0002632: Ability to use separate/multiple AUTH and USER Db's, like dovecot does now - SOGo | BTS

ID	Project	Category	View Status	Date Submitted	Last Update

0002632	SOGo Integrator	Backend General	public	2014-03-04 12:24	2014-03-05 10:34

Reporter	tanstaafl	Assigned To
Priority	normal	Severity	feature	Reproducibility	always
Status	closed	Resolution	no change required
Product Version	17.0.5

Summary	0002632: Ability to use separate/multiple AUTH and USER Db's, like dovecot does now
Description	I would very much like the ability to be able to use separate AUTH and USER Databases, like dovecot can do now. Use case: We have Windows Server 2008R2 AD servers, but we (intentionally) do NOT use SSO. Meaning, users email passwords are different from their Domain Login passwords and are stored in a separate SQL database. This allows us to assign much stronger passwords for email, but let them have less secure domain login passwords. Since SOGo does not provide a way to create/manage SQL based user groups (for ACLs), we cannot use AD Groups when assigning ACLs, so I have to add each and every user to the main Shared Calendars and Address Books... this is a major pain. We are looking into adding support for user groups in the SQL based user management software we use (postfixadmin), but it currently has none, and may not for some time (or ever). If SOGo could define/use separate AUTH and USER DBs, like dovecot does, I could tell it to use AD for the USERDB stuff (getting group information, etc), but use dovecot for all AUTHing. This would provide maximum flexibility for setups that do not store everything in LDAP (or AD). Thanks for listening...
Additional Information	I had a thought while writing up this feature request... Maybe it would be possible to accomplish this now, by simply setting up a secondary USER DB in dovecot that utilizes my AD server? If I could configure dovecot to get Group information from AD, would SOGo be able to make use of that? Or, maybe it would be easier to modify SOGo to do this, than fully implementing this feature request, and so that could be like a stepping stone to full direct support in SOGo for separate/multiple AUTH and USER DB's?
Tags	No tags attached.

tanstaafl 2014-03-04 12:44 reporter ~0006615	Further thoughts about using dovecot... Still being new to SOGo, I forgot that SOGo is still talking directly to our SQL server. Maybe easier than fully implementing this feature request,m would be to simply somehow allow SOGo to just use dovecot for everything instead of talking directly to the SQL server? This way, if dovecot itself was configured to be able to query group memberships through AD and AUTH users against our SQL DB, then SOGo would get the benefit.

tanstaafl 2014-03-04 16:15 reporter ~0006623	How do I close this and add a link to the new Bug I opened that is attached to the right Project and Category? http://www.sogo.nu/bugs/view.php?id=2634

Date Modified	Username	Field	Change
2014-03-04 12:24	tanstaafl	New Issue
2014-03-04 12:44	tanstaafl	Note Added: 0006615
2014-03-04 16:15	tanstaafl	Note Added: 0006623
2014-03-05 10:33	Christian Mack	Relationship added	duplicate of 0002634
2014-03-05 10:34	Christian Mack	Status	new => closed
2014-03-05 10:34	Christian Mack	Resolution	open => no change required