Hi folks,
Ok, Igor, Ken, you both must be growing to hate me, but I'm starting to
understand the present need for the defaultdomain paramater. I'm sorry :-)
I have a question. Lets say I have a realm "example.com" and I have the
defaultdomain paramater set to "example.com", and I also have "domain.com"
and "otherdomain.com" on the system. Now, lets say I have "cyrus" users in
each of those realms, and lets say I have the "admins" paramater set to
"cyrus". Will the "cyrus" user from any of those domains be able to
administrate the system, or will it just be the one from the default
domain?
Also, in porting some of my management scripts, I tried setting the "c"
rights on a user I wanted to remove to the user "[EMAIL PROTECTED]", but I
couldn't remove the user. I had to set the rights to the user "cyrus".
That seems a bit odd to me. If example.com is set as the default domain,
and "cyrus" is an admin, shouldn't cyrus recognize that by specifieing
[EMAIL PROTECTED], I'm indeed talking about the global admin and thus
allow me to delete the mailbox?
I'm starting to think that maybe there should be two different paramaters,
"admins" (analogous to domain admins) and "globaladmins" (global admins)
to allow more explicit declaration of who has which rights. Besides, it is
administrative priviliges you're talking about after all :-) This would
take away the logical global admin need for the defaultdomain paramater,
and would make the configuration a little more understandable.
Hope I've made sense, and again, I do thank you all for this fine product
:-)
-peace
--
Let he who is without clue kiss my ass
