Linux Certif

Toute la documentation sur la certification Linux LPI

zarafa-admin

NAME

zarafa-admin - Manages Zarafa users and stores.

SYNOPSIS

zarafa-admin ACTION [OPTION...]

DESCRIPTION

This tool can be used to create the public store and to add, update and remove users from Zarafa. The Zarafa server must be running for zarafa-admin to work.

If no action is given, a listing of the possible parameters is printed. When invalid actions or not enough options for an action are given, an error message is printed.

When using LDAP as the users source, create, modify and delete actions are done in the LDAP tree and not using the zarafa-admin too. Please see the EXTERNAL USERS() section for more information.

ACTIONS

zarafa-admin needs an action command with the appropriate options. Valid actions are:

-s

Create a public store. No other options are needed. Only one public store can be created. Successive calls will fail.

-c username

Create a new user, -p, -f and -e options are required, -a and -n parameters are optional. To set a password using a password prompt, use the -Poption in stead of -p.

-d username

Delete a user. No other options are needed. The deleted store of the user will be marked as orphan store and can be restored with --hook-store

-u username

Update user information. Valid parameters are: [-p|-P], -f, -e, -a, -n and -U to update user information. Use: --qo, --qw, --qs or --qh to set quota levels. Use 0 with quota options to set as 'unlimited'.

-g groupname

Create a new group. Valid parameters are: -e

--update-group groupname

Update group information. Valid parameters are: -e

-G groupname

Delete a group. No other options are needed.

-b username

Add a user to a group. Use the -i to set the groupname.

-B username

Remove a user from a group. Use the -i to set the groupname.

-l

List all users available in Zarafa. When using an external user source, this action will implicitly synchronize all users in the external source, creating, updating and/or removing users and stores.

-L

List all groups available in Zarafa. When using an external user source, this action will implicitly synchronize all groups in the external source, creating updating and/or removing groups and memberships.

--list-companies

List all companies available in Zarafa. When using an external user source, this action will implicitly synchronize all companies in the external source, creating updating and/or removing companies.
This option is only available in multi-company Zarafa

--details name

Show all the details of a user, showing the fullname, e-mailaddress, active state, administator state, group memberships and quota settings. Optionally use --type to indicate for what kind of object the details are being requested.
Note: This function does not synchronize with the external user plugin. Thus changes from e.g. LDAP will not be set during this function.

--type type

Additional argument for --details. The argument with this option indicates for what type of object the details are being requested. Allowed values are 'user', 'group' or 'company' When this option is not used, it defaults to 'user'

--create-company companyname

Create a new company space.
Use: --qo, --qw, --qs, --qh to set quota levels for the company.
Use: --udqo, --udqw, --udqs, --udqh to set the default quota levels for the users inside the company.
This option is only available in multi-company Zarafa.

--update-company companyname

Update an existing company space.
Use: --qo, --qw, --qs, --qh to set quota levels for the company.
Use: --udqo, --udqw, --udqs, --udqh to set the default quota levels for the users inside the company.
This option is only available in multi-company Zarafa.

--delete-company companyname

Delete company space.
This option is only available in multi-company Zarafa.

--set-system-admin companyname

Set system administrator for the company specified by -I.
Please be aware that this option does not provide the user with administrator privileges. The system administrator is considered the main contact person for a company, it will for example be used as default sender for quota warning emails.
This option is only available in multi-company Zarafa.

--add-to-viewlist companyname

Add company 'companyname' to remote-view list of company specified by -I. After this command the 'companyname' is capable of viewing all members of the company specified by -I.
This option is only available in multi-company Zarafa.

--del-from-viewlist companyname

Delete company 'companyname' from remote-view list of company specified by -I. After this command the 'companyname' is no longer capable of viewing all members of the company specified by -I.
This option is only available in multi-company Zarafa.

--list-view

List all companies in the remote-view list of the company specified by -I. The companies in this list are able to view all members of the specified company in their Address Book.
This option is only available in multi-company Zarafa.

--add-to-adminlist username

Add user 'username' to remote-admin list of company specified by -I. This is the administrator list for remote administrators, as such it only manages administrators from a different company. Users who should be administrator over their own company are managed by updating (-u) the user and specifying the -a argument.
Users can only be administrator over a different company when they have also been granted view privileges, can be granted by using the --add-to-viewlist.
This option is only available in multi-company Zarafa.

