[Kolab-devel] admins field in imap.conf contains none of ldap defined administrator, maintainer or domain maintainer
Alain Spineux
aspineux at gmail.com
Fri Jan 19 18:54:55 CET 2007
Here is the demonstration of what I said in my original post
Hope you will be convinced :-)
admin accounts defined in imapd.conf can manage one or all domain
depending the account name.
Look !
[root at fc6-eg trunk]# grep admins /kolab/etc/imapd/imapd.conf
admins: manager domain.maintainer at mydomain.loc
another at mydomain.loc
[root at fc6-eg trunk]# cyradm -u manager localhost
IMAP Password:
fc6-eg.asxnet.loc> lm
user/me/Drafts at mydomain.loc (\HasNoChildren)
user/me/Sent at mydomain.loc (\HasNoChildren)
user/me/Trash at mydomain.loc (\HasNoChildren)
user/me at mydomain.loc (\HasChildren)
user/alain.spineux/Drafts at asxnet.loc (\HasNoChildren)
user/alain.spineux/Sent at asxnet.loc (\HasNoChildren)
user/alain.spineux/Trash at asxnet.loc (\HasNoChildren)
user/alain.spineux at asxnet.loc (\HasChildren)
user/b1 at mydomain.loc (\HasNoChildren)
user/b2 at mydomain.loc (\HasNoChildren)
fc6-eg.asxnet.loc> quit
# cyradm -u domain.maintainer at mydomain.loc localhost
IMAP Password:
fc6-eg.asxnet.loc> lm
user/me (\HasChildren)
user/me/Drafts (\HasNoChildren)
user/me/Sent (\HasNoChildren)
user/me/Trash (\HasNoChildren)
user/b1 (\HasNoChildren)
user/b2 (\HasNoChildren)
fc6-eg.asxnet.loc> quit
# cyradm -u b1 at mydomain.loc localhost
IMAP Password:
fc6-eg.asxnet.loc> lm
INBOX (\HasNoChildren)
fc6-eg.asxnet.loc> quit
Did you saw how the imap path are different depending the user logged in ?
And for sieve, this is the same :
[root at fc6-eg trunk]# /kolab/bin/sieveshell -u b1 at mydomain.loc -a
domain.maintainer at mydomain.loc localhost
connecting to localhost
Please enter your password:
> list
kolab-forward.siv
kolab-vacation.siv
kolab-deliver.siv
> quit
On 1/19/07, Gunnar Wrobel <wrobel at pardus.de> wrote:
> "Alain Spineux" <aspineux at gmail.com> writes:
>
> > Hello
> >
> > When I create a domain maintainer, I'm expecting to be able to login
> > as him using cyradm or sieveshell to do some administrative task for
> > users.
> >
> > But imapd.conf admins field contains only : manager ! And nobody else
> > can use cyradm or sieveshell for administrative tasks ! Only ldap can
> > be managed by this user.
>
> I might be mistaken but I believe it is not possible to restrict
> access for the domain maintainer to the mailboxes of his domain within
> cyradm. In that case you would give more access to the domain
> maintainer than he should have.
>
> This is different for LDAP where the access rights are tuned so that
> the domain maintainer can only manage users of his domain.
>
> Cheers,
>
> Gunnar
>
> --
> ____ http://www.pardus.de _________________ http://gunnarwrobel.de _
>
> >> Mail at ease - Rent a kolab groupware server at p at rdus <<
>
> p at rdus Kolab work is funded in part by KDAB and the Kolab Konsortium
>
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel at kolab.org
> https://kolab.org/mailman/listinfo/kolab-devel
>
--
--
Alain Spineux
aspineux gmail com
May the sources be with you
More information about the devel
mailing list