Previous Section Next Section

LDAPDefaultSpec

Default LDAP switches V8.10 and later

Beginning with V8.10 sendmail, you can specify the default switches for use with ldap database maps (ldap (was ldapx)) before you use the K configuration command to declare them. This LDAPDefaultSpec option, for example, is a handy way to specify the LDAP server host:

O LDAPDefaultSpec=-h ldap.our.domain

Later K configuration commands would then omit this switch.

The LDAPDefaultSpec option is declared like this:

O LDAPDefaultSpec=spec                configuration file (V8.10 and later) 
-OLDAPDefaultSpec=spec                command line (V8.10 and later) 
define(`confLDAP_DEFAULT_SPEC',spec)  mc configuration (V8.10 and later) 

Here, spec is of type string and is an ldap database-map sequence of switches, just as you would use with the K configuration command. If this option is missing, no default is set. If the spec is missing, no default switches are set.

The -N, -O, -S, -a, and -T switches must not be used. If they are, the following error will be logged and printed and sendmail will exit:

readcf: option LDAPDefaultSpec: Do not set non-LDAP specific flags

Nor can you use the -k switch to specify a default LDAP query with this option. If you do, you will see the following error logged and printed, and sendmail will exit:

readcf: option LDAPDefaultSpec: Do not set the LDAP search filter

Finally, you cannot use the -v switch to specify a default for the LDAP attributes. If you do, you will see the following error logged and printed, and sendmail will exit:

readcf: option LDAPDefaultSpec: Do not set the requested LDAP attributes

The LDAPDefaultSpec option is not safe. If it is specified from the command line, it can cause sendmail to give up any special privileges.

    Previous Section Next Section