search for: userdb_acl_globals_on

Sorry for that! I was offline during writing my answer to your mail and so it left my outbox after the advice from Sami. The solution works well when using passwd userdbs only. I didn?t get it running in conjunction with ldap userdb. I tried to use an LDAP attribute and mapping it to userdb_acl_globals_only and another try with acl_globals_only. Both attributes were not considered by the lookup. Another try was to use a separate passwd-userdb for this attribute only. When placing the passwd-userdb before the ldap-userdb the ldap attributes are not considered. If the ldap-userdb is placed before the...

Hello Is it possible to limit the ability of sharing it?s own mailboxes to only a few users? We have a few sensitive mailboxes of users where the ability to share via IMAP SETACL should be prevented. I tried the following so far? doveadm acl remove -u test at onnet.ch INBOX user=test at onnet.ch admin but when doing this the admin rights are still there doveadm acl rights -u test at

...y for that! I was offline during writing my answer to your mail and so it left my outbox after the advice from Sami. >> >> The solution works well when using passwd userdbs only. I didn?t get it running in conjunction with ldap userdb. I tried to use an LDAP attribute and mapping it to userdb_acl_globals_only and another try with acl_globals_only. Both attributes were not considered by the lookup. Another try was to use a separate passwd-userdb for this attribute only. When placing the passwd-userdb before the ldap-userdb the ldap attributes are not considered. If the ldap-userdb is placed before the...

You could do userdb { ?? driver = username_format=%Lu passwd-file ?? args = /etc/dovecot/share.passwd } #? /etc/dovecot/share.passwd test at onnet.ch::::::: userdb_acl=vfile:/etc/dovecot/dovecot-acl userdb_acl_globals_only = yes should prevent the user from modifying any ACL files. Aki On 05.08.2018 17:04, Simeon Ott wrote: > Hello > > Is it possible to limit the ability of sharing it?s own mailboxes to > only a few users? > We have a few sensitive mailboxes of users where the ability to share &gt...

...> Sorry for that! I was offline during writing my answer to your mail and so it left my outbox after the advice from Sami. > > The solution works well when using passwd userdbs only. I didn?t get it running in conjunction with ldap userdb. I tried to use an LDAP attribute and mapping it to userdb_acl_globals_only and another try with acl_globals_only. Both attributes were not considered by the lookup. Another try was to use a separate passwd-userdb for this attribute only. When placing the passwd-userdb before the ldap-userdb the ldap attributes are not considered. If the ldap-userdb is placed before the...

...hat! I was offline during writing my answer to your mail and so it left my outbox after the advice from Sami. >>> >>> The solution works well when using passwd userdbs only. I didn?t get it running in conjunction with ldap userdb. I tried to use an LDAP attribute and mapping it to userdb_acl_globals_only and another try with acl_globals_only. Both attributes were not considered by the lookup. Another try was to use a separate passwd-userdb for this attribute only. When placing the passwd-userdb before the ldap-userdb the ldap attributes are not considered. If the ldap-userdb is placed before the...

Thanks for the advice Aki > On 6 Aug 2018, at 07:26, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > > userdb { > driver = username_format=%Lu passwd-file > args = /etc/dovecot/share.passwd > } Something is wrong with the suggested driver configuration ? Leads to a fatal ? I think there is missing a driver name. Any chance of doing this via LDAP attribute? Here is

...i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 } root at buserver:/etc/dovecot# cat dovecot-acl root at buserver:/etc/dovecot# ?> means empty file root at buserver:/etc/dovecot# cat share.passwd test at onnet.ch:::::::userdb_acl=vfile:/etc/dovecot/dovecot-acl userdb_acl_globals_only=yes root at buserver:/etc/dovecot# sed -e '/^#/d' dovecot-ldap.conf hosts = localhost uris = ldap://localhost:389/ debug_level = 10 auth_bind = yes ldap_version = 3 base = ou=domains,dc=intra,dc=onnet,dc=ch deref = never scope = subtree user_attrs = homeDirectory=home=/var/spool/postfix/...

...} > > root at buserver:/etc/dovecot# cat dovecot-acl > root at buserver:/etc/dovecot# > > ?> means empty file > > root at buserver:/etc/dovecot# cat share.passwd? > test at onnet.ch > <mailto:test at onnet.ch>:::::::userdb_acl=vfile:/etc/dovecot/dovecot-acl > userdb_acl_globals_only=yes > > root at buserver:/etc/dovecot# sed -e '/^#/d' dovecot-ldap.conf > hosts = localhost > uris = ldap://localhost:389/ > debug_level = 10 > auth_bind = yes > ldap_version = 3 > base = ou=domains,dc=intra,dc=onnet,dc=ch > deref = never > scope = subtree &g...

.../dovecot# cat dovecot-acl >> root at buserver:/etc/dovecot# >> >> ?> means empty file >> >> root at buserver:/etc/dovecot# cat share.passwd >> test at onnet.ch >> <mailto:test at onnet.ch>:::::::userdb_acl=vfile:/etc/dovecot/dovecot-acl >> userdb_acl_globals_only=yes >> >> root at buserver:/etc/dovecot# sed -e '/^#/d' dovecot-ldap.conf >> hosts = localhost >> uris = ldap://localhost:389/ >> debug_level = 10 >> auth_bind = yes >> ldap_version = 3 >> base = ou=domains,dc=intra,dc=onnet,dc=ch >>...

...ovecot# >>> >>> ?> means empty file >>> >>> root at buserver:/etc/dovecot# cat share.passwd? >>> test at onnet.ch <mailto:test at onnet.ch> >>> <mailto:test at onnet.ch>:::::::userdb_acl=vfile:/etc/dovecot/dovecot-acl >>> userdb_acl_globals_only=yes >>> >>> root at buserver:/etc/dovecot# sed -e '/^#/d' dovecot-ldap.conf >>> hosts = localhost >>> uris = ldap://localhost:389/ >>> debug_level = 10 >>> auth_bind = yes >>> ldap_version = 3 >>> base = ou=domains,dc...