El 09/02/16 a las 13:44, Matthias Fechner escribi?:> > do you maybe mean shared mailboxes: > http://wiki.dovecot.org/SharedMailboxes >I don't want shared mailboxes. I have to access the other mailbox as a complete separate account from my personal one. I think I can achive this with master user, but I need to found a way to configure permissions so the real user has access to all folders in the other mailbox. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337
Hi,
we have such configuration in our Dovecot; it is configured with virtual
users and acl. To enable access of userA mailbox to userB, first I have
to add userB to userA acl, and then I put userA username in an
ARBITRARY_FIELD of userB record in our ldap (if you use a db for your
account, the configuration could be more simple). We use the
ARBITRARY_FIELD to limit the access of other users mailboxes: the field
is not writable by the user, only by administrators.
Our config files:
/etc/dovecot/conf.d/auth-master.conf.ext
...
passdb {
driver = ldap
master = yes
args = /etc/dovecot/dovecot-ldap.conf.masterusers
pass = yes
default_fields =
userdb_mail=maildir:/path_to_mailboxes/%1{login_user}/%{login_user}:INDEXPVT=/path_to_indexes/%1n/%n/shared/%{login_user}
}
and in /etc/dovecot/dovecot-ldap.conf.masterusers
...
pass_attrs = uid=user,userPassword=password
pass_filter =
(&(uid=%n)(accountStatus=active)(ARBITRARY_FIELD=%{login_user}))
to login, you have to use the same way of a masteruser:
Login: userA*userB
Password: userB_password
Cheers,
Marco
On 2016-02-10 07:49, Angel L. Mateo wrote:> El 09/02/16 a las 13:44, Matthias Fechner escribi?:
>>
>> do you maybe mean shared mailboxes:
>> http://wiki.dovecot.org/SharedMailboxes
>>
> I don't want shared mailboxes. I have to access the other mailbox
> as a complete separate account from my personal one.
>
> I think I can achive this with master user, but I need to found a
> way to configure permissions so the real user has access to all folders
> in the other mailbox.
>
--
Marco Giunta - ITCS SysAdmin
Via Bonomea, 265
34136 - Trieste, Italy
Tel: +39-040-3787-503
Fax: +39-040-3787-244
I have this configuration running, except for the ACL. The problem I'm having with ACLs is that I have to manually create the ACL for each folder userB has and if userB creates a new folder, then it is forbidden for userA until I update the ACL. How do you solve this? El 15/02/16 a las 09:18, Marco Giunta escribi?:> Hi, > we have such configuration in our Dovecot; it is configured with virtual > users and acl. To enable access of userA mailbox to userB, first I have > to add userB to userA acl, and then I put userA username in an > ARBITRARY_FIELD of userB record in our ldap (if you use a db for your > account, the configuration could be more simple). We use the > ARBITRARY_FIELD to limit the access of other users mailboxes: the field > is not writable by the user, only by administrators. > > > Our config files: > > /etc/dovecot/conf.d/auth-master.conf.ext > ... > passdb { > driver = ldap > master = yes > > args = /etc/dovecot/dovecot-ldap.conf.masterusers > pass = yes > default_fields > userdb_mail=maildir:/path_to_mailboxes/%1{login_user}/%{login_user}:INDEXPVT=/path_to_indexes/%1n/%n/shared/%{login_user} > > } > > and in /etc/dovecot/dovecot-ldap.conf.masterusers > ... > pass_attrs = uid=user,userPassword=password > pass_filter > (&(uid=%n)(accountStatus=active)(ARBITRARY_FIELD=%{login_user})) > > > to login, you have to use the same way of a masteruser: > > Login: userA*userB > Password: userB_password > > > Cheers, > Marco > > > > On 2016-02-10 07:49, Angel L. Mateo wrote: >> El 09/02/16 a las 13:44, Matthias Fechner escribi?: >>> >>> do you maybe mean shared mailboxes: >>> http://wiki.dovecot.org/SharedMailboxes >>> >> I don't want shared mailboxes. I have to access the other mailbox >> as a complete separate account from my personal one. >> >> I think I can achive this with master user, but I need to found a >> way to configure permissions so the real user has access to all folders >> in the other mailbox. >> >-- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337