Ldap uid MTA option

Direct LDAP attribute name MTA options:  (LDAP attribute name)
The  MTA option names a user or group LDAP attribute which will be used as the user or group identifier if no permanent identifier (specified by the ldap_permid option) is present in the user or group entry. This option also impacts the default login identity for authentication purposes.

Note that although the MTA option  exists to rename/redirect the attribute used for some MTA, Store and authentication purposes, other components of Messaging Server such as some MTA and Message store utilties (including ,  , and  ) hard-code use of the &#x27;uid&#x27; attribute and may not work correctly with an alternate attribute name.

Although this option is documented to permit a list of LDAP attribute names, that facility did not work prior to Messaging Server 8.0.2 and as of MS 8.0.2, only the first attribute name in the list will be honored for certain operations (including MTA and store authentication).

Regarding the use of the LDAP attribute named by, normally  , and its valid values: As of MS 6.2, the MTA checks that there is only one such attribute; as of MS 6.3-0.15, the MTA also checks that there is only one value set for the one attribute. As of 7.0-0.04, the MTA checks that the   value is no more than 128 octets; a longer value will result in the user entry being considered invalid. (This check is performed because various lower layer libraries have hard buffer limits that preclude longer s.) See also the   MTA option which enforces restrictions (some required by other components such as the Message Store) on what characters are permitted in a   value. See also the  MTA option which names a domain level LDAP attribute specifying, for addresses in that domain, what character separates the UID from the domain name.

See also:
 * Direct LDAP attribute name MTA options
 * ldap_uid_invalid_chars MTA Option
 * ldap_domain_attr_uid_separator Option