Description of problem: sendmail supports using ldap routing: http://www.sendmail.org/m4/ldap_routing.html This is the schema it expects: http://www.sendmail.org/m4/laser.txt I'm not sure the draft is complete (it has [[TBD]] in the object class uid definition. The 60inetmail.ldif is similar but different. I don't know if they are compatible or not. Version-Release number of selected component (if applicable): 389-ds-base-1.2.9.9-1.el5
This is what is in openldap.org's misc schema: # # Assorted definitions from several sources, including # ''works in progress''. Contents of this file are # subject to change (including deletion) without notice. # # Not recommended for production use! # Use with extreme caution! #----------------------------------------------------------- # draft-lachman-laser-ldap-mail-routing-02.txt !!!EXPIRED!!! # (a work in progress) # attributetype ( 2.16.840.1.113730.3.1.13 NAME 'mailLocalAddress' DESC 'RFC822 email address of this recipient' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 2.16.840.1.113730.3.1.18 NAME 'mailHost' DESC 'FQDN of the SMTP/MTA of this recipient' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE ) attributetype ( 2.16.840.1.113730.3.1.47 NAME 'mailRoutingAddress' DESC 'RFC822 routing address of this recipient' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE ) # I-D leaves this OID TBD. # iPlanet uses 2.16.840.1.113.730.3.2.147 but that is an # improperly delegated OID. A typo is likely. objectclass ( 2.16.840.1.113730.3.2.147 NAME 'inetLocalMailRecipient' DESC 'Internet local mail recipient' SUP top AUXILIARY MAY ( mailLocalAddress $ mailHost $ mailRoutingAddress ) ) http://www.virtualmin.com/documentation/id,combining_virtualmin_and_ldap/ mentions changing AUXILIARY to STRUCTURAL, but that seems strange to me.
I've tried to make my own schema file for this without success. If one could be created that I could test with I'd be very grateful.
(In reply to comment #4) > I've tried to make my own schema file for this without success. If one could > be created that I could test with I'd be very grateful. What was the problem with your own schema file?
I couldn't get the format correct.
(In reply to comment #6) > I couldn't get the format correct. Have you tried one of the scripts at http://directory.fedoraproject.org/wiki/Howto:OpenLDAPMigration to convert the openldap style schema to 389 format?
I used the ol-migrate-schema.pl script to produce: [root@earth dirsrv]# cat 98ldap-mail-routing.ldif # ################################################################################ # dn: cn=schema # ################################################################################ # attributeTypes: ( 2.16.840.1.113730.3.1.13 NAME 'mailLocalAddress' DESC 'RFC822 email address of this recipient' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # ################################################################################ # attributeTypes: ( 2.16.840.1.113730.3.1.18 NAME 'mailHost' DESC 'FQDN of the SMTP/MTA of this recipient' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE ) # ################################################################################ # attributeTypes: ( 2.16.840.1.113730.3.1.47 NAME 'mailRoutingAddress' DESC 'RFC822 routing address of this recipient' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE ) # ################################################################################ # objectClasses: ( 2.16.840.1.113730.3.2.147 NAME 'inetLocalMailRecipient' DESC 'Internet local mail recipient' SUP top AUXILIARY MAY ( mailLocalAddress $ mailHost $ mailRoutingAddress ) ) # ################################################################################ # Copied that to /etc/dirsrv/slapd-cora/schema/98ldap-mail-routing.ldif and restarted the server. Got: Starting dirsrv: cora...[26/Oct/2011:13:20:42 -0600] dse - The entry cn=schema in file /etc/dirsrv/slapd-cora/schema/98ldap-mail-routing.ldif is invalid, error code 20 (Type or value exists) - attribute type mailLocalAddress: Does not match the OID "2.16.840.1.113730.3.1.13". Another attribute type is already using the name or OID. [26/Oct/2011:13:20:42 -0600] dse - Please edit the file to correct the reported problems and then restart the server. [FAILED] In /etc/dirsrv/slapd-cora/schema/50ns-mail.ldif there is: attributeTypes: ( 2.16.840.1.113730.3.1.13 NAME ( 'mailAlternateAddress' ) DESC 'Netscape Messaging Server 4.x defined attribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape Messaging Server 4.x' ) So, what's the best way to solve a conflicting OID like this?
