Orphaned access list entries

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Rich Graves
Outstanding Member
Outstanding Member
Posts: 687
Joined: Fri Sep 12, 2014 10:24 pm

Orphaned access list entries

Postby Rich Graves » Fri Dec 17, 2010 11:53 am

This came to me as an Outlook problem, but it's really generic to the server.
If you grant access to one of your folders to an account, and then that account is deleted, the original grant stays around, and various things get weird.
For example, here's the business end of an Outlook Sync Failure Notice.

Should there be a way to reap obsolete ACLs? I suppose I could imagine a need to leave them in, just so that if you delete and restore an account, it gets its old rights back. (Assuming that a zmrestore reuses the zimbraId. Does it?)
If there is not going to be a way to reap obsolete ACLs, should all interfaces prune reported ACLs of dead zimbraIds before returning them to clients? Or must all clients tolerate dangling references? Currently, Outlook fails (if the user has the "a" right), and while I can't remember the details, I think I've seen problems in ZWC as well.

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 14 guests