UWC no mail tab when upgraded CommSuite5 - mailAllowedServiceAccess problem
807574Apr 8 2008 — edited Feb 11 2020Hi,
We upgraded the MS, CS, and UWC components from 2005Q4 to Comm Suite 5, all using the latest patch from SunSolve. After we managed to overcome a few glitches during the upgrade, everything works fine except for some users of UWC.
Let me give a brief picture of our setup. We had UWC with SSO up and running when it was 2005Q4. We had some users who are only allowed access to mail services inside office, and naturally we use the LDAP attribute mailAllowedServiceAccess: -ALL:ALL EXCEPT XXX.XXX.XXX.XXX per the MS Admin Guide.
It worked flawlessly - they couldn't access IMAP, POP, SMTP, HTTP, and UWC except when they were in office. But when it was upgraded to Comm Suite 5, those users with such restrictions can no longer see the Mail Tab of UWC. They can still use the MS Webmail in office, however. Of course, users without that restriction can see the Mail Tab of UWC as usual and if we remove that LDAP attribute, the Mail Tab is shown again. And BTW, such attribute seemed to be read and executed correctly by other processes such as Webmail, POP, and IMAP, but it's just not working for UWC.
I understand that the MS/UWC had changed significantly in this release, especially in the Webmail and UWC components. Does UWC in this release actually support mailAllowedServiceAccess? If not, what can we do for restricting access based on IP address and user? I searched through the forum and found some hints about LDAP roles - but if I understand correctly, now, it's the IMAP server's doing a BIND, not the user's computers - so it won't work. Also, I heard that it can be done in Access Manager - but my understanding is that there's no way to apply a AM Policy to UWC...
Any help or suggestion is appreciated.
Thanks.
-PY