authenticate as userA, but get authorization to user userB's account
Heiko Schlittermann
hs at schlittermann.de
Wed Oct 25 13:58:26 EEST 2017
Hello,
given a small organization. There are *personal* mailboxes (mailbox per
user, incl. subfolders et cetera). The users can share specic folders
via the ACL (we call it "other users/", Dovecot calls it "shared"
folder. Additionally there are mailboxes Dovecot calls "public" (we use
the term "groups/"). They are not associated with a specific account,
but acessible via ACL only. (Good example for the latter is "info at example.com")
But now they're seeking for a way to implement "role" Accounts.
We could create new "role" users, share the password and create an
additional account within the mail client (thunderbird) they use. From
users perspective it is exactly what they want. But I dislike the idea
of sharing the password.
Question: Is there any way to split the authentication from the
authorization within common mail clients (as Thunderbird) in combination
with Dovecot. That is, doing something like logging in to the
account sales at example.com, using the credentials of the very own account
(say hans at example.com)?
- how to do it in Dovecot? (We use LDAP)
- how to set up this in Thunderbird?
- how to set up this in a generic MUA, as some webmail client?
Thanks in advance,
best regards from Dresden/Germany
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://dovecot.org/pipermail/dovecot/attachments/20171025/bbe7baa7/attachment.sig>
More information about the dovecot
mailing list