--del-from-adminlist username

Delete user 'username' from remote-admin list of company specified by -I. This is the administrator list for remote administrators, as such it only manages administrators from a different company. Users who should be administrator over their own company are managed by updating (-u) the user and specifying the -a argument.
This option is only available in multi-company Zarafa.

--list-admin

List all users in the remote-admin list of the company specified by -I. This is the administrator list for remote administrators, as such it only manages administrators from a different company. Users who should be administrator over their own company are managed by updating (-u) the user and specifying the -a argument.
Users can only be administrator over a different company when they have also been granted view privileges, can be granted by using the --add-to-viewlist.
This option is only available in multi-company Zarafa.

--add-userquota-recipient user

Add 'user' as recipient to userquota warning emails. You can optionally use -I to set the companyspace to apply the recipient list action on.

--del-userquota-recipient user

Delete 'user' as recipient to userquota warning emails. You can optionally use -I to set the companyspace to apply the recipientslist action on.

--list-userquota-recipients

List all additional recipients for a userquota warning email. Use -I to request the recipient list for a particular company space

--add-companyquota-recipient user

Add 'user' as recipient to companyquota warning emails. You can optionally use -I to set the companyspace to apply the recipientslist action on.

--del-companyquota-recipient user

Delete 'user' as recipient to companyquota warning emails. You can optionally use -I to set the companyspace to apply the recipientslist action on.

--list-companyquota-recipients

List all additional recipients for a companyquota warning email. Use -I to request the recipient list for a particular company space

--list-sendas user

List all users who are able to directly send an email as user. This has been set in the LDAP server, or with the --add-sendas command for Unix and DB plugins.

--purge-softdelete days

Starts a softdelete purge on the server, removing all soft-deleted items which have been deleted days days ago, or earlier

--list-orphans

When a user is removed, the store becomes orphaned. This option shows a list of stores that are not hooked to a user. You can use the --remove-store and --hook-store from this list.

--hook-store store guid

You can hook an orphaned store to an existing user, so you may access the store again. Use the -u username to specify the user to hook the store to.
You can copy an orphaned store to the public store, so you can read the store in the public. Use the --copyto-public to copy the store to the public folder 'Admin/deleted stores'.

--remove-store store guid

Use this action to remove the store from the database. The store is actually just marked as deleted, so the softdelete system can remove the store from the database.

--create-store username

This action will create a store for a newly created user, and is normally called through the createuser script. If the --list-orphans action listed users without a store, you can create a new store for those uses with this command.

--config file

Use a configuration file. See the CONFIG() section for more information.

OPTIONS

The options used by actions are as follows:

-U new username

Use this parameter to rename a user. This option is only valid with the -u update action.

-p password

Set password for a user. This option is only valid with the -c create or -u update action.

-P

Set password for a user. The password can be entered on the password prompt. The password will not be shown. This option is only valid with the -c create or -u update action.

-f 'full name'

Specify full user name. Use single quotes around the name to pass it as a single parameter. This option is only valid with the -c create or -u update action.

-e 'email address'

Specify the email address. This address will be used to set the 'From' email address in outgoing email messages. Use single quotes around the name to pass it as a single parameter. This option is only valid with the -c create or -u update action.

-a [yes|y|1|2 / no|n|0]

Set the user as administrator by passing 'yes'. When passing 'no', administrator rights will be revoked from the user. This option is only valid with the -c create or -u update action.
It is also possible to pass 2 as administrator level, this will make the user a system administrator who can create/modify/delete companies.

-n [yes|y|1 / no|n|0]

Specify a non-active user. This user cannot login, but email can be delivered, and the store can be opened by users with correct rights.

--qo [yes|y|1 / no|n|0]

Override the default server quota settings for this user. User specific quota levels will used. The default value of this option is 'no', always using server quota levels. This option is only valid with the -c create or -u update action.

--qw value in Mb

Set the warning quota level for a user. The user may receive a warning email when this level is reached. See zarafa-monitor(1) for warning emails. This option is only valid with the -c create or -u update action.

--qs value in Mb

Set the soft quota level for a user. The user will be unable to receive new emails, bouncing the email back to the sender. This option is only valid with the -c create or -u update action.

--qh value in Mb

Set the hard quota level for a user. The user will be unable to receive and create new emails. This option is only valid with the -c create or -u update action.

--udqo [yes|y|1 / no|n|0]

Override the default server quota settings for all user within the specified company. default value of this option is 'no', always using server quota levels.

