Shared folders

From Kolab Wiki

Jump to: navigation, search
This page applies to Kolab 2.

Contents

Concept

Shared folders is a term used for IMAP folders that can be accessed simultaneously by many users. Kolab allows to specify a variety of access rights for such folders so that you can easily specify which users can read, write or modify the messages held in the IMAP folder.

Since a shared folder can also hold groupware resources (like events, tasks, addresses, notes, etc.) instead of plain mail they are an ideal tool for team organization and communication.

Shared folders can be created by Administrators, Maintainers, or Domain maintainers by using the tab Shared folders in the Kolab webadmin.

Problems

Posting to shared folders

As described on this page anyone from the outside may send emails directly to the shared folder by using the special syntax kolab+shared.foldername@yourdomain.com (given that you provided the anonymous or anyone user with post access rights for the shared folder foldername).

This does not work out of the box at the moment. If you send mail to a shared folder with the correct access rights you will probably receive the message "service unavailable: Command output: Failed to set recipient: Invalid response code received from server, code 550"

The problem is that when the folder is created, there is no virtual mapping for any address to that mailbox in postfix. The mailbox is sitting there, and you can access it via cyrus in a mail client. Move messages in and out etc. But when you send mail to it postfix can not find a user for that address. So to get around this, we add a new Vcard for the address : kolab+shared.foldername@yourdomain.com. That way there is a virtual mapping available for that address and mails should get delivered to this address.

There is a discussion about this issue in the kolab bug tracker

1/18/2010 - Bipolar: I've noticed that the setup here described does not quite work. There is one change I had to make to postfix for this to work: Edit /kolab/etc/kolab/templates/ldapvirtual.cf.template and /kolab/etc/postfix/ldapvirtual.cf and change the 'query_filter' line by removing (!(cn:dn:=external)) from it. Without this change, postfix will not check the addressbook for aliases.

04/30/2010 - diegows: You have to give post permission to kolab user in the shared folder too.

Posting to shared folders : Example

1. Let's pretend you have a domain computers.com
2. You want a sales shared folder that people can post to publicly.

Step #1 : In the kolab admin interface, you need to go to Shared folder and then to Add Shared Folder
Step #2 : Type the name sales into the folder name
Step #3 : Change the permissions for anyone from all to post

You can not leave the default permissions of all. You must choose post so the the messages can be placed into the mailbox.

Step #4 : Add any additional desired permissions for UID/GID

At this point you will have a shared folder called sales that you can subscribe to in your mail client if you have permissions to view it. You do not at this point have a way to post new message to that folder via email.

Step #5 : In the kolab admin interface, you need to go to Addressbook and then to Create New vCard
Step #6 : Fill in a first and last name, they can be whatever you like. Something like shared and sales would suffice
Step #7 : For the Primary E-Mail Address field you would type kolab+shared.sales@computers.com

The email address now used to post messages is : kolab+shared.sales@computers.com. You can not send messages to just shared.sales@computers.com or sales@computers.com. It has to be that specific syntax. You have to use that exact syntax when creating the vCard as well or the virtual mapping will not work properly.

Step #8 : If you wanted a simpler email address such as sales@computers.com, you could add that address as an alias to the vCard, and then post messages to that address. instead of kolab+. You will have to use the original required syntax for the Primary E-Mail Address first though.

Step #8 - bis : you can allready edit the file /kolab/etc/kolab/templates/virtual.template and add the line

sales@computers.com kolab+shared.sales@computers.com

and restart kolab.

09/09/2010 - iTeam: After the above steps I had to issue "/kolab/sbin/kolabconf" to get it working (Kolab 2.2.4).

How to manage sub directories in a shared folder?

This is currently only feasible using cyradm from the command line. While you can set the permissions on a folder to lrswipcd using cyradm so that users can create subfolders in a shared folder, they cannot be managed using the Kolab webadmin tool. The users won't be able to manage access rights on the subfolders nor can they choose the type of groupware objects that should be held in the folder. Thus the best option is to use cyradm from the command line to create hierarchical structures of shared folders until Kolab webadmin supports this.

This modification will result in Kolab webadmin presuming these permissions are "none" rather than "all + c." Also note that webadmin will not be able to see or edit the children folders. Such folders have permissions inherited from the editable parent at the time of their creation. Afterwards, their permissions are not alterable without cyradm.

Workaround via slash-containing folder name

  1. Generate a shared folder, type Mail eg. Example: testfolder, complete as seen in the web interface with default: testfolder@your_dom.tld -> shared.testfolder (shared.testfolder@your_dom.tld
  2. Generate another shared folder: testfolder/subfolder, complete as seen in the web interface with default: testfolder/subfolder@your_dom.tld -> shared.testfolder/subfolder (shared.testfolder/subfolder@your_dom.tld
  3. a third one etc.: testfolder/subfolder/sub, complete as seen in the web interface with default: testfolder/subfolder/sub@your_dom.tld -> shared.testfolder/subfolder/sub (shared.testfolder/subfolder/sub@your_dom.tld

Warning: Several disadvantages - Not by email adressable even while sieve works. If a folder in between is deleted, it cannot be regenerated until every subfolder below is deleted (when eg. shared.testfolder/subfolder is deleted, it cannot be restored until shared.testfolder/subfolder/sub is deleted also).

Workaround for allowing sub directory creation in webadmin

This is a global workaround, enlarging the scope of "all" permissions to include creating subdirectories of shared folders across the board. It will not affect existing folders until they are next modified.

Edit the .../perl5/Kolab/LDAP.pm file at the mapAcls subroutine, setting $sf to always be zero (on CVS revision 1.7, change the test for 'all' on line 424 to say if( 0 && $sf ) instead of just if( $sf ). This enables sub-folder creation for users with "all" permissions (but not users with just write permissions) to the shared folder.

After this change, you must restart kolabd. Any future edits to shared folders' permissions will result in enabling the creation of subdirectories on write and all permissions. You can simply go to modify in Kolab webadmin and then click Submit to enact this change in an existing folder.

Personal tools