[Dovecot] mailadm? authentication vs. authorization?
Does "dovecot" have anything similar to the UW IMAP "mailadm" group operation? From near the end of:
http://www.washington.edu/imap/documentation/RELNOTES.html
'Support for SASL authentication identity vs. authorization identity in the IMAP and POP3 servers. If the user indicated by the authentication identity is in the "mailadm" group, he may specify any authorization identity and get logged in as the authorization identity user.'
This allows an email administrator (member of group "mailadm") to sort out problems in a user's mailbox as that user identifier. (We try to train our users not to reveal their password to anyone, not even to our own staff. But sometimes, as staff, it is very useful to be able to do operations as a particular user to diagnose a problem.)
--
: David Lee I.T. Service : : Senior Systems Programmer Computer Centre : : Durham University : : http://www.dur.ac.uk/t.d.lee/ South Road : : Durham DH1 3LE : : Phone: +44 191 334 2752 U.K. :
David Lee wrote:
Does "dovecot" have anything similar to the UW IMAP "mailadm" group operation? From near the end of:
Dovecot supports "master" users; see http://wiki.dovecot.org/MasterPassword
So far, I'm only planning to use it for automated migration of staff accounts to, *cough* Exchange, so will probably run it in its own Dovecot service on a different port. I'll also restrict the IP addresses the master user can use.
Chris
-- --+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+- Christopher Wakelin, c.d.wakelin@reading.ac.uk IT Services Centre, The University of Reading, Tel: +44 (0)118 378 8439 Whiteknights, Reading, RG6 2AF, UK Fax: +44 (0)118 975 3094
participants (2)
-
Chris Wakelin
-
David Lee