LDAP Verification and Aliases

In addition to verification against the LDAP mail attribute, LDAP verification against aliases needs to be performed too otherwise email destine for an alias will be rejected.

An LDAP directory structure looks a lot like what you might see with FileExplorer in Windows. Nested folders containing more folders and files in the case of FileExplorer, and nested directories with attribute nodes in the case of LDAP. If you use email aliases in your organization, which you probably do - at least a few, you will need to include the proxyAddress attribute along with the mail attribute to be searched for valid email addresses. Without it, aliases will be rejected since a search of only the mail attribute will not be successful when an email arrives for an alias.

Attributes in LDAP are attribute / value pairs, where the name of an attribute is set to some value. The mail attribute would, therefore, have a value of johndow@mycompany.com.

Each user in an Windows ActiveDirectory system has his own directory, containing all the attribute nodes. There are many different attributes contained in each user directory, and one of those is mail - or your email address. Additional attributes hold any aliases that might point to your email address, so each user can have multiple aliases. The proxyAddress attribute can appear multiple times in a directory, and contains one of your aliases.

In LDAP, each attribute is defined in a schema file which defines various attributes of the,, well, attribute. For example an attribute can appear more than once in a directory, or the attribute may be optional or required, or an attribute could have dependencies etc. These schema files define many business practices and become agreed upon standards specified by RFC documents.

Again the best way to learn LDAP is to dig in. Download one of the browsers from Gateways and LDAP Verification and give them a go. Both browsers come with some open LDAP server configurations so you can connect and browse without having to figure out how. Once you've had yourself a little tour, you should become a little more comfortable with the information presented here.