I have this configuration running, except for the ACL. The problem I'm
having with ACLs is that I have to manually create the ACL for each
folder userB has and if userB creates a new folder, then it is forbidden
for userA until I update the ACL.
How do you solve this?
El 15/02/16 a las 09:18, Marco Giunta escribió:
Hi,
we have such configuration in our Dovecot; it is configured with virtual
users and acl. To enable access of userA mailbox to userB, first I have
to add userB to userA acl, and then I put userA username in an
ARBITRARY_FIELD of userB record in our ldap (if you use a db for your
account, the configuration could be more simple). We use the
ARBITRARY_FIELD to limit the access of other users mailboxes: the field
is not writable by the user, only by administrators.
Our config files:
/etc/dovecot/conf.d/auth-master.conf.ext
...
passdb {
driver = ldap
master = yes
args = /etc/dovecot/dovecot-ldap.conf.masterusers
pass = yes
default_fields =
userdb_mail=maildir:/path_to_mailboxes/%1{login_user}/%{login_user}:INDEXPVT=/path_to_indexes/%1n/%n/shared/%{login_user}
}
and in /etc/dovecot/dovecot-ldap.conf.masterusers
...
pass_attrs = uid=user,userPassword=password
pass_filter =
(&(uid=%n)(accountStatus=active)(ARBITRARY_FIELD=%{login_user}))
to login, you have to use the same way of a masteruser:
Login: userA*userB
Password: userB_password
Cheers,
Marco
On 2016-02-10 07:49, Angel L. Mateo wrote:
El 09/02/16 a las 13:44, Matthias Fechner escribió:
do you maybe mean shared mailboxes:
http://wiki.dovecot.org/SharedMailboxes
I don't want shared mailboxes. I have to access the other mailbox
as a complete separate account from my personal one.
I think I can achive this with master user, but I need to found a
way to configure permissions so the real user has access to all folders
in the other mailbox.
--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información
y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868887590
Fax: 868888337
