Mailbox access control with ldap for group
igor at ipass.net
Thu Apr 21 09:48:30 EDT 2005
On Thu, 21 Apr 2005, Simon Matter wrote:
>> I already use| setaclmailbox with an Unix group as "id". But I'd like to
>> do the same with an ldap group.
>> Is'it possible ? I didn't find anything on google.
> You can configure /etc/nsswitch.conf to use LDAP for groups. Check with
> 'getent group' that your LDAP groups are visible to the system.
> There is one issue with this solution: If your LDAP groups are large or
> your LDAP is slow, all IMAP access is also slow. Using nscd doesn't work
> here, at least on Linux. I have therefore created a groupcache patch for
> cyrus which chaches the groups in a file for faster access. The patch is
> in my rpms and also available here:
> The groupcache can be updated via cyrus master with a entry like this in
> /etc/cyrus.conf EVENTS section:
> groupcache cmd="upd_groupcache" period=5
You can also use pts/ldap for groups.
>> Nicolas Schmitz
>> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
>> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus