kolab aliases and distribution lists

Gunnar Wrobel wrobel at pardus.de
Fri Feb 12 17:02:17 CET 2010 

Quoting Gavin McCullagh <gavin.mccullagh at gcd.ie>:

> Hi,
>
> On Fri, 12 Feb 2010, Gunnar Wrobel wrote:
>
>> >2. Take an account of a former user who has left and alias it to their
>> >   replacement staff member, eg.
>> >	old_user:  new_user
>>
>> We still lack a decent way of retiring users on the Kolab server.
>
> Is this not what the alias feature would do now (admittedly it goes to both
> then, not just the alias)?
>
>> >or
>> >email to account1 at domain to go to alias1 at domain?  In the former case, if I
>> >set up account1 at domain with the alias1 at domain, does the email go to both
>> >account1 and account2?
>>
>> Here I don't follow. I assume you meant account2 at domain.
>
> You're quite right, sorry.
>
>> But this is not allowed. Each mail-address has to be unique on the server
>> and the web admin ensures that this is the case. If you need mail going
>> to alias1 at domain to be sent to both account1 and account2 you need to
>> make alias1 at domain a distribution list.
>
> I see.  So two people can't share an alias -- the mail goes to the primary
> user and a single further alias?  That's a shame.  While I can appreciate
> that the distributions lists are there, where you have 500+ users, they can
> be pretty difficult to handle, particularly given you can't browse for
> users.  I was hoping to add the alias <dept>@<ourdomain> to each user's own
> account and then assemble the different <dept> into <allusers> and other
> distribution lists.
>
> I have to say, looking at it the config, I'm slightly surprised that this
> is the case:
>
> query_filter =  
> (&(!(kolabDeleteFlag=*))(|(alias=%s)(mail=%s))(!(cn:dn:=external)))
>
> surely that will match a real email account and anyone who has that alias
> set on their account?

Well, that is correct :) The limitation I mentioned is only imposed by  
the web admin. You could modify your LDAP directly (using ldapvi or  
luma or ...) and set the same alias on different accounts. I currently  
can't think of a reason why you should not do that :) but I'm sure the  
webadmin restriction is there for a reason.

>
>> >We'd prefer not to have everyone see the latter alias though.
>>
>> The distribution list can be set to "hidden".
>
> I see, thanks.  The text on it suggests that anyone who is  
> authenticated will see
> those lists:
>
>   "Check here to make this distribution list available only to
>    authenticated users"
>
> Perhaps that means authenticated to LDAP and the autocomplete doesn't
> authenticate.

No I believe "available" means that you may send to it only from your  
internal network. You can't send to it from outside of the Kolab  
server. This is a limitation I forgot to mention but if I understood  
you correctly it should not matter in your specific case. The entry  
for the distribution list goes into the "cn=internal" branch of your  
LDAP tree and the only relevant ACL for that would be

access to dn="cn=internal,dc=itzcuintli,dc=aztec,dc=intevation,dc=de"
         by  
dn="cn=nobody,cn=internal,dc=itzcuintli,dc=aztec,dc=intevation,dc=de"  
read
         by * search stop

So only the "nobody" user has read access here.

Cheers,

Gunnar

>
> Gavin
>
> _______________________________________________
> Kolab-users mailing list
> Kolab-users at kolab.org
> https://kolab.org/mailman/listinfo/kolab-users
>



-- 
______ http://kdab.com _______________ http://kolab-konsortium.com _

p at rdus Kolab work is funded in part by KDAB and the Kolab Konsortium

____ http://www.pardus.de _________________ http://gunnarwrobel.de _
E-mail : p at rdus.de                                 Dr. Gunnar Wrobel
Tel.   : +49 700 6245 0000                          Bundesstrasse 29
Fax    : +49 721 1513 52322                          D-20146 Hamburg
--------------------------------------------------------------------
    >> Mail at ease - Rent a kolab groupware server at p at rdus <<
--------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.kolab.org/pipermail/users/attachments/20100212/e12fd659/attachment.sig>

More information about the users mailing list