Creating LDAP mail users and groups

September 01, 2017

Reading time ~2 minutes

Originally I researched a bit to get ideas and started writing a tool to add email user accounts in LDAP. That eventualy manfested into another separate script which creates email distribution groups. While one could just as easily use phpLDAPadmin, Apache Directory Studio and others by giving a .ldif file - I wanted something with less overhead, so I began to write a script that was specific to only adding LDAP email users and distribution groups interactively. In a nutshell these scripts use an LDIF template to help create the email user account or email distribution group on the fly. There is no need to ever manually edit a .ldif file since all you do is give some preliminary info and be done with it.

Email Users

Invoking the script as root or sudo will run through the following.

# ./
First Name: Jane
Last Name: Doe
User Name [uid]: jane.doe


Enter the domain to use for the mail account:
creating mail account on
adding new entry "uid=jane.doe,ou=Mail,dc=example,dc=com"

modifying entry "cn=vmail,ou=Groups,c=example,dc=com"

Successfully added Mail account

We can see our new email user gets added to an LDAP group. Note that this is a standard groupOfNames group and not an email distribution group.

Email Welcome Message

When an LDAP email user is added, a welcome email message is sent to the newly created user's Inbox. A default html and plain text email template are available to use. It is also easy to have your own customizable email templates.

Email Distribution Groups

Invoking the script will run through the following to create an email distribution group.

# ./
Email Group Name: engineers


Enter the domain to use for the mail group:
creating mail group on
adding new entry "cn=engineers,ou=Groups,ou=Mail,dc=example,dc=com"

Successfully added Email Distribution Group

Group members can be added using the mailGroupMember attribute provided by postfix-book.schema, respectively.


Comments, improvements, PRs and everything else should be directed on GitHub.

PRs welcome.

Increase email security with S/MIME

Intro S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. S/MIME is on …… Continue reading

Mail forwarding with Postfix and LDAP

Published on September 02, 2017

Splunk Enterprise (Free) LDAP auth in Apache

Published on August 03, 2017