General discussion on installation and configuration of SOGo

Text archives Help

Re: [SOGo] Constraints based on group membership

Chronological Thread 
  • From: Martin Lehmann < >
  • To:
  • Subject: Re: [SOGo] Constraints based on group membership
  • Date: Sat, 28 Aug 2010 11:17:36 +0200

HTTP-Authz is only useful for authentication of sogo users but that's all! I also already use it for authentication.

But you can't use it for constraints! And constraints might be useful in many situations e.g. limit access to calendar or mail for some groups.

Am 28.08.2010 00:41, schrieb Alexandre Bertails:
I opened a ticket about this issue some time ago [1].

Since then, we decided to do the authentication/authorization in
Apache instead of SOGo and it works well.

To be honest, I don't think it's a good idea for the SOGo team to
spend time on developing something that is already well done in the
front-end server, and very powerful. Besides, most of the sysadmins
already know how to do that within Apache. Eventually, this could be
suggested in the SOGo user manual.

Alexandre Bertails, W3C Systems Team.


2010/8/26 Daniel
Berteaud< >:
Le jeudi 26 août 2010 à 02:43 +0200, Martin Lehmann a écrit :

Group memberships for constraints would be really great.
Now, I've to set an ldap-attribute for every user and feature.

Maybe you want for file a feature request for this:
Bug opened:

I hope the request is clear enough, english is not my native language ;)

Regards, Daniel


Am 25.08.2010 19:52, schrieb Daniel Berteaud:
Le lundi 09 août 2010 à 16:32 +0800, James Andrewartha a écrit :

I'm in a similar position, except I wanted to not list certain users in the
address book. I just moved the SOGo users into a new ou=calstaff located
inside ou=People, and told SOGo to use ou=calstaff,ou=People as the search
base. By relying on the DIT structure it is a gross hack, but it works.
Other LDAP things still work fine because they default to search scope=sub.
Unfortunately, I cannot move some of my users in a different ou as my
LDAP database is auto-generated (I'm using SME Server distro, which is
really great BTW).

I think the only solution would be some changes in SOGo, and that
constraints can use group membership in addition to simple LDAP filters.

Regards, Daniel

pièce jointe document texte brut (message-footer.txt)
Daniel Berteaud
Société de Services en Logiciels Libres
Technopôle Montesquieu
Tel : 05 56 64 15 32
Fax : 05 56 64 15 32

Web :


Archive powered by MHonArc 2.6.16.

Top of page