Hi all! I have a corpus of virtual users ( user1 at domain.tld , user2 at domain.tld, user3 at domain.tld,..., usern at domain.tld ... ) authenticated against Active Directory. Is it possible to group some users (virtual) and give appropriate ACLs on a shared imap public folder using an ACL vfile? thanks in advance Dimitrios
On Wed, 2009-11-25 at 09:36 +0200, Dimitrios Karapiperis wrote:> I have a corpus of virtual users ( user1 at domain.tld , user2 at domain.tld, > user3 at domain.tld,..., usern at domain.tld ... ) authenticated > against Active Directory. > > Is it possible to group some users (virtual) and give appropriate ACLs > on a shared imap public folder using an ACL vfile?Yes, with v1.1+. You'll need to have your userdb lookup (or some other way, e.g. with post-login scripting) return a comma-separated acl_groups field. http://wiki.dovecot.org/ACL -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20091125/76314794/attachment-0002.bin>
O/H Timo Sirainen ??????:> On Wed, 2009-11-25 at 09:36 +0200, Dimitrios Karapiperis wrote: > >> I have a corpus of virtual users ( user1 at domain.tld , user2 at domain.tld, >> user3 at domain.tld,..., usern at domain.tld ... ) authenticated >> against Active Directory. >> >> Is it possible to group some users (virtual) and give appropriate ACLs >> on a shared imap public folder using an ACL vfile? >> > > Yes, with v1.1+. You'll need to have your userdb lookup (or some other > way, e.g. with post-login scripting) return a comma-separated acl_groups > field. > http://wiki.dovecot.org/ACL > >Thanks for the reply. //return a comma-separated acl_groups field. What does this mean, sorry I cannot usnderstand it. Is there somewhere some bits of configuration lines, so that it will be more clear. Thanks Dimitrios
O/H Steffen Kaiser ??????:> >> //return a comma-separated acl_groups field. >> What does this mean, sorry I cannot usnderstand it. >> Is there somewhere some bits of configuration lines, so that it will >> be more clear. > > Let your userdb return a field named acl_groups with a string value of: > > group1,group2,group3 > > I guess, the group names themselves should be all 7bit alphanumeric. > > How you do this, depends very much from your setup of userdb etc. The > examples are on: > http://wiki.dovecot.org/UserDatabase/ExtraFields > > Regards, >Thanks for the reply. I am wondering how this is possible with Active Directory. thanks in advance Dimitrios
Maybe Matching Threads
- id:N13388 Disable storage of messages on server when read (pop3)
- Is it possible to authenticate against Active Direcotry using the whole e-mail?
- script to report quota upon user's request
- Active Directory authentication
- suggested method to transform list to a matrix