1

Topic: Shared Folders | Grant access to groups

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.8 OPENLDAP edition
- Linux/BSD distribution name and version: CentOS Linux 7 (Core)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi iRedMail Admins and Users,

I want to grant access rights to shared folders on a group basis.

Current state:

1) User marketing.shared@mydomain.com logs in to SOGo

2) User marketing.shared opens 'Sharing...' option from the Inbox' context menu

3) User marketing.shared can search for single users or provide access to all domain users (authenticated users)

4) If marketing.shared shares the Inbox to a single user (e.g. tom.jerry@mydomain.com), the marketing.share Inbox appears below tom.jerry's 'Other Users' directory in SOGo.

5) If marketing.shared shares the Inbox to a all authenticated users, the marketing.share Inbox does not appear below any domain users' 'Other Users' directory in SOGo

6) There's no option to select or search for groups you want the Inbox to be shared with. If you insert a groupname (e.g. disneycharacters@mydomain.com) into the search field for users, the group does not show up. If you insert the full groupname and save the input, the next time you open 'Sharing...' setting from the Inbox' context menu, the disneycharacters@mydomain.com is being displayed in the enumeration of granted accounts, but it does not take effect. Checked it with user mickey.mouse@mydomain.com being member of the group disneycharacter@mydomain.com.

The question is: How can I make 6) work?

Thanks in advance!

P.S.: Already tried, didn't work:
- https://docs.iredmail.org/mailbox.sharing.html
- https://wiki2.dovecot.org/ACL
- https://wiki2.dovecot.org/Tools/Doveadm/ACL
- https://wiki2.dovecot.org/SharedMailboxes/Shared

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Shared Folders | Grant access to groups

- Do you try enabling "acl_anyone = allow" in Dovecot config file?
- Dovecot checks the sharing privilege by single user (the login user), so i don't think sharing to a group works. I suggest asking in Dovecot mailing list to get support from Dovecot developers.

3

Re: Shared Folders | Grant access to groups

ZhangHuangbin wrote:

- Do you try enabling "acl_anyone = allow" in Dovecot config file?
- Dovecot checks the sharing privilege by single user (the login user), so i don't think sharing to a group works. I suggest asking in Dovecot mailing list to get support from Dovecot developers.

Thank you Huangbin for your reply.

I also tried the acl_anyone option you suggested.

I thought that providing a group for the sharing configuration, this group would be dispersed to the its members and the privileges would take effect effectively on the user accounts. Of course this should work also for future group members and should be revoked for members leaving the group.

Yes, I think you're right, I should ask in the Dovecot forum.

Best Regards,
Irma