On 17-02-2022 10:02, Aki Tuomi wrote:>> On 17/02/2022 10:39 Kees van Vloten <keesvanvloten at gmail.com> wrote: >> >> >> On 17-02-2022 09:16, Aki Tuomi wrote: >>>> On 17/02/2022 10:14 Kees van Vloten <keesvanvloten at gmail.com> wrote: >>>> >>>> On 17-02-2022 07:28, Aki Tuomi wrote: >>>>>> On 16/02/2022 21:40 Kees van Vloten <keesvanvloten at gmail.com> wrote: >>>>>> >>>>>> Hi Team, >>>>>> >>>>>> >>>>>> I am trying to setup mailbox sharing. But although user test2 shares >>>>>> INBOX with test1, it is not visible for user1. >>>>>> >>>>>> doveadm? acl get -u test2 INBOX >>>>>> ID???????? Global Rights >>>>>> user=test1??????? admin create delete expunge insert lookup post read >>>>>> write write-deleted write-seen >>>>>> >>>>>> cat /srv/mail/dovecot/lib/shared-mailboxes.db >>>>>> shared/shared-boxes/user/test1/test2 at example.com >>>>>> 1 >>>>>> >>>>>> Log output: >>>>>> >>>>> <snip /> > I think your problem is that you are using test1 and test2 as usernames, but shared folder is for test2 at example.com > > The sharing must happen with same user names as your users are logging in. > > AkiUsers are logging in with username only (and in most situations with a krb5 ticket): auth_username_format = %Lu Is there a way to prevent sharing as the %n name (test2 at example.com)? Or is the better approach to login with %n (and would that work with gssapi login)?
> On 17/02/2022 11:16 Kees van Vloten <keesvanvloten at gmail.com> wrote: > > > On 17-02-2022 10:02, Aki Tuomi wrote: > >> On 17/02/2022 10:39 Kees van Vloten <keesvanvloten at gmail.com> wrote: > >> > >> > >> On 17-02-2022 09:16, Aki Tuomi wrote: > >>>> On 17/02/2022 10:14 Kees van Vloten <keesvanvloten at gmail.com> wrote: > >>>> > >>>> On 17-02-2022 07:28, Aki Tuomi wrote: > >>>>>> On 16/02/2022 21:40 Kees van Vloten <keesvanvloten at gmail.com> wrote: > >>>>>> > >>>>>> Hi Team, > >>>>>> > >>>>>> > >>>>>> I am trying to setup mailbox sharing. But although user test2 shares > >>>>>> INBOX with test1, it is not visible for user1. > >>>>>> > >>>>>> doveadm? acl get -u test2 INBOX > >>>>>> ID???????? Global Rights > >>>>>> user=test1??????? admin create delete expunge insert lookup post read > >>>>>> write write-deleted write-seen > >>>>>> > >>>>>> cat /srv/mail/dovecot/lib/shared-mailboxes.db > >>>>>> shared/shared-boxes/user/test1/test2 at example.com > >>>>>> 1 > >>>>>> > >>>>>> Log output: > >>>>>> > >>>>> <snip /> > > I think your problem is that you are using test1 and test2 as usernames, but shared folder is for test2 at example.com > > > > The sharing must happen with same user names as your users are logging in. > > > > Aki > > > Users are logging in with username only (and in most situations with a > krb5 ticket): > > auth_username_format = %Lu > > Is there a way to prevent sharing as the %n name (test2 at example.com)? > > Or is the better approach to login with %n (and would that work with > gssapi login)?Why not use auth_username_format=%Ln then? Also consistently use %n instead of %u in your configuration. Also doveadm acl set -u test2 user=test1 and so on. etc. Aki