Below are the guidelines to manage the distribution list through CLI.
Create domain
$ zmprov cd domain.com zimbraAuthMech zimbra
Create the delegated admin
$ zmprov ca [email protected] <passwd> zimbraIsDelegatedAdminAccount TRUE
Admin views
Below are list of Admin view’s available which can be assigned to delegated admin.
Account List View : accountListView Distribution List View : DLListView Alias List View : aliasListView Resource List View : resourceListView Class of Service LIst View : COSListView Domain List View : domainListView Server List View : serverListView Zimlet List View : zimletListView Admin Zimlet List View : adminZimletListView Global Settings View : globalConfigView Global Server Status View : globalServerStatusView Help Search View : helpSearch Saved Searches View : saveSearch Mail Queue View : mailQueue Backups View : backupsView Certificates View : certsView Software Updates : softwareUpdatesView Account Migration : bulkProvisionTasksView Per Server Statistics View : perServerStatisticsView Global ACL View : globalPermissionView Right List View : rightListView
Assigning the admin view
$ zmprov ma [email protected] zimbraAdminConsoleUIComponents accountListView zimbraAdminConsoleUIComponents DLListView zimbraAdminConsoleUIComponents COSListView
$ zmprov ga [email protected] | grep -i view zimbraAdminConsoleUIComponents: accountListView zimbraAdminConsoleUIComponents: DLListView zimbraAdminConsoleUIComponents: COSListView
Revoking admin view
caution: If you want to revoke the COS list view, then you need to run the full command except appending the revoking component ‘COSListView’
$ zmprov ma [email protected] zimbraAdminConsoleUIComponents accountListView zimbraAdminConsoleUIComponents DLListView
$ zmprov ga [email protected] | grep -i view zimbraAdminConsoleUIComponents: accountListView zimbraAdminConsoleUIComponents: DLListView
Configure Grants on Administrator Accounts
Manage Domains
Granting the rights to manage domains
Syntax:
grantRight(grr) {target-type} [{target-id|target-name}] {grantee-type} [{grantee-id|grantee-name} [secret]] {[-]right}
Example
$ zmprov grr domain example.com usr [email protected] domainAdminRights
View grants
Syntax:
getGrants(gg) [-t {target-type} [{target-id|target-name}]] [-g {grantee-type} {grantee-id|grantee-name} [{0|1 (whether to include grants granted to groups the grantee belongs)}]]
Example
$ zmprov gg -t example.com target type target id target name grantee type grantee id grantee name right ------------ ------------------------------------ ------------------------------ ------------ ------------------------------------ ------------------------------ -------------------- domain 15274f2b-9f64-4bd0-88c9-ec94874d8151 example.com grp f05e6210-1c19-42cb-9ab5-bccd7a045cb7 [email protected] +domainAdminConsoleRights domain 15274f2b-9f64-4bd0-88c9-ec94874d8151 example.com usr 400eecbd-6da3-4cdb-8791-fd5f42faade6 [email protected] domainAdminConsoleRights domain 15274f2b-9f64-4bd0-88c9-ec94874d8151 example.com usr 928c917e-ed9d-453c-84e0-a7d1da86cf14 [email protected] domainAdminRights domain 15274f2b-9f64-4bd0-88c9-ec94874d8151 example.com usr 400eecbd-6da3-4cdb-8791-fd5f42faade6 [email protected] domainAdminRights domain 15274f2b-9f64-4bd0-88c9-ec94874d8151 example.com usr 400eecbd-6da3-4cdb-8791-fd5f42faade6 [email protected] domainAdminConsoleAccountRights domain 15274f2b-9f64-4bd0-88c9-ec94874d8151 example.com usr 400eecbd-6da3-4cdb-8791-fd5f42faade6 [email protected] domainAdminAccountRights domain 15274f2b-9f64-4bd0-88c9-ec94874d8151 example.com usr 400eecbd-6da3-4cdb-8791-fd5f42faade6 [email protected] adminLoginAs
Managing Distribution list
Granting rights to delegated admin to manage DL
$ zmprov grr dl [email protected] usr [email protected] domainAdminDistributionListRights
Viewing rights assigned to DL
$ zmprov gg -t dl [email protected] 0 target type target id target name grantee type grantee id grantee name right ------------ ------------------------------------ ------------------------------ ------------ ------------------------------------ ------------------------------ -------------------- dl 2efe18a9-35a7-4553-9347-a744bb35943a [email protected] usr 400eecbd-6da3-4cdb-8791-fd5f42faade6 [email protected] domainAdminDistributionListRights
Examples
1. Delegated admin of example1.com can manage the DL of example2.com
$ zmprov grr dl [email protected] usr [email protected] domainAdminDistributionListRights
$ zmprov gg -t dl [email protected] target type target id target name grantee type grantee id grantee name right ------------ ------------------------------------ ------------------------------ ------------ ------------------------------------ ------------------------------ -------------------- dl 7163e8b2-a192-4898-a76a-36d288523a4a [email protected] usr 400eecbd-6da3-4cdb-8791-fd5f42faade6 [email protected] domainAdminDistributionListRights
