On Thu, 21 Apr 2005, Simon Matter wrote:
Hello, I already use| setaclmailbox with an Unix group as "id". But I'd like to do the same with an ldap group.
Is'it possible ? I didn't find anything on google.
You can configure /etc/nsswitch.conf to use LDAP for groups. Check with 'getent group' that your LDAP groups are visible to the system. There is one issue with this solution: If your LDAP groups are large or your LDAP is slow, all IMAP access is also slow. Using nscd doesn't work here, at least on Linux. I have therefore created a groupcache patch for cyrus which chaches the groups in a file for faster access. The patch is in my rpms and also available here: http://www.invoca.ch/pub/packages/cyrus-imapd/scripts/groupcache/
The groupcache can be updated via cyrus master with a entry like this in /etc/cyrus.conf EVENTS section:
groupcache cmd="upd_groupcache" period=5
You can also use pts/ldap for groups.
-Igor
Regards, Simon
Thanks.
Nicolas Schmitz | --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
--- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
-- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
