Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Deny Access to Public Folders?
  •  
marook

Messages: 520

Karma: 3
Send a private message to this user
Hi All,

We have some Public Folders where we need to deny some users access to curtain folders. Has anybody found a way to do so?

I see the following issues:

1: It seems that you can't remove an access given on a higher level.

2: You need to grant Reader access to all users on the 1. level, so it seems you need to have Reader access to every folder.. right?

Regards,

Jakob Peterhänsel
Consultant - Humac A/S

Apple Certified Support Professional (ACSP)
Apple Certified Technical Coordinator (ACTC)
AppleSeed/CQF member since 1998
Kerio Messaging Partner
  •  
forum69

Messages: 62
Karma: -1
Send a private message to this user
Hello,


We have the same problem with KC 7.0.

We are unable to create a public folder (contact or calendar) and restrict the rights permissions to specifics users or a group .

The "all users" right permission (in grey) are inherited from the root public folder and we can't suppress it.


Unless to create a public folder opened to every one, this public folder feature is useless if restricted rights have to be applied.

If there a specific process to apply rights on newly created public folders ?
  •  
peter.hendrickx

Messages: 1
Karma: 0
Send a private message to this user
I'm looking for this feature also.
  •  
matthealey

Messages: 46
Karma: 6
Send a private message to this user
  •  
TorW

Messages: 769
Karma: 9
Send a private message to this user
You can remove the "all users" group from the root folder and set explicit rights on every folder below, but it's cumbersome. Kerio needs a "deny" right in addition to Reader, Editor and Administrator rights.
  •  
rickblackdog

Messages: 55
Karma: -1
Send a private message to this user
Sorry for digging up an older thread but it seems this still hasn't been solved & wondering if any of you got a solution. If I remove the 'all users' from the top level and add them to sub folders specifically then the users can not expand public folders.

Any ideas?
  •  
skeates

Messages: 104
Karma: 0
Send a private message to this user
If I understand correctly what you want to do then I have had to do this for a few clients my self.

By default most people start crearting there folder structure under the default root public folder.

What you need to do is create sub folders under the root:

Public
Private

etc.

Then apply the permissions to those folders. That way you can restrict access to folders under private or any other folder and allow every one access to public (since it is a public folder).

The issue comes in when you want to implement this after already setting up a public folder structure.

You can move all your folders into the newly created public and private folders, but folders that already have permissions set on them will not inherit permissions from the newly created top level folder.

There is a way around this, but it requires running terminal commands.

See below. (USE THIS AT YOUR OWN RISK ALWAYS BACK UP YOUR DATA BEFORE HAND)!

I have done this a number of times, and it works but you need an understanding of what is going on.

You need to run two sets of commands

First command finds all the status.fld files were the permissions are set and clears any permissions from the files.

find SOURCE -name "status.fld" -exec sed -i '' 's/Aauthuser<_at_>DOMANIN.*//g' '{}' \;


Second command writes the permissions into the status.fld files. For this to work you need to create a text file and instert the permissinos you want to apply into the file.

find SOURCE -iname \status.fld -print0 | while IFS= read -r -d '' file; do cat /permissions.txt >> "$file" ; done


All Users from Domain eg. Aauthuser<_at_>domain.com lrswicda

All Users from Domain Aauthuser<_at_>domain.com Administer: lrswicda Editor: lrswid Reader: lr
All Users Aauthuser<_at_>domain.com Administer: lrswicda Editor: lrswid Reader: lr
Group A[groupname<_at_>domain.com] Administer: lrswicda Editor: lrswid Reader: lr
User Ausername<_at_>domain.com Administer: lrswicda Editor: lrswid Reader: lr
Anoynimus Aanyone Administer: lrswicda Editor: lrswid Reader: lr
  •  
macjimbo

Messages: 103
Karma: 6
Send a private message to this user
I had the same issue - when looking at access rights for a public folder, the 'all users' line could not be removed.

I believe that lines which may not be removed are showing inherited permissions from the parent. I found that at the top 'Public folders' level, it is possible to remove the 'all users' permission line. Once this is removed, this line can then be removed from the child folders.

Obviously this solution may not suit everyone because it does change the nature of the Public Folders concept. But if, like me, you setup a bunch of public folders in a small organisation and then your organisation became bigger and you want to restrict access to some users, this approach does work.

Hope that helps

James
Previous Topic: 7.2 iCal passwords
Next Topic: Outlook not reading resource free/busy info
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Nov 20 12:59:26 CET 2017

Total time taken to generate the page: 0.00473 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.