Geeks With Blogs

Lance's TextBox » About Me » My Resume »Twitter

Setting access control lists on IMAP servers is a pain.  But here's how you can do it very easily with the get/set-imap cmdlets included in NetCmdlets.

Retrieve the access control list of my Inbox from the IMAP server, by specifying the -acl flag parameter:

PS C:\> get-imap -server 1.2.3.4 -user lance -password mypass -acl                                                 

Mailbox Rights User
------- ------ ----
Inbox lrswipcda lance


PS C:\>

Now the access control list for a specific folder:

PS C:\> get-imap -server 1.2.3.4 -user lance -password mypass -folder INBOX.Subfolder -acl                            

Mailbox Rights User
------- ------ ----
INBOX.Subfolder lrswipcda charlest
INBOX.Subfolder lr lance


PS C:\>

Now I'll add look and read permissions so another user can see my inbox.  When setting the ACL, I'll use the -acluser parameter to specify the user I want to set the access control for, and the -acl parameter to specify the actual permissions the user should have.   The -acl parameter value is a string containing an optional plus ("+") or minus ("-") prefix, followed by zero or more rights characters. If the string starts with a plus, the rights are added to any existing rights for the user. If the string starts with a minus, the rights are removed from any existing rights for the user. If the string does not start with a plus or minus, the rights replace any existing rights for the user.  Setting the ACL also requires the -folder parameter.

PS C:\> set-imap -server 1.2.3.4 -user lance -password mypass -acluser bobl -acl lr -folder INBOX                 
PS C:\> get-imap -server 1.2.3.4 -user lance -password mypass -acl

Mailbox Rights User
------- ------ ----
Inbox lrswipcda lance
Inbox lr bobl


PS C:\> get-bufferhtml > C:\test.html

And finally, to remove permissions for a user, I can use the minus sign (-) in front of permissions that I want to remove, like so:

PS C:\> set-imap -server 1.2.3.4 -user lance -password mypass -acluser bobl -acl -l-r -folder INBOX                 
PS C:\> get-imap -server 1.2.3.4 -user lance -password mypass -acl

Mailbox Rights User
------- ------ ----
Inbox lrswipcda lance


PS C:\> get-bufferhtml > C:\test.html

Here is a list of permissions that can be set:

   
l Lookup (visible to be listed)
r Read (Can be selected, fetched, searched, and copied)
s Keep seen/unseen information across sessions
w Write (Store flags other than SEEN and DELETED)
i Insert (Can be appended, and copied into)
p Post (Can send mail to submission address for mailbox)
c Create (Can create new sub-mailboxes)
d Delete (Store DELETED flag, perform EXPUNGE)
a Administer (Set access permissions)

Technorati Tags: , ,
Posted on Thursday, May 31, 2007 5:06 PM PowerShell | Back to top


Comments on this post: Managing IMAP access control permissions from Windows PowerShell

No comments posted yet.
Your comment:
 (will show your gravatar)


Copyright © Lance Robinson | Powered by: GeeksWithBlogs.net