- Previous message: Joseph Brennan: "Re: Strip HTML"
- In reply to: Brasseur Valéry: "cyrus ACL and groups ..."
- Next in thread: Brasseur Valéry: "RE: cyrus ACL and groups ..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Patrick Radtke (no email)
Date: Fri Jun 02 2006 - 10:54:09 EDT
Are your users stored in a LDAP server as well?
If so, then you can have Cyrus speak LDAP and get the info. Plus it
can do caching (ptscache_timeout)
In Cyrus 2.3 you'd want to do something like
#make the authz mechanism be pts
auth_mech: pts
#make pts talk to ldap
pts_module: ldap
ldap_base: dc=cc,dc=columbia,dc=edu
ldap_group_base: ou=group,dc=cc,dc=columbia,dc=edu
ldap_member_base: ou=group,dc=cc,dc=columbia,dc=edu
ldap_member_method: filter
ldap_member_filter:(memberuid=%U)
ldap_member_attribute: cn
ldap_size_limit: 100
ldap_sasl: 0
ldap_uri: ldap://ldapserver:prt
ptloader_sock: /var/cyrus/socket/ptsock
look for ldap_* options in `man imapd.conf`
-Patrick
On Jun 2, 2006, at 4:31 AM, Brasseur Valéry wrote:
> I have seen in the code that when you want to use groups in ACL for
> cyrus, the group is a UNIX one ... (calling setgrent, getpwnam ... )
> Is there a a way to use LDAP groups instead ...
>
>
> Thanks
> Valery
>
>
> ----
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|