Well, its’ been busy recently, and my ADSL still isn’t up, thanks to BT’s inability to mark a completed order as complete. Latest date I’ve heard is Monday, so tonight I’m hoping to be drilling holes in walls and running cables.
On the Rescuing front, it’s been very q-word* lately. A few interesting times including a Gower-replacement evening in Merthyr which went well, although sandwiched as it was between two days of directing traffic at http://www.caerphilly.gov.uk/bigcheese/ with the Air Cadets, the Sunday morning was, not surprisingly, a bit of a bugger.
I managed to moveinto the house OK though, although the more time I spend in the kitchen, the more I dislike it. I’ve got most of my stuff unpacked and what with the new wawrdrobes I built last night (apologies to the neighbours for using a cordless screwdriver at 2300), the bedroom is pretty much sorted. Next will be the office, which means I can clear out the spare room of the books, which means I can sort it out then. Oh the joy of musical rooms.
On a bad note, several boxes of books I’ve got have been damp for months due to the dampness in my grandmother’s garage, causing them to grow large patches of green and grey fur. Some of them have had to be binned, while others I’m hoping to rescue.
This weekend is a SARDA development weekend, and I’m not even going to go into the politics going on at the moment. I can’t wait until the next SGM where I get to *really* have my say.
*Everyone in the emergency services will recognise the use of teh the “q-word”. Opposite to loud. Generally accepted that as soon as someone uses it, a shout arrives.
And finally, the techie bit. Just a quick note, if you’re trying to use exim with Active Directory to do recipient verification, here’s a working recipe for FreeBSD, OpenLDAP and exim 4, working against AD2003. Note that you must have the recipe query against a GC apparently, otherwise you get referral problems. So first the macros you need:
# Define a macro for use by the AD-verification rouer
#ldap_default_servers = ${lookup dnsdb{srv=_gc._tcp.intra.boxuk.net}{$value}fail}
ldap_default_servers = <; GC_IP_address_or_name:3268
LDAP_AD_BINDDN = “CN=mta,CN=Users,DC=intra,DC=domain,DC=com”
LDAP_AD_PASS = “password”
LDAP_AD_BASE_DN = OU=Staff,DC=domain,DC=com
LDAP_AD_MAIL_RCPT = \
user=LDAP_AD_BINDDN \
pass=LDAP_AD_PASS \
ldap:///LDAP_AD_BASE_DN\
?mail?sub?\
(&\
(|\
(objectClass=user)\
(objectClass=publicFolder)\
(objectClass=group)\
)\
(proxyAddresses=SMTP:${quote_ldap:$local_part}@${quote_ldap:$domain})\
)
In particular, note the lack of quotes on the LDAP_AD_BASE_DN, and the locations of the quote_ldap function.
Then put these routers in:
# This next router is specifically for address verification using Active Directory
# See http://www.exim.org/pipermail/exim-users/Week-of-Mon-20040816/075152.html
adsi_check:
driver = redirect
domains = +relay_domains
allow_fail
allow_defer
forbid_file
forbid_pipe
redirect_router = adsi_ok
data = ${lookup ldapm {LDAP_AD_MAIL_RCPT} {${local_part}@${domain}}{:fail: User unknown}}
adsi_ok:
driver = manualroute
domains = +relay_domains
transport = remote_smtp
route_list = * name_of_your_exchange_server
Lots of other things you could do with these routers, but that’ll do for now. Apologies for the slighly crap formatting, I’m having to post this from the LJ website while my machine’s out of contact with the world. Also my template is shit, so I think it’s time for a change. Normal server will, I hope, be resumed fairly shortly.