Hi everyone,
I am in the middle of a migration from Cyrus 2.4 to Dovecot 2.1.7, and I have
everything mostly working. I set up Dovecot to authenticate against Active
Directory (Samba4) using PAM and SSSD, and have also used the fantastic
cyrus2dovecot perl script to do a test migration of all our mail, and that is
now working flawlessly.
I have the issue of shared IMAP accounts to deal with, and I am a little stuck.
I see that Dovecot is very flexible, and I think I am getting stuck in this
flexibility. I thought that if I explain what I am trying to achieve, someone
might point me in the right direction.
In the Cyrus regime, we have several imap accounts that are shared with a group
of people. These groups are actual unix groups that actual unix users are a
member of. If we want a person to access a mailbox, we add them to the group and
then at next login, it pops up in Thunderbird automatically.
SSSD does, from what I can tell, a decent job of binding to AD and mapping AD
users to unix users, but since not all of the users have an NIS uid in AD, I
decided to use a static mapping. This might have been the wrong decision, I am
not sure.
userdb {
driver = static
args = uid=900 gid=900 home=/mnt/mail/%u allow_all_users=yes
}
It probably isn't important at this stage, but the mail spool is stored on
an NFS server and the indexes are stored locally.
Thanks in advance,
Alex Ferrara
Director
Receptive IT Solutions