Univention Bugzilla – Bug 45421
Check shared folder ACLs in LDAP against ACLs in dovecot/cyrus - broken
Last modified: 2021-03-19 12:28:34 CET
+++ This bug was initially created as a clone of Bug #40465 +++ The diagnostics module should check if the ACLs for shared folders in LDAP match with the ACLs in IMAP. Otherwise a warning should be printed. This is no error since the user is able to set custom ACLs via any IMAP client. Bug #40194/40195 may have caused ACL differences. Added folder1 shared imap folder with the following ACL's univentionMailACL: Domain Users read univentionMailACL: anyone post univentionMailACL: Printer-Admins write Now a added a special ACL to the imap folder via doveadm: doveadm acl set -u Administrator folder1@w2k12.test/INBOX "group=Domain Admins" write I i run the module i get Found differences in the ACLs for IMAP shared folders between UDM and IMAP. This is not necessarily a problem, if the the ACL got changed via IMAP. In mail folder folder1@w2k12.test (see {udm:mail/mail}): ACL right for user 'anyone' is 'post' in UDM, but 'none' in IMAP. ACL right for group 'Domain Users' is 'read' in UDM, but 'none' in IMAP. So he thinks there are difference for 'anyone' 'Domain Users' this is wrong, but no mention of the real broken Domain Admins ACL?
Move to 4.3-0-errata. If a UCS 4.2 backport is needed, please clone this issue.
This issue has been filed against UCS 4.2. UCS 4.2 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.