On Fri, Sep 14, 2007 at 01:05:32PM +0200, Alain Spineux wrote: > Most of imap client expect the credential you will use to have a > personal INBOX, but admin user should not have INBOX. > Anyway technicaly admin can read user's mailbox, but you have to write > the IMAP client yourself, or find the good one :-). > The best way is to create a new user and give him ACL on all mailboxes. > I thing cyradmin will let you do : > > sam user/*@example.com newuser lrswipkxtecda I'd say that the best way'd be to login as an admin user as the auth user and the real user as the user... If you know how to speak imap, you can do sth like imtest -u <username> -a <adminusername> -m plain -t "" <hostname> when it asks for a password, you give the admin user's password and voilà, you're logged in with the access rights of <username>. Now this uses a couple of facts of the imap system: 1) Users that are listed as admins in imapd.conf can pose as any user. 2) SASL has a mechanism that differentiates the username you use to authenticate yourself as and the username that determines your access rights. So you have to use '-m plain -t ""' (for sasl PLAIN method with STARTTLS) or "-m digest-md5" (for sasl DIGEST-MD5 method) or some other sasl method; you cannot use "-m login" or skip the mechanism (because it defaults to IMAP LOGIN) - the LOGIN "mechanism" is actually the IMAP LOGIN command, with no semantics to differentiate the auth user and the access user... If you can find a more sophisticated imap client with an actual front end to the imap protocol that support different auth and access ids, please tell me too... ;) --Janne Peltonen Email admin Univ. of Helsinki > > at once > > Regards > > > On 9/14/07, jools@xxxxxxxxxxxxxxxx <jools@xxxxxxxxxxxxxxxx> wrote: > > Hi All, > > > > Just a quick question regarding accessing mailboxes via admin accounts. I > > have Cyrus configured with 4 admins named in the imapd.conf file but I > > can't find how to access users accounts which we have to do under certain > > circumstances. On exchange you'd log in with domain/user/mailboxowner to > > gain access. What's the best method of doing with Cyrus? > > > > Thanks in advance, > > > > Jools > > > > ---- > > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > > > > > -- > Alain Spineux > aspineux gmail com > May the sources be with you > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Janne Peltonen <janne.peltonen@xxxxxxxxxxx> ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
