[Dovecot] some clarification re: ACL?
Matt Zukowski
mzukowski at urbacon.net
Wed May 2 19:40:33 EEST 2007
The ACL documentation is at http://wiki.dovecot.org/ACL is a bit
vague... I'd be happy to update it myself, but I need some clarification:
For example, I have a dovecot-acl file with:
group=portal_admin lrw
anyone l
To me this means that any user in the portal_admin group should be able
to open and read messages in the shared mailbox where this dovecot-acl
file resides. All other users should be able to see the mailbox, but
won't be able to open it.
What I'm finding is that in actuality NO ONE can open the mailbox. Users
in the portal_admin group cannot open it.
Am I misreading how ACL is supposed to work? Or does the group=
identifier simply not work? I guess I should mention that these groups
are coming from active directory hooked up on the back-end with winbind,
but I think this should be transparent to dovecot (i.e. dovecot
shouldn't know the difference between groups originating from active
directory versus local groups.... after all, it doesn't seem to
differentiate between active directory users versus local users.... or
am I wrong about this?)
Secondly, what is the group-override identifier supposed to do?
Thirdly, are spaces and other special characters allowed in the
group/username identifiers?
Thanks,
Matt.
-----------------
This e-mail message is privileged, confidential and subject to copyright. Any unauthorized use or disclosure is prohibited.
Le contenu du pr'esent courriel est privil'egi'e, confidentiel et soumis `a des droits d'auteur. Il est interdit de l'utiliser ou de le divulguer sans autorisation.
More information about the dovecot
mailing list