[Kolab-devel] New attributeType kolabTargetFolder for objectClass kolabSharedFolder

Jeroen van Meeuwen (Kolab Systems) vanmeeuwen at kolabsys.com
Wed Apr 4 00:32:17 CEST 2012


On 2012-04-03 22:57, Florian v. Samson (mobil) wrote:
> Hi Jeroen,
>

Hi Florian,

> I am not subscribed on the kolab-devel list (I am reading 
> intermittently via web-frontend).
>

I've subscribed your addresses to the list, with mail delivery 
disabled, so your future messages should simply be accepted.

> You may reply to or forward this mail on kolab-devel, if you like.
>
> ----- Ursprüngliche Mitteilung -----
>> On 2012-03-07 20:47, Martin Konold wrote:
>> > Am Mittwoch, 7. März 2012, 18:38:46 schrieb Jeroen van Meeuwen:
>> > > entries the kolabSharedFolder objectClass.
>> > > With a kolabTargetFolder
>> > >
>> > > Thoughts? Comments? Questions? Gripes?
>> >
>> > I think you gave a very valid rational for the need of such an
>> > attribute in large organisations.
>> >
>> > Some comments though:
>> >
>> > 1. Did you consider to use a kolab group account in order to 
>> fullfill
>> > the requirement?
>
> I am pretty sure Martin addresses the "role accounts" (in German:
> "Funktionsadressen"). These are the model in Kolab2 to handle the 
> use-cases potentially
> addressed with this new attribute type.
>
>> (...snip...)
>>
>
> IMO Martins "group accounts" was meant to address "role accounts"
> with their own IMAP folder-hierarchy each, not dist-lists.
>
>> (...snip...)
>>
>
> IMHO the central issue of shared regular user-accounts via IMAP-ACLs
> is the flurry of issues which stem from multiple (often many)
> user-accounts having write-access or full IMAP-rights (and are using
> them, consciously or not). Kolab2s "role accounts" avoid many of the 
> issues shared regular
> user-accounts carry.
>

So, allow me to re-iterate to see if I understand correctly, as this is 
the first time I've heard of "role accounts".

"role accounts" are Kolab user accounts, with an INBOX and a mail 
attribute value if you will, that do not have any one particular 
physical user associated with them, but may have one or more physical 
human beings authorized to use the account (i.e. they read the "role 
account"'s INBOX and respond using a sender address of 
<role-account-name>@domain.tld)?

If that is somewhat right, but I doubt it in light of the other remarks 
on "full writeable shared folders" you mentioned, then the answer is 
"no" - I did not consider user accounts that are shared in any way, 
shape or form.

Kind regards,

Jeroen van Meeuwen

-- 
Systems Architect, Kolab Systems AG

e: vanmeeuwen at kolabsys.com
m: +44 74 2516 3817
w: http://www.kolabsys.com

pgp: 9342 BF08




More information about the devel mailing list