I suppose you could try making mailAlternateAddress an alias of mailLocalAddress or vice versa: attributeTypes: ( 2.16.840.1.113730.3.1.13 NAME ( 'mailAlternateAddress' 'mailLocalAddress' ) DESC 'RFC822 email address of this recipient' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} X-DEPRECATED 'mailAlternateAddress' )
I changed my file to use that and got: The entry cn=schema in file /etc/dirsrv/slapd-cora/schema/98ldap-mail-routing.ldif is invalid, error code 20 (Type or value exists) - attribute type mailRoutingAddress: Does not match the OID "2.16.840.1.113730.3.1.47". Another attribute type is already using the name or OID. /etc/dirsrv/slapd-cora/schema/50ns-directory.ldif:attributeTypes: ( 2.16.840.1.113730.3.1.47 NAME 'ntGroupType' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape NT Synchronization' ) Fixed in the same way. Then: The entry cn=schema in file /etc/dirsrv/slapd-cora/schema/98ldap-mail-routing.ldif is invalid, error code 21 (Invalid syntax) - object class inetLocalMailRecipient: Unknown allowed attribute type "mailLocalAddress" So, I can't use the alias names in the inetLocalMailRecipient objectClass? Or do I need to modify the 50ns-mail.ldif file as well? Is Netscape Messaging Server still out there?
(In reply to comment #10) > I changed my file to use that and got: > > The entry cn=schema in file > /etc/dirsrv/slapd-cora/schema/98ldap-mail-routing.ldif is invalid, error code > 20 (Type or value exists) - attribute type mailRoutingAddress: Does not match > the OID "2.16.840.1.113730.3.1.47". Another attribute type is already using the > name or OID. > > /etc/dirsrv/slapd-cora/schema/50ns-directory.ldif:attributeTypes: ( > 2.16.840.1.113730.3.1.47 NAME 'ntGroupType' DESC 'Netscape defined attribute > type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape NT > Synchronization' ) > > Fixed in the same way. Then: > > The entry cn=schema in file > /etc/dirsrv/slapd-cora/schema/98ldap-mail-routing.ldif is invalid, error code > 21 (Invalid syntax) - object class inetLocalMailRecipient: Unknown allowed > attribute type "mailLocalAddress" > > So, I can't use the alias names in the inetLocalMailRecipient objectClass? Try changing the order of the aliases e.g. NAME ( 'mailLocalAddress' 'mailAlternateAddress' ) > Or > do I need to modify the 50ns-mail.ldif file as well? If the alias trick doesn't work, I'm afraid you'll have to edit or remove 50ns-mail.ldif The duplicate OID for ntGroupType is very bad. You'll have to use a bogus OID for mailRoutingAddress e.g. 2.16.840.1.113730.3.1.47.99999 > > Is Netscape Messaging Server still out there? There's probably some iPlanet/Sun/Oracle email server that still uses these old attributes.
(In reply to comment #11) > > Try changing the order of the aliases e.g. > NAME ( 'mailLocalAddress' 'mailAlternateAddress' ) Doesn't like it: The entry cn=schema in file /etc/dirsrv/slapd-cora/schema/98ldap-mail-routing.ldif is invalid, error code 20 (Type or value exists) - attribute type mailLocalAddress: Does not match the OID "2.16.840.1.113730.3.1.13". Another attribute type is already using the name or OID. > > Or > > do I need to modify the 50ns-mail.ldif file as well? > > If the alias trick doesn't work, I'm afraid you'll have to edit or remove > 50ns-mail.ldif Probably the thing for me to do to is remove it. > The duplicate OID for ntGroupType is very bad. You'll have to use a bogus OID > for mailRoutingAddress e.g. 2.16.840.1.113730.3.1.47.99999 > > > > > Is Netscape Messaging Server still out there? > > There's probably some iPlanet/Sun/Oracle email server that still uses these old > attributes. You're probably right. So, what's the proper fix here? This feels very kludgy to me.
I also ended up removing 50ns-directory.ldif as it had: attributeTypes: ( 2.16.840.1.113730.3.1.47 NAME 'ntGroupType' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape NT Synchronization' ) as well.
(In reply to comment #13) > I also ended up removing 50ns-directory.ldif as it had: > > attributeTypes: ( 2.16.840.1.113730.3.1.47 NAME 'ntGroupType' DESC 'Netscape > defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE > X-ORIGIN 'Netscape NT Synchronization' ) > > as well. You can't do that. You will likely break windows sync, and lots of other stuff that uses schema from 50ns-directory.ldif. Instead, you'll have to use a bogus OID for mailRoutingAddress e.g. 2.16.840.1.113730.3.1.47.99999 The proper fix will be to get rid of the obsolete schema (e.g. 50ns-mail.ldif), replace it with the new schema, including the oid fix for mailRoutingAddress
Okay, I used the bogus oid and just removed 50ns-mail.ldif and will try that.
Upstream ticket: https://fedorahosted.org/389/ticket/22
Fixed in 389-ds-base-1.2.10.rc1 now in Fedora/EPEL Testing
I also ended up removing 50ns-directory.ldif as it had: attributeTypes: ( 2.16.840.1.113730.3.1.47 NAME 'ntGroupType' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape NT Synchronization' ) thanks http://www.mantisbt.org/wiki/doku.php/mantisbt:wanted_topics [^] http://rpmfusion.org/ReportingBugs [^] http://rpmfusion.org/RobertPattinson [^]