Hello,
I'm looking for a way to access to a POP/IMAP account as another user
different than me, but using my password. That is, I'm
"someone at domain.com" and I want to access to "anotherone at
domain.com"
mailbox using the password of "someone at domain.com", not the
"anotherone at domain.com" (something similar to master passwords, but
without sharing any password). Obviously, in my LDAP backend I can
configure something to authorize "someone" to access to
"anotherone"'s
mailbox.
At this momment, I'm trying to use
someone at domain.com@anotherone at domain.com as username, with a passdb that
uses %{username}@%{domain_first} to authenticate the user, but I'm
having problem to configure a userdb map to get the mailbox, because the
%{domain_first} variable returns just "domain.com". To fix this, I
could
use "someone at anotherone@domain.com", but this has problems with
virtual
domains an different users with same username (someone at domain.com and
someone at otherdomain.com).
Looking at documentation, at [1], in the "auth_user" variable says:
"... If username changes during authentication, this value contains the
original username..." what leads me to think that there is some way to
change the user during the authentication process, but I don't know how
or maybe I'm assuming wrong.
Any help with this? Thank you
[1] http://wiki.dovecot.org/Variables
--
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n
y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868887590
Fax: 868888337
Am 2016-02-09 um 10:54 schrieb Angel L. Mateo:> [?] > Looking at documentation, at [1], in the "auth_user" variable says: > "... If username changes during authentication, this value contains the > original username..." what leads me to think that there is some way to > change the user during the authentication process, but I don't know how > or maybe I'm assuming wrong.If I fully understand, user switching is done by having userdb return arbitrary uid,gid,user for the principal used in authentication. After being switched, you ARE the other one, so in my (possibly limited) understanding you can no longer read your own mail. That might not be intended? -- peter
El 09/02/16 a las 12:03, Peter Chiochetti escribi?:> Am 2016-02-09 um 10:54 schrieb Angel L. Mateo: >> [?] >> Looking at documentation, at [1], in the "auth_user" variable says: >> "... If username changes during authentication, this value contains the >> original username..." what leads me to think that there is some way to >> change the user during the authentication process, but I don't know how >> or maybe I'm assuming wrong. > > If I fully understand, user switching is done by having userdb return > arbitrary uid,gid,user for the principal used in authentication. After > being switched, you ARE the other one, so in my (possibly limited) > understanding you can no longer read your own mail. That might not be > intended? >To access my own mail, I would use someone at domain.com as username, not someone at domain.com@another at domain.com. Looking deeply in master password documentation, I think I'll be able to use it configure. But I'm going to need to find a way to limit the access to just another at domain.com's mailbox, not all mailboxes. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337
Am 2016-02-09 10:54, schrieb Angel L. Mateo:> I'm looking for a way to access to a POP/IMAP account as another user > different than me, but using my password. That is, I'm > "someone at domain.com" and I want to access to "anotherone at domain.com" > mailbox using the password of "someone at domain.com", not the > "anotherone at domain.com" (something similar to master passwords, but > without sharing any password). Obviously, in my LDAP backend I can > configure something to authorize "someone" to access to "anotherone"'s > mailbox.do you maybe mean shared mailboxes: http://wiki.dovecot.org/SharedMailboxes -- Gru? Matthias
El 09/02/16 a las 13:44, Matthias Fechner escribi?:> > do you maybe mean shared mailboxes: > http://wiki.dovecot.org/SharedMailboxes >I don't want shared mailboxes. I have to access the other mailbox as a complete separate account from my personal one. I think I can achive this with master user, but I need to found a way to configure permissions so the real user has access to all folders in the other mailbox. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337