<!doctype html>
<html>
 <head> 
  <meta charset="UTF-8"> 
 </head>
 <body>
  <div>
   You can use
  </div>
  <div>
   <br>
  </div>
  <div>
   plugin {
  </div>
  <div>
     acl_user = %u
  </div>
  <div>
   }
  </div>
  <div>
   <br>
  </div>
  <div>
   Aki
  </div>
  <blockquote type="cite">
   <div>
    On 12 April 2019 12:35 Usuario prueba via dovecot <dovecot@dovecot.org> wrote:
   </div>
   <div>
    <br>
   </div>
   <div>
    <br>
   </div>
   <div style="font-family: Verdana; font-size: 12.0px;">
    <div>
      
     <div>
      <div>
       I think is an ACL problem for master user. My master user is named "administrator" (static password files), all other users have ldap backend, and I tried to add this to acl file using vim
      </div>
      <div>
       <br>
      </div>
      <div>
       * user=administrator lr
      </div>
     </div>
     <div>
      <br>
     </div>
     <div>
      But still does not work. I have read several times https://wiki.dovecot.org/Authentication/MasterUsers and still I do not get the ACL thing. That page says " Set 
      <tt>plugin { master_user=%u } </tt> This fully hides that master user login is being used ". I have tried setting master_user=%u inside my plugin section and does not work. Can anyone post a doveconf -n output of a static-file master user + ACL working as intented?
      <tt> </tt>
     </div>
     <div>
      <br>
     </div>
     <div>
      Regards
     </div>
     <div>
       
      <div style="margin: 10px 5px 5px 10px; padding: 10px 0 10px 10px; border-left: 2px solid #C3D9E5; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
       <div style="margin: 0 0 10px 0;">
        <strong>Enviar:</strong> viernes 12 de abril de 2019 a las 9:41
        <br>
        <strong>De:</strong> "Usuario prueba via dovecot" <dovecot@dovecot.org>
        <br>
        <strong>Para:</strong> dovecot@dovecot.org
        <br>
        <strong>Asunto:</strong> Mailbox INBOX: Opening INBOX failed: Mailbox doesn't exist: INBOX. Maybe master user + namespace problem?
       </div>
       <div>
        <div style="font-family: Verdana; font-size: 12.0px;">
         <div>
          I am trying to migrate via imapsync a Dovecot mail server (host1) to Office 365 (hosts2) (just a test, I love Dovecot).
         </div>
         <div>
          <br>
         </div>
         <div>
          Imapsync, using dovecot master user, exact command I am using:
         </div>
         <div>
          <br>
         </div>
         <div>
          <div>
           imapsync --host1 myhost.mydomain --user1 testuser@mydomain.com*administrator --password1 "XXXXX" --host2 Outlook.Office365.com --user2 testuser@mydomain.com --authuser2 "masteruser2" --password2 "XXXX"  --office2
          </div>
          <div>
           <br>
          </div>
          <div>
           This does not work.
          </div>
          <div>
           <br>
          </div>
          <div>
           In dovecot logs I get the following error:
          </div>
         </div>
         <div>
          <br>
         </div>
         <div>
          <br>
         </div>
         <div>
          <div>
           Apr 12 09:13:13 buzonus_rhel7 dovecot: imap-login: Login: user=<testuser@mydomain.com>, method=PLAIN, rip=192.168.1.97
          </div>
          <div>
           , lip=192.168.4.80, mpid=24003, TLS, session=<fwL8CFCGtprAqAFh>
           <br>Apr 12 09:13:14 buzonus_rhel7 dovecot: imap(testuser@mydomain.com)<fwL8CFCGtprAqAFh>: ID sent: name=imapsync, version=1.921, os=linux, vendor=Gilles LAMIRAL, support-url=
           <a target="_blank" href="https://imapsync.lamiral.info/" rel="noopener">https://imapsync.lamiral.info/</a>, date=18-Feb-2019 10:21:03 +0000, side=host1
           <br>Apr 12 09:13:14 buzonus_rhel7 dovecot: imap(testuser@mydomain.com)<fwL8CFCGtprAqAFh>: Error: Mailbox INBOX: Opening INBOX failed: Mailbox doesn't exist: INBOX
           <br>Apr 12 09:13:16 buzonus_rhel7 dovecot: imap(testuser@mydomain.com)<fwL8CFCGtprAqAFh>: Logged out in=369 out=2790 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
          </div>
          <div>
           <br>
          </div>
         </div>
         <div>
          This is rather weird. I can access via thunderbird/mutt without problems to Dovecot server with "standard" accounts. If I try imapsync with a "standard" user, with real password, imapsync works. This only fails when I use the master user, can not find INBOX. Maybe a namespace problem using master user?
