On 14 Feb 2020, at 15:02, Armin Schindler wrote:
On 2/14/20 2:23 PM, Tobias Kirchhofer wrote:
On 14 Feb 2020, at 14:05, Armin Schindler wrote:
On 2/14/20 11:44 AM, Tobias Kirchhofer wrote:
On 14 Feb 2020, at 11:06, Armin Schindler wrote:
Hello!
[…]
For our new setup (planned with CentOS 8, waiting for the official
repo for the latest dovecot
version…) we have a prototype on Debian base with the latest
version of Dovecot. In opposite to our
current solution we will implement global acls with user and groups
from LDAP. This is very nice.
Wow, thanks. This seem to be exactly what I need to go on.
Our base system is a Univention UCS, so LDAP users and groups is
what we already have working :-)
With your elements I think we really could have the cyrus shared
folders with dovecot by
using a namespace of
type=public
but with
prefix=shared/
(we might use type=shared with prefix=usershared/ later).
There is not something like one way do to this. You could also make
your life easier and choose to
create a „Share user“ which is only there to share folders. This
will then be Dovecot „Shared
folders“ shared by this pseudo user to other users. You then could
use Roundcube or such to maintain
acl with this pseudo user. But we did not follow this path then for
reasons i cannot remember
anymore :)
For each Public folder we have a defined namespace. „Newsletter“,
„Client1“, „Client2“ etc. We have
many, around 30 or so. ACL goes on this namespace (namespace/*). I
guess ACL are first match. Each
namespace has its own prefix. (eq. prefix = Newsletter/, prefix =
Client1 etc.) User can subscribe
namespace by namespace acl assumed.
What is the benefit using own namespace for each public folder?
If the config is equal for all folders, wouldn't one namespace with
subfolders
be the same?
One public namespace would look like it is with cyrus in the client:
one "shared/"
folder to open/close.
Yes, this was a misunderstanding - we have a lot of subfolders per
namespace. The subfolders have ACLs.
--
collect@shift.agency