ldap (was ldapx)
The Lightweight Directory Access Protocol V8.8 and later
LDAP stands for Lightweight Directory Access Protocol and provides access to a service based on X.500. Additional information about LDAP is available from:
http://www.ldapman.org/ |
The ldap
database-map type is used to look up items in that
directory service. (Prior to V8.10, this was called
ldapx
to
reflect its experimental condition at the time. That
prior name still works but is deprecated.) The
ldap
database-map type is declared like this:
Kname ldap switches
Lookups via LDAP are defined entirely by the switches specified. To illustrate, consider the following X.500 entry:
cn=Full Name, o=Organization, c=US sn=Name uid=yourname mail=yourname@mailhub.your.domain objectclass=person objectclass=deptperson
To look up a login name in this database and have the official email address for that user returned, you might use a declaration such as this:
Kgetname ldap -k"uid=%s" -v"mail" -hldap_host -b"o=Organization, c=US"
Here we use only three switches:
The
-k
switch is in the form of anldap_search
(3) filter. Here, the key will replace the%s
and then the whole expression will be searched using the new key.The
-b
switch is necessary if you wish to specify the base from which to search.The
-h
switch is required to specify the host to contact to perform the lookup.
The -k
, -h
, and -v
switches are
mandatory.
You can omit selected switches from the K
configuration command
by defining them with the LDAPDefaultSpec
option (LDAPDefaultSpec ...
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.