Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    How to (only) access shared calendar without access to email folder structure

    Kopano Groupware Core
    2
    3
    613
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • micro
      micro last edited by

      Hello everybody,

      I am stuck with following issue. Kopano-Server is version 8.5.9 and the Outlook clients on following example are Outlook 2010 with Zarafa client 7.2.6 installed.

      Alice is sharing her calendar to Beatrice (secretary privilege) + Charlie (read-only) + Debbie (read-only).
      B+C+D should have exclusively access to Alice’ calendar, they are not allowed (!) to see any confidential information about Alice email messages, contacts or notes and even not the folder names. Alice have a folder “my own folders” within her root mailbox where dozens/hundreds of subfolders are present (department1, department2, high-confidential, jobs, contracts, etc.)

      Before the Kopano upgrade it worked as following:

      Workstations of A+B+C+D are all untouched, they still run the same OS, Outlook Version 2010 and the latest zarafa client 7.2.6.52189 is installed and in use. Alice on former Zarafa time initially right-clicked on her root mailbox folder and did set privileges for B+C+D to NO RIGHTS template, only LIST privilege. Then on her calendar he right-clicked and did set the privilege for B=secretary, C+D=read-only. None of the rest of the folders were modified.

      B+C+D on their own workstations within Outlook 2010 just added Alice’ calendar through the CALENDAR view --> Add shared calendar --> ALICE --> done. They had access to Alice’ calendar according the privileges assigned and they did not see a folder “Incoming - Alice” in the message view on the left folder pane. They just had “Calendar - Alice” in calendar view, that was working fine.

      If I understood correctly (and like we are experiencing) this does not work any more with new Kopano setup, although those explained settings remained as before. That mentioned wiki article gives an explanation that it needs to attach a “user” within the Kopano ribbon.

      So how should I do that? User B+C+D use Outlook 2010 with zarafa client in use, so they do not use KOL but have the Zarafa ribbon within Outlook. As explained the “add shared calendar” does not work after we migrated to Kopano because the error appears “calendar could not be refreshed”. So instead I tried following for user B:

      • close the non-working shared calendar “Calendar - Alice” so it is removed in calendar view.
      • on the zarafa ribbon choose “open shared account”
      • as it’s not convenient to choose “open calendar (temporary)” because employee B needs to access Alice’ calendar all the time and every day we have to choose “open mailbox (permanently” and then from GAB choose “ALICE”.

      As result user B has the whole mailbox attached to Outlook 2010. Of course she can access the calendar of Alice in calendar view, but (!) --> in email view Beatrice sees all the available (sub-)folders of Alice email directory. That’s bad! Now if we want to prevent this, I have to right-click each single email folder in Alice account and choose the privilege “None” so the “list privilege” is removed. There are over hundreds (sub-)folders in Alice’ email directory. You can imagine I don’t want to do that on each single folder.

      Any help really appreciated.

      1 Reply Last reply Reply Quote 0
      • Gerald
        Gerald last edited by

        I’ve just tried this on my system with Outlook 2010 and the very latest Kopano core-8.6.80.865_0+123-Ubuntu_16.04-amd64 (current daily build).

        I can confirm, if you open a shared folder where the root has no rights + view and the calendar subfolder has full rights, I also get the message that the calendar cannot be refreshed (German: konnte nicht aktualisiert werden).
        With the same permissions, opening the calendar in the same way in WebApp works fine and I can edit the shared calendar. So this got probably broken at some time?

        Regarding your workaround: this is what I’ve been using for years. Changing the permissions of all folders is very cumbersome, but it adds flexibility since this way you can for example share Calendar + Random Mail Folder X + Contact Folder Y.

        Regarding the >100 subfolders in the Account of Alice: Just make sure they are subfolders of something, you only need to change the direct subfolders of the root directory to “No Rights + No View” to hide them. So if not already the case she should just put everything in a subfolder like “Archive” or “Projects”. And then you hide Project and Inbox and all the other folders. Only Disadvantage: If a new subfolder is created below root, it will inherit “No rights + View” and will be visible for others. The contents will not be visible though, just the existence of the folder.

        1 Reply Last reply Reply Quote 0
        • micro
          micro last edited by micro

          Hi Gerald,

          as you said and also experienced: it seems that this has been broken. It worked fine with Zarafa Server, it does not work anymore on Kopano server.

          As I explained detailled on my initial post, nothing has changed on the client side. It does make no sense for me, to have all the employees remove a shared calendar which they have attached within their Outlook client and in the following attach the whole mailbox into their Outlook. They do not need access mail, task, contact objects etc. they just need access to the shared calendar of Alice.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post