Bug #2730

SOGo: shared folders not working for AD accounts

Added by Davide Principi over 7 years ago. Updated about 7 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-sogo
Target version:v6.5
Security class: Resolution:
Affected version:v6.5-final NEEDINFO:No

Description

Shared folders don't work when granting permissions to Active Directory users or groups.

Related issues

Related to NethServer 6 - Enhancement #2727: Configurable AD accounts LDAP subtree CLOSED
Related to NethServer 6 - Bug #2744: Active Directory: IMAP shared folders with mixed case gro... CLOSED
Related to NethServer 6 - Feature #2751: AD group mail delivery type switch CLOSED

Associated revisions

Revision b0e1dd4b
Added by Davide Principi over 7 years ago

SOGo UserDataSource: use sAMAccountName attribute as UIDFieldName. Refs #2730

This maps the user and group names known to NSS through winbind,
allowing IMAP ACLs to work properly.

Revision fb93a336
Added by Davide Principi about 7 years ago

AD integration: ignore "distribution list" groups in shared folders permissions. Refs #2730

History

#1 Updated by Davide Principi over 7 years ago

  • Status changed from TRIAGED to ON_DEV
  • % Done changed from 20 to 30

ACL names are wrong. SOGo uses the wrong field to identify groups and users:

    # cat /var/lib/nethserver/vmail/davide.principi/Maildir/.CondivisioneTecnici/dovecot-acl 
group=CN=secgroup,OU=Nethesis,DC=adnethesis,DC=it lrws
group=CN=tecnici,OU=Nethesis,DC=adnethesis,DC=it lrws

#2 Updated by Davide Principi over 7 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 30 to 60

#3 Updated by Davide Principi over 7 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-sogo-1.3.0-3.0gitb0e1dd4b.ns6.noarch.rpm
nethserver-samba-1.4.2-3.0git6ceaca1a.ns6.noarch.rpm
nethserver-mail-server-1.6.4-7.0gitad134a1f.ns6.noarch.rpm

#4 Updated by Davide Principi about 7 years ago

  • Status changed from ON_QA to TRIAGED
  • % Done changed from 70 to 20

Also, exclude "distribution lists" from ACL-enabled groups.

#5 Updated by Davide Principi about 7 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Davide Principi
  • % Done changed from 20 to 30

#6 Updated by Davide Principi about 7 years ago

  • Related to Feature #2751: AD group mail delivery type switch added

#7 Updated by Davide Principi about 7 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 30 to 60

Now "distribution lists" group are not ACL-enabled

#8 Updated by Davide Principi about 7 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-mail-server-1.6.4-14.0git96cf7cd0.ns6.noarch.rpm
nethserver-sogo-1.3.0-7.0git0e537fde.ns6.noarch.rpm

#9 Updated by Nicola Rauso about 7 years ago

  • Assignee set to Nicola Rauso

#10 Updated by Nicola Rauso about 7 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Nicola Rauso)
  • % Done changed from 70 to 90

Tested: ok

#11 Updated by Giacomo Sanchietti about 7 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-sogo-1.4.0-1.ns6.noarch.rpm
  • nethserver-mail-server-1.7.0-1.ns6.noarch.rpm

Also available in: Atom PDF