Same mailbox with different logins
Rudy Gevaert
rudy.gevaert at ugent.be
Mon Sep 21 05:35:35 EDT 2009
Hi,
I haven't taken the time to read the other replies but we here allow
people to log in with username OR firstname.lastname at domain.com.
(At the bottom of the reply is a question regarding canon plugin and
shared folders)
The users are connecting to a perdition proxy that does login name
translation to firstname.lastname at domain.com and redirect the
connection to the correct backend (we have 7 backends).
Also, we have one of the 7 back ends with the patched saslauthd.
On this backend we have 'shared mailboxes'. These are mailboxes that
are shared amongst several people. The all log in with a the login
name of the shared mailbox. BUT the password they have to use is their
**personal** password.
Our saslauthd goes to LDAP to fetch all information. The credentials
of the shared mailbox are also in the ldap. It holds references to
the people who are allowed to log in.
If I would have to do it again. I would not the C code in saslauthd!
But I would write my own saslauthd daemon. This is trivial, but I did
not know that back then :).
Some other opinions:
- renaming a mailbox in cyrus is not difficult, as Bron has shown
- it still is a pain in the ass to have the mailbox name of the user
tied to their real name
Renames are not so frequent, but still you have to do some book
keeping on whose name belonged to which mailbox in the past. E.g.
people who change their sex change their name too, but want to still
receive mail sent to their old name. (Fix this with an alias.)
If I would have to redo our setup I would go with
- some_id at domain.com
- rewriting whatever.they.want at domain.com to some_id at domain.com with a
proxy in front of it (IMAP/POP proxy is no problem, but what about a
SIEVE proxy? Can nginx do this? Bron? Perdition can't. :)) Or
rewriting with the canon plugin.
The only thing I'm still wondering is, what about shared folders? We
can't ask a user to share their folders with some_id at domain.com. They
should still be able to share with first.last_otheruser at domain.com
Bye!
Rudy
--
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Rudy Gevaert Rudy.Gevaert at UGent.be tel:+32 9 264 4734
Directie ICT, afd. Infrastructuur Direction ICT, Infrastructure dept.
Groep Systemen Systems group
Universiteit Gent Ghent University
Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
More information about the Info-cyrus
mailing list