[POLL] Cyrus 2.2 virtdomains behavior (Was: global admin without defaultdomain?)

Ken Murchison ken at oceana.com
Thu Jan 1 10:26:31 EST 2004

Jure Pečar wrote:

> virtdomains=ipaddr (or something)
> here we need to teach server the ip->domain mapping. reverse dns? most
> likely.
> server accepts & authenticates usernames without @domain on appropriate
> interfaces (ip adresses) and it searches for username only in the domain the
> ip adress the user is coming from belongs. user at domain usernames should be
> rejected IMHO. global admin should be specified without the @domain and
> authenticated on any ip address. per domain admin users should be specified
> with @domain and should only authenticate when coming to the right ip
> address.

So, you're suggesting that admins always use fully qualified userids? 
This would work, but it requires that an unqualified userid be checked 
to see if its an admin before appending the domain from the ip address. 
  This is probably the easiest way to handle the global admin without 
enforcing a default domain and also allows something like:

admins: cyrus cyrus at domain1 cyrus at domain2

Is there a problem if *any* user is allowed to use a fully qualified 
userid in an ipaddr config?

Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp

More information about the Info-cyrus mailing list