[Evolution] IMAP or POP3 accounts

Not Zed notzed@ximian.com
Thu, 02 Sep 2004 10:38:02 +0800
Previous message: [Evolution] IMAP or POP3 accounts
Next message: [Evolution] IMAP or POP3 accounts
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
--=-3J6JEEz7rI7Wk6nZB693
Content-Type: multipart/alternative; boundary="=-mq++W+mG235h8K1s+SJ8"


--=-mq++W+mG235h8K1s+SJ8
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

On Wed, 2004-09-01 at 16:53 +0200, nick galea wrote:

> Hi,
> 
> I am considering replacing Outlook on our network (approximately 100 
> clients) with evolution.
> 
> However, i have a number of questions regarding the central management 
> of Evolution IMAP and POP3 account data for each user in a network:
> 
> 1. The windows logon provides a single sign on for both windows and 
> outlook. Meaning that when a user changes his/her password in windows 
> this is automatic for outlook too. Is it possible to achieve a similar 
> thing using Evolution and active directory?
> 2. If this is not possible with active directory then would it be 
> possible using Novell Edirectory? I.e if i would move from active 
> directory to novell edirectory for signing on, is there somehow an 
> integration between Evolution and edirectory which would obsolete the 
> need for the user to regularly change his IMAP or POP3 passwords even if 
> he changes his windows or edirectory logon?

Well you could change the system login and imap server/pop3 password
using these sort of mechanisms, but that is independent of evolution.

It wouldn't automatically change the user's 'remembered' password in
Evolution though.  Which may or may not be an issue (e.g. if you don't
want users remembering their passwords), but they will be re-prompted.
True single-signon would require the use of kerberos stuff as Jeff
mentioned.  Actually letting the users remember their password in such a
context isn't particularly secure, since they are only stored on disk
obfuscated and not encrypted and only relies on (enforced) unix
filesystem permissions for security.


> If both are not available, does anyone know whether Novell is working on 
> such an integration? Surely this would make sense for both Evolution and 
> Edirectory users and since both are owned by Novell....

There is work going on in the identity management/systems management
area, and some of it relates to Evolution (specifically to configuring
and locking down settings), but we are not directly party to this work.
So I don't know the full scope of it.

I agree this makes absolute sense.  And I would be quite surprised if it
isn't on some roadmap somewhere.

> And if not, does anyone know if this would be relatively easily 
> developed for Evolution? If there is demand from other users too i would 
> consider developing such an add-on module.

Well one thing we have on our roadmap is integration with the gnome-key-
ring thing, or whatever its called, which provides some centralised auth
system, so i've heard.  I don't really know much about it, but assuming
it is extensible, it sounds like the approach that will lead to this
goal ... eventually ... when its done.

-- 

Michael Zucchi <notzed@ximian.com>
"born to die, live to work, it's all
downhill from here"
Novell's Evolution and Free Software
Developer

--=-mq++W+mG235h8K1s+SJ8
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 7bit

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
  <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
  <META NAME="GENERATOR" CONTENT="GtkHTML/3.2.0">
</HEAD>
<BODY>
On Wed, 2004-09-01 at 16:53 +0200, nick galea wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">Hi,</FONT>

<FONT COLOR="#000000">I am considering replacing Outlook on our network (approximately 100 </FONT>
<FONT COLOR="#000000">clients) with evolution.</FONT>

<FONT COLOR="#000000">However, i have a number of questions regarding the central management </FONT>
<FONT COLOR="#000000">of Evolution IMAP and POP3 account data for each user in a network:</FONT>