2. Assigning the delegated admin all the “Global Administrator” rights except “view mail” option.
Admin Views
$ zmprov ma [email protected] zimbraAdminConsoleUIComponents accountListView zimbraAdminConsoleUIComponents DLListView zimbraAdminConsoleUIComponents aliasListView zimbraAdminConsoleUIComponents resourceListView zimbraAdminConsoleUIComponents COSListView zimbraAdminConsoleUIComponents domainListView zimbraAdminConsoleUIComponents serverListView zimbraAdminConsoleUIComponents zimletListView zimbraAdminConsoleUIComponents adminZimletListView zimbraAdminConsoleUIComponents globalConfigView zimbraAdminConsoleUIComponents globalServerStatusView zimbraAdminConsoleUIComponents helpSearch zimbraAdminConsoleUIComponents saveSearch zimbraAdminConsoleUIComponents mailQueue zimbraAdminConsoleUIComponents backupsView zimbraAdminConsoleUIComponents certsView zimbraAdminConsoleUIComponents softwareUpdatesView zimbraAdminConsoleUIComponents bulkProvisionTasksView zimbraAdminConsoleUIComponents perServerStatisticsView zimbraAdminConsoleUIComponents globalPermissionView zimbraAdminConsoleUIComponents rightListView
Granting the rights
zmprov grr domain example.com usr [email protected] domainAdminRights zmprov grr global usr [email protected] domainAdminRights zmprov grr global usr [email protected] adminConsoleAliasRights zmprov grr global usr [email protected] adminConsoleDomainRights zmprov grr global usr [email protected] adminConsoleCOSRights zmprov grr global usr [email protected] adminConsoleServerStatusRights zmprov grr global usr [email protected] adminConsoleResourceRights zmprov grr global usr [email protected] adminConsoleSoftwareUpdatesRights zmprov grr global usr [email protected] adminConsoleServerStatisticRights zmprov grr global usr [email protected] adminConsoleExtensionRights zmprov grr global usr [email protected] adminConsoleBackupRights zmprov grr global usr [email protected] adminConsoleMigrationRights zmprov grr global usr [email protected] adminConsoleMailQueueRights zmprov grr global usr [email protected] adminConsoleSavedSearchRights zmprov grr global usr [email protected] adminConsoleDLRights zmprov grr global usr [email protected] adminConsoleCertificateRights zmprov grr global usr [email protected] adminConsoleGlobalRights zmprov grr global usr [email protected] adminConsoleGlobalACLTabRights zmprov grr global usr [email protected] adminConsoleServerRights zmprov grr global usr [email protected] adminConsoleAccountRights zmprov grr global usr [email protected] adminConsoleZimletRights
3. Revoking domainAdminRights from delegated admin
$zmprov gg -t domain example.com target type target id target name grantee type grantee id grantee name right ------------ ------------------------------------ ------------------------------ ------------ ------------------------------------ ------------------------------ -------------------- domain 3c8de9e0-8228-4b48-931e-bc1b040683ed example.com usr 928c917e-ed9d-453c-84e0-a7d1da86cf14 [email protected] domainAdminRights
$zmprov rvr domain example.com usr [email protected] domainAdminRights $zmprov gg -t domain example.com target type target id target name grantee type grantee id grantee name right ------------ ------------------------------------ ------------------------------ ------------ ------------------------------------ ------------------------------ --------------------
4. Delegated Administrator allowed to manage calendar resource
$ zmprov grr calresource [email protected] usr [email protected] domainAdminCalendarResourceRights
$ zmprov gg -t calresource [email protected] target type target id target name grantee type grantee id grantee name right ------------ ------------------------------------ ------------------------------ ------------ ------------------------------------ ------------------------------ -------------------- calresource 19363368-4e64-43d7-bc7e-832b91c3bd93 [email protected] usr 400eecbd-6da3-4cdb-8791-fd5f42faade6 [email protected] domainAdminCalendarResourceRights
Miscellaneous commands
To get all acccount rights:-
$ zmprov gar account
To get effective rights for domain admin:-
$ zmprov ger account [email protected]
To get all DL rights:-
$ zmprov gar dl
To get effective rights for distribution list:-
$ zmprov ger dl [email protected]
To list global grants
$ zmprov gg -t global
