Beginning with V8.10 sendmail , you can specify the default switches for use with ldap database maps (ldap (was ldapx)) before you use the K configuration command to declare them. This LDAPDefaultSpec option, for example, is a handy way to specify the LDAP server host: O LDAPDefaultSpec=-h ldap.our.domain Later K configuration commands would then omit this switch. The LDAPDefaultSpec option is declared like this: O LDAPDefaultSpec= spec configuration file (V8.10 and later) -OLDAPDefaultSpec= spec command line (V8.10 and later) define(`confLDAP_DEFAULT_SPEC', spec) mc configuration (V8.10 and later) Here, spec is of type string and is an ldap database-map sequence of switches, just as you would use with the K configuration command. If this option is missing, no default is set. If the spec is missing, no default switches are set. The -N , -O , -S , -a , and -T switches must not be used. If they are, the following error will be logged and printed and sendmail will exit: readcf: option LDAPDefaultSpec: Do not set non-LDAP specific flags Nor can you use the -k switch to specify a default LDAP query with this option. If you do, you will see the following error logged and printed, and sendmail will exit: readcf: option LDAPDefaultSpec: Do not set the LDAP search filter Finally, you cannot use the -v switch to specify a default for the LDAP attributes. If you do, you will see the following error logged and printed, and sendmail will exit: readcf: option LDAPDefaultSpec: Do not set the requested LDAP attributes The LDAPDefaultSpec option is not safe. If it is specified from the command line, it can cause sendmail to give up any special privileges. |