Mailbox access control with ldap for group

Igor Brezac igor at ipass.net
Thu Apr 21 09:48:30 EDT 2005


On Thu, 21 Apr 2005, Simon Matter wrote:

>> Hello,
>> I already use| setaclmailbox with an Unix group as "id". But I'd like to
>> do the same with an ldap group.
>>
>> Is'it possible ? I didn't find anything on google.
>
> You can configure /etc/nsswitch.conf to use LDAP for groups. Check with
> 'getent group' that your LDAP groups are visible to the system.
> There is one issue with this solution: If your LDAP groups are large or
> your LDAP is slow, all IMAP access is also slow. Using nscd doesn't work
> here, at least on Linux. I have therefore created a groupcache patch for
> cyrus which chaches the groups in a file for faster access. The patch is
> in my rpms and also available here:
> http://www.invoca.ch/pub/packages/cyrus-imapd/scripts/groupcache/
>
> The groupcache can be updated via cyrus master with a entry like this in
> /etc/cyrus.conf EVENTS section:
>
>  groupcache    cmd="upd_groupcache" period=5
>

You can also use pts/ldap for groups.

-Igor

> Regards,
> Simon
>
>>
>>
>> Thanks.
>>
>> Nicolas Schmitz
>> |
>> ---
>> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
>> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>
>>
>
>
> ---
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>

-- 
Igor
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html




More information about the Info-cyrus mailing list