[CalendarServer-users] delegation help?

Cyrus Daboo cdaboo at apple.com
Mon Nov 12 07:13:47 PST 2007

Hi Joe,

--On November 9, 2007 1:30:39 PM -0500 Joe Auty <joe at netmusician.org> wrote:

> Firstly, what would be gained by doing what you are describing as opposed
> to simply setting up access to the other user's calendars without using
> the delegates feature?

Setting up access directly means using WebDAV ACL to directly manipulate 
the access control lists on the server. Due to the way inheritance works in 
WebDAV, there are some complicated issues with doing that.

The benefit of the delegates/proxy approach is that the server already has 
the necessary ACLs setup on the resources, provisioned when each user 
account is created. As a result, adding or removing a delegate/proxy is a 
simple matter of changing the membership of a group - that is a much 
simpler prospect that messing with ACLs.

> Could you dumb this down a little? So sorry to have to ask this :)

OK, here are some step-by-step instructions for setting up delegates:

Example add user 'A' as a delegate/proxy for user 'B'.

1) In the accounts.xml, locate the user 'B' account entry.

2) Add a <proxies> element to user B entry if one is not already present.

3) Inside the <proxies> element add an element for user 'A' thusly:

    <member type="users">A</member>

    replace 'A' with the actual user id.

4) In your web browser, navigate to /principals/users/B (substituting the 
user id for B). Copy the principal-URL value you see there (it will start 
with /principals/__uids__/).

5) In iCal create a new CalDAV account. For the user id enter user A's user 
id. For the password use user A's password. Expand down the 'Server 
Options" section and enter the principal-URL value for user B into the 
Account URL field. Then click Add.

6) After that the calendars for user B will appear in iCal. Note that this 
is being accessed by user A (i.e. using user A's login/password). So user 
B's login/password is kept private to them. User A will have full 
read-write access to user B's calendar data.

Cyrus Daboo

More information about the calendarserver-users mailing list