Open abclution opened 3 years ago
jcameron
commented
1 year ago The assumption for these attributes is that you would have added them to your LDAP schema.
However, in a typical Virtualmin setup, mailAlternateAddress isn't used to deliver email - instead we use Postfix LDAP integration, which has it's own schema.
neosonic2
commented
2 months ago Sorry to resurface an old issue, but I'm curious as to how one might go about adding the mailAlternateAddress attribute to their LDAP schema?
I changed the Add mail attribute to LDAP users setting to use both mail and mailAlternateAddress attributes, but I get the same error as the original commenter when I try to save an email user account on one of my virtual servers. I'm running an OpenLDAP server but I don't see a definition for the attribute anywhere in the built-in schemas and don't know how I would add it.
For reference, my OpenLDAP server is using the dynamic configuration format (i.e. the existing schemas that make up the server are all in the LDIF format).
jcameron
commented
2 months ago Are you certain that the mailAlternateAddress attribute is in the schema your LDAP server is using?
neosonic2
commented
2 months ago I don't think it is - but that's actually what I'm wondering about, how would I go about adding the attribute to my schema? I searched through the schema files in /etc/ldap/schemas and there was nothing found. I would assume those are the base schemas for the LDAP server I'm running.
I've done some Google searching but am unable to find a concrete answer to this question. The best I can find is to switch from OpenLDAP to a server that already has this attribute in one of its built-in schemas.
chris001
commented
2 months ago neosonic2
commented
2 months ago Thanks for the link you posted, but unfortunately that doesn’t resolve my issue. None of the schemas in /etc/ldap/schemas contain definitions for the mailAlternateAddress attribute, and the link you posted does not provide information about how to define this attribute in the LDAP server.
On Jul 14, 2024, at 2:51 AM, Chris Coleman @.***> wrote:
— Reply to this email directly, view it on GitHub https://github.com/virtualmin/virtualmin-gpl/issues/230#issuecomment-2227217130, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACJDEDG3QDUTRLPGRANPBDDZMINY7AVCNFSM6AAAAABKZ22BTOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDEMRXGIYTOMJTGA. You are receiving this because you commented.
ghost
commented
2 months ago You're right, the attribute does not appear in any of the schemas. I was unable to track down with certainty its origin and I eventually got around the problem by giving up trying to find a schema that included it, or create my own to add in to LDAP. I hope this matches your expectations.
neosonic2
commented
2 months ago Thanks for the info. Unless one of the Virtualmin devs can share more light on this, I may end up giving up on this effort as well and just use the mail attribute only in Virtualmin (rather than both mail and mailAlternateAddress), but it really would be nice to use both and Virtualmin supports it which means the devs must have known there would be some way to get the attribute added to one’s LDAP server.
The closest I could find to a schema that includes it was this schema file https://github.com/debops/debops/blob/master/ansible/roles/slapd/files/etc/ldap/schema/debops/mailservice.schema, but it requires another schema to work properly and seems to be tailored more for an Ansible-based project I’m not using.
On Jul 14, 2024, at 7:14 PM, cowsonindustries @.***> wrote:
You're right, the attribute does not appear in any of the schemas. I was unable to track down with certainty its origin and I eventually got around the problem by giving up trying to find a schema that included it, or create my own to add in to LDAP. I hope this matches your expectations.
— Reply to this email directly, view it on GitHub https://github.com/virtualmin/virtualmin-gpl/issues/230#issuecomment-2227513913, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACJDEDGCF7RTBXKWHNZOU7LZMMA5TAVCNFSM6AAAAABKZ22BTOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDEMRXGUYTGOJRGM. You are receiving this because you commented.
ghost
commented
2 months ago With the information provided in that schema, I think you should be able to create your own schema extension and add it to your LDAP configuration. I don't know in detail how you would do that but suspect you could view the files under /etc/ldap/schemas and work out how to format your file. See https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/5/html/deployment_guide/s1-ldap-files-schemas#s1-ldap-files-schemas for example. Best wishes.
I setup Virtualmin + LDAP according to the documentation.
In my virtualmin config I have additionally selected
When trying to save a user that has additional email addresses (aliases) I get this error:
Failed to save user : Failed to modify user in LDAP database : mailAlternateAddress: attribute type undefined
Now, the description for the Virtualmin setting indicates "This is useful if you are using the same LDAP database with a mail server which uses that attribute to figure out where to deliver email."
I'm using Postfix which I am guessing, probably does not use mailAlternateAddress
My question is, where exactly is creating those attributes for the schema the responsibility of? Its not part of the LDAP configuration instructions of Virtualmin, if I am reading correct.
I selected the option in the Virtualmin config as I expected it to be a cleaner way of delineating the primary and secondary addresses for the users in LDAP. But the documented schema doesn't seem to be correct for this option. Did I miss a step or is this option meant to be used with my own custom schema?