfix

It is now necessary to authorize Postfix to handle these incoming emails.
Postfix uses filters that have to be changed.
they are in

/etc/postfix/ldap-aliases.cf
/etc/postfix/ldap-accounts.cf

The actual value of the filter is:

query_filter = (&(objectClass=mailAccount)(mail=%s)(permission=cn=mail.main,ou=permission,dc=yunohost,dc=org))

The new value must be:

query_filter = (&(objectClass=mailAccount)(mail=%s))

beware, Yunoost diadnosis will warn you next time. Just keep these changed files

Backup

Yunohost will keep these alias values in core backup.

Links

see also