Le 28 mars 2018 09:31:50 GMT+02:00, thom_schu@xxxxxx a écrit : >Hi, > >> I presume you have /etc/nsswitch.conf configured to use sssd for >user/group >> resolution, and that you have 'auth_mech: unix' and >'unix_group_enable: 1' >> set in imapd.conf. >> >> If you do not make use of group based ACLs, consider turning off >> unix_group_enable. If you do make use of it, use pts/ldap. "Unix" >group >> resolution can be very inefficient, as you would typically iterate >over an >> entire group tree to resolve group membership on each authentication. > >"unix_group_enable: 0" solved my problem, thank you ! > >What for is the "auth_mech: unix" ? For group management I understand, >I can have >a mailbox for a group, then imap needs to know who is member of this >group. > >But with "unix_group_enable: 0", what for is the auth_mech needed ? That's the user/password database or other external authentication mechanisms (tickets, ...) such as Kerberos. Normally, that's documented on man pages. >When I shut down >the local user management (sssd), everything seems to work. > >Thanks -- Je suis née pour partager, non la haine, mais l'amour. Sophocle, /Antigone, 442 av. JC
