[prev in list] [next in list] [prev in thread] [next in thread]
List: kolab-devel
Subject: Re: [Kolab-devel] admins field in imap.conf contains none of ldap
From: "Alain Spineux" <aspineux () gmail ! com>
Date: 2007-01-19 17:54:55
Message-ID: 71fe4e760701190954h426fdd0i45b03e77188ab87e () mail ! gmail ! com
[Download RAW message or body]
Here is the demonstration of what I said in my original post
Hope you will be convinced :-)
admin accounts defined in imapd.conf can manage one or all domain
depending the account name.
Look !
[root@fc6-eg trunk]# grep admins /kolab/etc/imapd/imapd.conf
admins: manager domain.maintainer@mydomain.loc
another@mydomain.loc
[root@fc6-eg trunk]# cyradm -u manager localhost
IMAP Password:
fc6-eg.asxnet.loc> lm
user/me/Drafts@mydomain.loc (\HasNoChildren)
user/me/Sent@mydomain.loc (\HasNoChildren)
user/me/Trash@mydomain.loc (\HasNoChildren)
user/me@mydomain.loc (\HasChildren)
user/alain.spineux/Drafts@asxnet.loc (\HasNoChildren)
user/alain.spineux/Sent@asxnet.loc (\HasNoChildren)
user/alain.spineux/Trash@asxnet.loc (\HasNoChildren)
user/alain.spineux@asxnet.loc (\HasChildren)
user/b1@mydomain.loc (\HasNoChildren)
user/b2@mydomain.loc (\HasNoChildren)
fc6-eg.asxnet.loc> quit
# cyradm -u domain.maintainer@mydomain.loc localhost
IMAP Password:
fc6-eg.asxnet.loc> lm
user/me (\HasChildren)
user/me/Drafts (\HasNoChildren)
user/me/Sent (\HasNoChildren)
user/me/Trash (\HasNoChildren)
user/b1 (\HasNoChildren)
user/b2 (\HasNoChildren)
fc6-eg.asxnet.loc> quit
# cyradm -u b1@mydomain.loc localhost
IMAP Password:
fc6-eg.asxnet.loc> lm
INBOX (\HasNoChildren)
fc6-eg.asxnet.loc> quit
Did you saw how the imap path are different depending the user logged in ?
And for sieve, this is the same :
[root@fc6-eg trunk]# /kolab/bin/sieveshell -u b1@mydomain.loc -a
domain.maintainer@mydomain.loc localhost
connecting to localhost
Please enter your password:
> list
kolab-forward.siv
kolab-vacation.siv
kolab-deliver.siv
> quit
On 1/19/07, Gunnar Wrobel <wrobel@pardus.de> wrote:
> "Alain Spineux" <aspineux@gmail.com> writes:
>
> > Hello
> >
> > When I create a domain maintainer, I'm expecting to be able to login
> > as him using cyradm or sieveshell to do some administrative task for
> > users.
> >
> > But imapd.conf admins field contains only : manager ! And nobody else
> > can use cyradm or sieveshell for administrative tasks ! Only ldap can
> > be managed by this user.
>
> I might be mistaken but I believe it is not possible to restrict
> access for the domain maintainer to the mailboxes of his domain within
> cyradm. In that case you would give more access to the domain
> maintainer than he should have.
>
> This is different for LDAP where the access rights are tuned so that
> the domain maintainer can only manage users of his domain.
>
> Cheers,
>
> Gunnar
>
> --
> ____ http://www.pardus.de _________________ http://gunnarwrobel.de _
>
> >> Mail at ease - Rent a kolab groupware server at p@rdus <<
>
> p@rdus Kolab work is funded in part by KDAB and the Kolab Konsortium
>
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel@kolab.org
> https://kolab.org/mailman/listinfo/kolab-devel
>
--
--
Alain Spineux
aspineux gmail com
May the sources be with you
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic