cyrus autorization identifier trick
Nestor A. Diaz
nestor at tiendalinux.com
Thu Apr 19 18:56:54 EDT 2007
Andrew Morgan wrote:
> Easy. When you want to look at another user's mail, just modify the
> permissions on their mailbox. You can do this with cyradm like so:
>
> sam user.foo adminuser all
>
> We use a perl script that does this recursively for each folder that
> belongs to a specify user, and a second script that recursively
> removes the permission when we are finished.
>
> After granting these permissions, you'll see the user's mailbox in
> your IMAP namespace as "Other Users.foo".
Ok, that's clear for me, but since i am going to have a huge mailstore i
don't like the idea of the person having to subscribe to each user
mailbox, or modifying the user mailbox acl each time the person want to
access data, so as an easy way i was thinking on using sasl as a helper,
if that's not possible what i am thinking to create at first time, is
that when the admin (which is really a supervisor with just read
privilegies) wants to see others users mailbox, it just open a web
application, that ask for their password, if validation went ok, then
ask for the mailbox he wants to see and recurisvely change permissions,
this way the Supervisor can see what others user have into their mailbox
without using cyradm command line.
slds.
--
Nestor A. Diaz
Ingeniero de Sistemas
Tel. +57 1-600-5490 x 211
Cel. +57 316-227-3593
Tel. SIP: sip:211 at tiendalinux.com
Email/MSN: nestor at tiendalinux.com
http://www.tiendalinux.com/
Bogota, Colombia
More information about the Info-cyrus
mailing list