         </div>
         <div>
          <br>
         </div>
         <div>
          <br>
         </div>
         <div>
          doveconf -n output below:
         </div>
         <div>
          <br>
         </div>
         <div>
          <div>
           # 2.3.5.1 (7ec6d0ade): /etc/dovecot/dovecot.conf
           <br># Pigeonhole version 0.5.5 (2483b085)
           <br># OS: Linux 3.10.0-957.10.1.el7.x86_64 x86_64 Red Hat Enterprise Linux Server release 7.6 (Maipo) xfs
           <br># Hostname: mysystem
           <br>auth_cache_negative_ttl = 10 secs
           <br>auth_cache_size = 10 M
           <br>auth_cache_ttl = 2 mins
           <br>auth_master_user_separator = *
           <br>auth_mechanisms = plain login
           <br>auth_worker_max_count = 15500
           <br>base_dir = /var/run/dovecot/
           <br>default_client_limit = 15000
           <br>default_process_limit = 16500
           <br>default_vsz_limit = 2 G
           <br>disable_plaintext_auth = no
           <br>imap_capability = +XLIST
           <br>imap_client_workarounds = tb-extra-mailbox-sep delay-newmail tb-lsub-flags
           <br>imap_id_log = *
           <br>imap_max_line_length = 8 M
           <br>lda_mailbox_autocreate = yes
           <br>lda_mailbox_autosubscribe = yes
           <br>mail_fsync = never
           <br>mail_gid = entrega
           <br>mail_home = /buzones/mydomain.com/%2.26Hn/%2.200Hn/%n/home_usuario/
           <br>mail_location = mdbox:/buzones/mydomain.com/%2.26Hn/%2.200Hn/%n:ITERINDEX:INDEX=/indices_dovecot/indices/%2.26Hn/%2.200Hn/%n:ALT=/buzones/alternativo/mydomain.com/%2.26Hn/%2.200Hn/%n
           <br>mail_log_prefix = "%s(%u)<%{session}>: "
           <br>mail_max_userip_connections = 15000
           <br>mail_plugins = " zlib acl quota virtual mail_log notify"
           <br>mail_uid = entrega
           <br>managesieve_notify_capability = mailto
           <br>managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date
           <br>mdbox_rotate_interval = 1 days
           <br>mdbox_rotate_size = 60 M
           <br>namespace {
           <br>  inbox = yes
           <br>  location =
           <br>  mailbox Drafts {
           <br>    auto = subscribe
           <br>    special_use = \Drafts
           <br>  }
           <br>  mailbox SPAM {
           <br>    auto = subscribe
           <br>    special_use = \Junk
           <br>  }
           <br>  mailbox Sent {
           <br>    auto = subscribe
           <br>    special_use = \Sent
           <br>  }
           <br>  mailbox Trash {
           <br>    auto = subscribe
           <br>    special_use = \Trash
           <br>  }
           <br>  prefix =
           <br>  type = private
           <br>}
           <br>namespace {
           <br>  list = yes
           <br>  location = mdbox:/buzones/mydomain.com/%%2.26Hn/%%2.200Hn/%%n:ALT=/buzones/alternativo/mydomain.com/%%2.26Hn/%%2.200Hn/%%n:INDEX=/indices_dovecot/indices/%%2.26Hn/%%2.200Hn/%%n:INDEXPVT=~/mdbox/carpeta_compartida/%%u
           <br>  prefix = carpeta_compartida/%%u/
           <br>  separator = /
           <br>  subscriptions = no
           <br>  type = shared
           <br>}
           <br>passdb {
           <br>  args = /etc/dovecot/deny
           <br>  deny = yes
           <br>  driver = passwd-file
           <br>}
           <br>passdb {
           <br>  args = /etc/dovecot/dovecot-ldap.conf
           <br>  driver = ldap
           <br>}
           <br>passdb {
           <br>  args = /etc/file.txt
           <br>  driver = passwd-file
           <br>  master = yes
           <br>}
           <br>passdb {
           <br>  args = /etc/dovecot/dovecot-ldap.conf
           <br>  driver = ldap
           <br>}
           <br>plugin {
           <br>  acl = vfile
           <br>  acl_shared_dict = file:/buzones/mydomain.com/acls_compartidas.db
           <br>  lda_mailbox_autosubscribe = yes
           <br>  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
           <br>  mail_log_fields = uid box msgid size subject from
           <br>  quota = dict:Cuota de usuario::file:/buzones/cuotas/%n
           <br>  quota_rule2 = Trash:storage=+10%%
           <br>  quota_warning = storage=90%% aviso_cuota 90 %u
