We have a fairly distribute organisation with directory servers on several continents. For various reasons we have chosen to deploy openldap masters to our various field offices and have the directories replicate to a central slave at the head office. When we wish to query against the whole directory we search an openldap meta-proxy located at head office that runs against the central slave. While most of our mail servers query against local masters, the head office mail server runs against the meta-proxy. To improve performance we are now testing openldap proxy cache overlay. This has been going well so far, but we ran into an issue with maildrop.

The proxy cache stores templates of queries, which is not an issue, but it seems to be necessary to also provide a list of attributes that will match the query. It seems that maildrop by default does not query for a set of attributes, but for all attributes associated with an object.

Does anyone know if there is a way to configure maildrop to request a specific set of attributes when it searches an LDAP directory?

TIA.