我已经在 dc 上设置了 samba4,我的用户和组登录时运行良好。我在我的 dc 上安装了 postfix/dovecot 邮件服务器,它可以很好地处理单个用户邮件地址,发送和接收。但是当我尝试接收一组用户的邮件时,我收到邮件无法送达、未找到用户的错误。只是为了澄清一下,我不想以组为单位发送邮件,只想将一封邮件接收到多个帐户。
我正在使用 sAMAccountname 属性进行用户查找,因此我可以理解未找到用户的错误。
我还了解针对 samba4 广告的 ldap 查询应该返回所有应该接收邮件的电子邮件地址,因为查询结果无需进一步处理。
问题是,有没有办法在 samba4 ad 中实现这一点?是否有一个属性可以添加到组 cn,它不会破坏 ad 架构,但可以包含该组的所有电子邮件地址?
或者我是从另一个角度看待这个问题的,我应该将多个电子邮件地址添加到用户自己的 cn 中?(我在谷歌上找到了这个,但我认为这不是正确的做法,而且我认为 samba 甚至不支持这一点)
===================================postfix main.cf===============================
smtpd_banner = mail.virtualdomain.xx ESMTP
biff = no
append_dot_mydomain = no
delay_warning_time = 4h
readme_directory = no
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail.myhostname.yy
myorigin = /etc/mailname
mydestination = $myorigin,localhost,localhost.$mydomain
中继主机 =
mynetworks = 127.0.0.0/8
dovecot_destination_recipient_limit = 1
mailbox_command = /usr/lib/deliver
mailbox_size_limit = 0
收件人分隔符 = +
inet_interfaces = all
inet_protocols = ipv4
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
broken_sasl_auth_clients = yes
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = 是
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
home_mailbox = Maildir/
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
rejection_invalid_hostname
rejection_non_fqdn_hostname
rejection_non_fqdn_sender
rejection_non_fqdn_recipient
rejection_unauth_destination
rejection_unauth_pipelining
rejection_invalid_hostname
rejection_unknown_sender_domain
rejection_rbl_client list.dsbl.org
rejection_rbl_client cbl.abuseat.org
rejection_rhsbl_sender dsn.fc-ignorant.org
smtpd_data_restrictions =
rejection_unauth_pipelining,
reject_multi_recipient_bounce,
允许
smtpd_helo_required = 是
运输地图
maildrop_destination_concurrency_limit = 2
maildrop_destination_recipient_limit = 1
gnarwl_destination_concurrency_limit = 1
gnarwl_destination_recipient_limit = 1
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = ldap:/etc/postfix/ldap-aliases.cf
virtual_mailbox_domains = domain1.xx domain2.xx domain3.xx domain4.xx domain5.xx
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_maps = ldap:/etc/postfix/ldap-aliases.cf
dovecot_destination_recipient_limit = 1
virtual_uid_maps = static:1002
virtual_gid_maps = static:1002
content_filter = smtp-amavis:[127.0.0.1]:10024
local_recipient_maps = $别名映射
收件人密件抄送地图 = ldap:/etc/postfix/ldap-vacation.cf
=================== postfix main.cf 结束 ================================
======================ldap-aliases.cf=====================================
server_host = localhost
search_base = cn=Users,dc=domain5,dc=xx
query_filter = (mail=%s)
result_attribute = sAMAccountName
result_format = %[电子邮件保护]
bind = 是
bind_dn = mydn
bind_pw = mypasswd
start_tls = 否
版本 = 3
======================ldap-aliases.cf 结束===============================
谢谢你的帮助
汤姆
答案1
在Samba4端:
- 创建一个通讯组
- 根据需要设置群组的电子邮件地址
- 添加用户作为成员
在 Postfix 端:
看着:http://www.postfix.org/LDAP_README.html
有一个关于扩展 LDAP 组的示例