           <br>  sieve = /buzones/mydomain.com/%2.26Hn/%2.200Hn/%n/home_usuario/dovecot.sieve
           <br>  sieve_dir = /buzones/mydomain.com/%2.26Hn/%2.200Hn/%n/home_usuario/sieve/
           <br>  zlib_save = gz
           <br>  zlib_save_level = 9
           <br>}
           <br>pop3_no_flag_updates = yes
           <br>protocols = pop3 imap sieve
           <br>service anvil {
           <br>  client_limit = 43000
           <br>}
           <br>service auth {
           <br>  client_limit = 58600
           <br>  unix_listener auth-master {
           <br>    user = entrega
           <br>  }
           <br>  unix_listener auth-userdb {
           <br>    user = entrega
           <br>  }
           <br>  user = root
           <br>}
           <br>service aviso_cuota {
           <br>  executable = script /usr/local/bin/quota-warning.sh
           <br>  unix_listener aviso_cuota {
           <br>    mode = 0666
           <br>  }
           <br>  user = entrega
           <br>}
           <br>service config {
           <br>  process_min_avail = 4
           <br>}
           <br>service imap-login {
           <br>  client_limit = 28000
           <br>  executable = /usr/libexec/dovecot/imap-login
           <br>  group = dovenull
           <br>  process_min_avail = 2
           <br>  service_count = 0
           <br>  vsz_limit = 2 G
           <br>}
           <br>service imap {
           <br>  executable = /usr/libexec/dovecot/imap
           <br>  process_limit = 18000
           <br>  process_min_avail = 120
           <br>  vsz_limit = 3 G
           <br>}
           <br>service managesieve-login {
           <br>  executable = /usr/libexec/dovecot/managesieve-login
           <br>  inet_listener sieve {
           <br>    port = 2000
           <br>  }
           <br>  process_limit = 2000
           <br>  vsz_limit = 2 G
           <br>}
           <br>service managesieve {
           <br>  executable = /usr/libexec/dovecot/managesieve
           <br>  process_limit = 5000
           <br>}
           <br>service pop3-login {
           <br>  executable = /usr/libexec/dovecot/pop3-login
           <br>  process_limit = 7000
           <br>  process_min_avail = 2
           <br>  service_count = 0
           <br>  vsz_limit = 1 G
           <br>}
           <br>service pop3 {
           <br>  executable = /usr/libexec/dovecot/pop3
           <br>  process_limit = 7000
           <br>}
           <br>service stats {
           <br>  fifo_listener stats-mail {
           <br>    mode = 0600
           <br>    user = entrega
           <br>  }
           <br>}
           <br>ssl_ca = </etc/pki/my_chain
           <br>ssl_cert = </etc/pki/my_cert
           <br>ssl_dh = # hidden, use -P to show it
           <br>ssl_key = # hidden, use -P to show it
           <br>userdb {
           <br>  args = /etc/dovecot/dovecot-ldap.conf
           <br>  driver = ldap
           <br>}
           <br>userdb {
           <br>  args = /etc/dovecot/dovecot-ldap-userdb.conf
           <br>  driver = ldap
           <br>}
           <br>verbose_proctitle = yes
           <br>protocol sieve {
           <br>  managesieve_implementation_string = dovecot
           <br>  managesieve_logout_format = bytes=%i/%o
           <br>  managesieve_max_line_length = 65536
           <br>}
           <br>protocol lda {
           <br>  hostname = mydomain.com
           <br>  info_log_path =
           <br>  log_path =
           <br>  mail_fsync = optimized
           <br>  mail_plugins = sieve zlib quota virtual acl
           <br>  postmaster_address = postmaster@mydomain.com
           <br>  syslog_facility = mail
           <br>}
           <br>protocol imap {
           <br>  mail_plugins = zlib quota imap_quota virtual acl imap_acl notify mail_log
           <br>}
           <br>protocol pop3 {
           <br>  mail_plugins = zlib quota virtual
           <br>  pop3_enable_last = yes
           <br>  pop3_uidl_format = %g
           <br>}
          </div>
          <div>
           <br>
          </div>
         </div>
        </div>
       </div>
      </div>
     </div>
    </div>
   </div>
  </blockquote>
  <div>
   <br>
  </div>
  <div class="io-ox-signature">
   <pre>---
Aki Tuomi</pre>
  </div> 
 </body>
</html>