--udqw value in Mb

Set the warning quota level for all users within the specified company. The user may receive a warning email when this level is reached. See zarafa-monitor(1) for warning emails.

--udqs value in Mb

Set the soft quota level for all users within the specified company. The user will be unable to receive new emails, bouncing the email back to the sender. See zarafa-monitor(1) for warning emails.

--udqh value in Mb

Set the hard quota level for all users within the specified company. The user will be unable to receive and create new emails. See zarafa-monitor(1) for warning emails.

--host, -h path

Connect to the Zarafa server through path, e.g. file:///path/to/socket. Default: file:///var/run/zarafa. This option can always be specified.

-i groupname

This sets the groupname for -b and -B actions.

-I companyname

This sets the companyname for all user, group and company commands. This option is only available for multi-company Zarafa.

--mr-accept Accept incoming meeting request

Specified that meeting requests should automatically be accepted for this user. This means that when a meeting request is sent to this user when specified as being a 'resource', the request will directly be honoured and written to the calendar. This is a client-side action and this setting therefore does not affect actual meeting requests being delivered via zarafa-dagent.

--mr-decline-conflict Decline conflicting meeting requests

This option only has effect when --mr-accept=yes is in effect. When specifying --mr-decline-conflict, meeting requests that conflict with an existing meeting will be declined.

--mr-decline-recurring Decline recurring meeting requests

This option only has effect when --mr-accept=yes is in effect. When specifying --mr-decline-recurring, meeting requests that are recurring will be declined.

--add-sendas sender

Add user sender to the list of the senders you're updating as a 'send as' user. The sender can now send mails under the updated user's name, unless the updated user sets the sender as a delegate. When the sender is a delegate, the mail will be sent with 'On behalf of' markings in the email. This option is only valid with the -u update action.

--del-sendas sender

Remove user sender from the list of the senders you're updating as a 'send as' user. This option is only valid with the -u update action.

--lang language

Use language to create new stores; this means that folders in the new store will be in the language specified. Only useful in combination with --create-store. When this options in not specified, the system default will be selected according the LC_* and LANG environment variables, depending on your OS.

CONFIG

Normally, no configuration file is used or required. The following options can be set in the configuation file:

server_socket

Unix socket to find the connection to the Zarafa server.
Default: file:///var/run/zarafa

sslkey_file

Use this file as key to logon to the server. This is only used when server_socket is set to an HTTPS transport. See the zarafa-server(1) manual page on how to setup SSL keys.
Default: value not set.

sslkey_pass

The password of the SSL key file that is set in sslkey_file.
Default: value not set.

EXAMPLES

For creating a user:

zarafa-admin -c loginname -p password -f 'Firstname Lastname' -e f.lastname@company.com

For creating a non-login store:

zarafa-admin -c loginname -p password -f 'Firstname Lastname' -e f.lastname@company.com -n 1

For modifying the password and e-mail address:

zarafa-admin -u loginname -p newpass -e fistname@company.com

For deleting a user:

zarafa-admin -d loginname

For adding a user to a group:

zarafa-admin -b loginname -i groupname

For setting a specific quota level for a user. Warning level to 80 Mb, soft level to 90 Mb and hard level to 100 Mb:

zarafa-admin -u loginname --qo yes --qw 80 --qs 90 --qh 100

EXTERNAL USERS

When the users are located in an external database, and the Zarafa server is configured to use these users, a lot of commands from the zarafa-admin tool make no sense anymore. An example of an external database, and currently the only option, is an LDAP database.

The following actions can still be used, all other commands will be automatically triggered by changing the values in the LDAP server.

-s: create public store.

-l: list users known to Zarafa.

-L: list groups known to Zarafa.

--details username: show user details.

--sync: trigger full synchonise for users and groups from the external source.

When the users change in the external source, the Zarafa server instantly synchronizes to these changes. There are two exceptions that need some extra attention, and these are when users are created or deleted. When a user is created, the createuser_script from the zarafa-server.cfg(5) will be started to create a store for a user. Likewise, when deleting a user, the deleteuser_script from the zarafa-server.cfg(5) will be started to delete a store from a user. The same is valid for creating and deleting a group and company, starting the creategroup_script/createcompany_script and deletegroup_script/deletecompany_script scripts respectively.

DIAGNOSTICS

Could not create user/store/public store.

When you get this error, make sure the Zarafa server and database server are running.

AUTHOR

Written by Zarafa.

SEE ALSO

zarafa-server(1) zarafa-server.cfg(5)