Use SASL with ldap authentication. Then set up alumni without the posix objectclass (just account w/ uid and userpassword I think) and the other users with full posix capabilities. If you add the sambaobjectclass as well, and configure a samba-ldap server to use the same server, you got a single sighon solution.
Tarjei "Connie S. Fensky" wrote: > > I have been looking in the archives, but I suspect I am not picking the > correct combination of keywords. > > Does anybody have any suggestions for the following scenario: > > 1/3 of my users are currently employees or students--they need accounts > on my mail server and so would authenticate with the unix password file. > > 2/3 of my users are alumni, and only need a mailbox. In fact, I don't > want them to have an account on the mail server. So they would authenticate > with sasldb. > > Can this be done with a combination of the features of cyrus? I have > currently: > > HP-UX 11.0 > cyrus-sasl 1.5.24 > cyrus-imapd-2.0.16 > db-3.3.11 > > I won't be able to upgrade to the newest imap, since I just upgraded to 2.0 > at Xmas, and had really major performance problems with the Berkeley part, > and had to go to flat files. (So my bosses won't let me bring down the mail > server again to do this.). BUT, their bosses want to add the alumni mail > accounts into the system, and I have to come up with plan. > > Thanks in advance for all of your help. > c*