<FONT COLOR="#000000">1. The windows logon provides a single sign on for both windows and </FONT>
<FONT COLOR="#000000">outlook. Meaning that when a user changes his/her password in windows </FONT>
<FONT COLOR="#000000">this is automatic for outlook too. Is it possible to achieve a similar </FONT>
<FONT COLOR="#000000">thing using Evolution and active directory?</FONT>
<FONT COLOR="#000000">2. If this is not possible with active directory then would it be </FONT>
<FONT COLOR="#000000">possible using Novell Edirectory? I.e if i would move from active </FONT>
<FONT COLOR="#000000">directory to novell edirectory for signing on, is there somehow an </FONT>
<FONT COLOR="#000000">integration between Evolution and edirectory which would obsolete the </FONT>
<FONT COLOR="#000000">need for the user to regularly change his IMAP or POP3 passwords even if </FONT>
<FONT COLOR="#000000">he changes his windows or edirectory logon?</FONT>
</PRE>
</BLOCKQUOTE>
Well you could change the system login and imap server/pop3 password using these sort of mechanisms, but that is independent of evolution.<BR>
<BR>
It wouldn't automatically change the user's 'remembered' password in Evolution though.&nbsp; Which may or may not be an issue (e.g. if you don't want users remembering their passwords), but they will be re-prompted.&nbsp; True single-signon would require the use of kerberos stuff as Jeff mentioned.&nbsp; Actually letting the users remember their password in such a context isn't particularly secure, since they are only stored on disk obfuscated and not encrypted and only relies on (enforced) unix filesystem permissions for security.<BR>
<BR>
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">If both are not available, does anyone know whether Novell is working on </FONT>
<FONT COLOR="#000000">such an integration? Surely this would make sense for both Evolution and </FONT>
<FONT COLOR="#000000">Edirectory users and since both are owned by Novell....</FONT>
</PRE>
</BLOCKQUOTE>
There is work going on in the identity management/systems management area, and some of it relates to Evolution (specifically to configuring and locking down settings), but we are not directly party to this work.&nbsp; So I don't know the full scope of it.<BR>
<BR>
I agree this makes absolute sense.&nbsp; And I would be quite surprised if it isn't on some roadmap somewhere.
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">And if not, does anyone know if this would be relatively easily </FONT>
<FONT COLOR="#000000">developed for Evolution? If there is demand from other users too i would </FONT>
<FONT COLOR="#000000">consider developing such an add-on module.</FONT>
</PRE>
</BLOCKQUOTE>
Well one thing we have on our roadmap is integration with the gnome-key-ring thing, or whatever its called, which provides some centralised auth system, so i've heard.&nbsp; I don't really know much about it, but assuming it is extensible, it sounds like the approach that will lead to this goal ... eventually ... when its done.<BR>
<BR>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
-- <BR>
<TABLE CELLSPACING="6">
<TR>
<TD>
<IMG SRC="cid:1094092219.4328.15.camel@lostzed.mmc.com.au" WIDTH="48" HEIGHT="48" ALIGN="top" ALT="" BORDER="0">
</TD>
<TD>
<B>Michael Zucchi</B> &lt;<A HREF="mailto:notzed@ximian.com">notzed@ximian.com</A>&gt;<BR>
<I>&quot;born to die, live to work, it's all downhill from here&quot;</I><BR>
<TT>Novell's <A HREF="http://codeblogs.ximian.com/blogs/evolution/">Evolution</A> and <A HREF="http://www.gnu.org/philosophy/free-sw.html">Free Software</A> Developer</TT>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>

--=-mq++W+mG235h8K1s+SJ8--

--=-3J6JEEz7rI7Wk6nZB693
Content-ID: <1094092219.4328.15.camel@lostzed.mmc.com.au>
Content-Disposition: attachment; filename=zed-48.small.jpg
Content-Type: application/octet-stream; name=zed-48.small.jpg
Content-Transfer-Encoding: base64

/9j/4AAQSkZJRgABAQEASABIAAD/2wBDAA0JCgsKCA0LCgsODg0PEyAVExISEyccHhcgLikxMC4p
LSwzOko+MzZGNywtQFdBRkxOUlNSMj5aYVpQYEpRUk//2wBDAQ4ODhMREyYVFSZPNS01T09PT09P
T09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0//wAARCAAwADADASIA
AhEBAxEB/8QAGQAAAwEBAQAAAAAAAAAAAAAAAwQFAgYB/8QALhAAAgEDAgUEAQIHAAAAAAAAAQID
BBEhABIFEzFBURQigZEGYXE0UmJyobHx/8QAFwEBAQEBAAAAAAAAAAAAAAAABAMCAf/EAB0RAAID
AQEAAwAAAAAAAAAAAAABAgMREjEiMkH/2gAMAwEAAhEDEQA/AK8sEEq35nLaP3e1cW/m8kfdtAfh
824L7I1YFrnaRt8+L40U1ECxiGjLzSCocRYuQhubW7jIxrcFZRzU7q3sh3e8deWvX67/AKX0Xegi
TixevoZdxjhnkk2xBj2Z7DIA74Gs+kgpoaamPLllqE5yPuO4i1+nix7+NS3qatikPNZa+idmjLGx
YE+7r16DHgnTEtRWTVIraiknUrE42mJvYTY/IyfjT66YZjNzkzSSRTrEYTuz0tbpg6oV1V62op5G
3QhV9yn+7t8DXPDiZlaepq0AYIBGEFtuRc2/WwH7aroXho98jNG5RVa4wDYNbzqNsefqdcnmM0J0
pp1kKyRywsdpU46EX/19aT4ioWgmanATG0Mpvcd89750arjMg2L1DfQtnSixTMW5hO0ZBZsEg5t5
xodU+8fhit7jZz4ChQWS99U1lC0H8RNZx74xK2DkAG48ePOtU0UUsQLC6kki/wC+jqtMpeLapjYg
XJyNLcxyr1EUHaWaEspHXPbXVcNkUcCUOjvNv2kAdAehOkVo4LrDEFG9hcnPe+rlUsNNSenUIWkk
ZHfbflqFC475IvqdnyWaRsgl6MNwysp13y8uLG3cTk6LBwCmliFR6lw7XBKdMdj50t+X8RkWOnhV
rbnLfX/dUPx1ivAoTJnmFm+CdIVEIx6XpFQSZxVVH6KrkRRaAudn9I8HXhniSPcyC/ntqzxOjMNS
6uNyMbqT0I1Ogoad6pF5S23C4t1zqOa8Y7xbEDSxmesguHDId4DKQDjGqMqHmNLGygFnujAZF8DF
820/xYpQ8RWcRLtkBINuh6Ef5B0tNRH0L7UEjGzCVTZirDBGfJ+NasrcMf4CnLp6f//Z


--=-3J6JEEz7rI7Wk6nZB693--
Previous message: [Evolution] IMAP or POP3 accounts
Next message: [Evolution] IMAP or POP3 accounts
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]