LDAP_LOCAL_PERSON_SYSTEM_QUERY = (&(|(mail=${quote_ldap:${local_part}}@${domain})\
                              (alias=${quote_ldap:${local_part}}@${domain}))\
                            (&(objectclass=posixAccount)(objectclass=inetorgperson)))

ldap_local_person_system:
  debug_print = "R: ldap_local_person_system for $local_part@$domain"
  driver = redirect
  local_part_prefix = local+
  data = ${lookup ldap{ \
    user="$LDAP_SERVICE_BIND_DN" \
    pass=$LDAP_SERVICE_PASSWORD \
    $LDAP_SCHEME://$LDAP_HOST:$LDAP_PORT/$LDAP_BASE_DN?uid?sub?LDAP_LOCAL_PERSON_SYSTEM_QUERY} \
    }
  cannot_route_message = Unknown user
