1

Topic: Is it possible to grant permission access webmail Roundcube for user?

Hello Developer team,

After I have been built the iRedMail system integrate with Microsoft Active Directory (AD). For security reason, I want to grant permission access webmail Roundcube for some users on AD who needed check mail via webmail (working from home, businuess trip, check mail on mobile devices...) and the rest to just work with application mail client when they came to company.

Have it one component built in on iRedMail system or must do something to do that? Kindly provide me the way to solve this thread.

Many thanks for your strong support.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Is it possible to grant permission access webmail Roundcube for user?

Roundcube authenticates mail accounts against IMAP server (Dovecot), but it cannot perform custom LDAP filter or MySQL query for authentication, so I'm afraid we cannot achieve this with Roundcube webmail.

Another way is, configure .htaccess under Roundcube root directory, so that users have to auth to use webmail. Just like the Awstats shipped in iRedMail.

Since you can custom LDAP filter (or SQL query) to authenticate users in .htaccess, you can now add custom value for your AD mail accounts to identify who can access webmail. For example, add 'enablewebmail' in attribute 'description', then add '(description=enablewebmail)' in LDAP filter.

I know it's not that nice, but it should work.

3

Re: Is it possible to grant permission access webmail Roundcube for user?

I will try follow the way you suggest and post the question in another topic if needed.

A big thanks for your answer.

4

Re: Is it possible to grant permission access webmail Roundcube for user?

As I checked/tested, if I configure .htaccess or httpd.conf  so that users have to auth to use link access to webmail. After that they must logon to rouncube to check mail. It's take two times :-) (inconvenience). I'm trying find another way to do that. Thanks and please close this topic.

5

Re: Is it possible to grant permission access webmail Roundcube for user?

Did you try Roundcube official plugin 'http_authentication'?

6

Re: Is it possible to grant permission access webmail Roundcube for user?

hello ZhangHuangbin,

How could I apply this plugin http_authentication? And how is is working ? Sorry to make this question cause I'm not much experience about programer. many thank your instructions.

7

Re: Is it possible to grant permission access webmail Roundcube for user?

I didn't use this plugin before, but after checked its PHP file, looks like pretty easy.

1) Modify .htaccess under root directory of Roundcube webmail to enable HTTP auth. You already achieved this.
2) Enable this plugin in roundcubemail/config/main.inc.php.
3) Add one NEW setting in main.inc.php as mentioned in PHP source file of this plugin:

$rcmail_config['logout_url'] = 'http://server.tld/logout.html';

And it should now work as expected.