Hi everyone,
I am in the middle of a migration from Cyrus 2.4 to Dovecot 2.1.7, and I have everything mostly working. I set up Dovecot to authenticate against Active Directory (Samba4) using PAM and SSSD, and have also used the fantastic cyrus2dovecot perl script to do a test migration of all our mail, and that is now working flawlessly.
I have the issue of shared IMAP accounts to deal with, and I am a little stuck. I see that Dovecot is very flexible, and I think I am getting stuck in this flexibility. I thought that if I explain what I am trying to achieve, someone might point me in the right direction.
In the Cyrus regime, we have several imap accounts that are shared with a group of people. These groups are actual unix groups that actual unix users are a member of. If we want a person to access a mailbox, we add them to the group and then at next login, it pops up in Thunderbird automatically.
SSSD does, from what I can tell, a decent job of binding to AD and mapping AD users to unix users, but since not all of the users have an NIS uid in AD, I decided to use a static mapping. This might have been the wrong decision, I am not sure.
userdb { driver = static args = uid=900 gid=900 home=/mnt/mail/%u allow_all_users=yes }
It probably isn't important at this stage, but the mail spool is stored on an NFS server and the indexes are stored locally.
Thanks in advance,
Alex Ferrara Director Receptive IT Solutions