iredmail-doc/en_US/howto/promote.user.to.be.global.a...

# Promote a mail user to be global admin

[TOC]

## Summary

If you forgot password of existing global admin account, or mistakenly removed
global admin, you can promote an existing mail user to be a global admin by
following this tutorial.

## Promote user to be global admin

### SQL backends

Let's say you want to promote existing mail user `john@example.com` to be
__global admin__, here's SQL commands to achieve this goal (note: we use MySQL
for example):

```
sql> USE vmail;
sql> UPDATE mailbox SET isadmin=1, isglobaladmin=1 WHERE username='john@example.com';
sql> INSERT INTO domain_admins (username, domain) VALUES ('john@example.com', 'ALL');
```

That's it, you can now login to iRedAdmin as `john@example.com` (with `john@example.com`'s password).

To promote user `smith@test.com` to be admin of domain `test.com` (Note: normal domain admin is only available in iRedAdmin-Pro):

```
sql> USE vmail;
sql> UPDATE mailbox SET isadmin=1, isglobaladmin=0 WHERE username='smith@test.com';
sql> INSERT INTO domain_admins (username, domain) VALUES ('smith@test.com', 'test.com');
```

### LDAP backends

To promote existing mail user `john@example.com` to be __global admin__:

* Update LDAP object of mail user `john@example.com` (its full dn is:
  `mail=john@example.com,ou=Users,domainName=example.com,o=domains,dc=xx,dc=xx`),
  add LDAP attribute `enabledService=domainadmin` and `domainGlobalAdmin=yes`.

To promote existing mail user `smith@test.com` to be admin of domain `test.com`:

1. Update LDAP object of mail user `smith@test.com` (its full dn is:
   `mail=smith@test.com,ou=Users,domainName=test.com,o=domains,dc=xx,dc=xx`),
   add LDAP attribute/value pair: `enabledService=domainadmin`.

1. Update LDAP object of mail domain `test.com` (its full dn is:
   `domainName=test.com,o=domains,dc=xx,dc=xx`), add LDAP attribute/value pair:
   `domainAdmin=smith@test.com`.

## Mark user as global domain admin with iRedAdmin-Pro

With iRedAdmin-Pro, you can mark user as either global domain admin or normal
domain admin in user profile page, under tab `General`.

![](./images/iredadmin/user_profile_general.png)

## See also

* [Reset user password](./reset.user.password.html)
* [Password hashes used/supported by iRedMail](./password.hashes.html)
New: promote.user.to.be.global.admin.html. 2016-05-26 10:09:58 -05:00			`# Promote a mail user to be global admin`

			`[TOC]`

			`## Summary`

			`If you forgot password of existing global admin account, or mistakenly removed`
			`global admin, you can promote an existing mail user to be a global admin by`
			`following this tutorial.`

			`## Promote user to be global admin`

			`### SQL backends`

			Let's say you want to promote existing mail user `john@example.com` to be
			`__global admin__, here's SQL commands to achieve this goal (note: we use MySQL`
			`for example):`

			```
			`sql> USE vmail;`
			`sql> UPDATE mailbox SET isadmin=1, isglobaladmin=1 WHERE username='john@example.com';`
			`sql> INSERT INTO domain_admins (username, domain) VALUES ('john@example.com', 'ALL');`
			```

			That's it, you can now login to iRedAdmin as `john@example.com` (with `john@example.com`'s password).

Sync iRedMail upgrade tutorial. Sync iRedAdmin-Pro RESTful API doc. 2019-07-09 03:24:42 -05:00			To promote user `smith@test.com` to be admin of domain `test.com` (Note: normal domain admin is only available in iRedAdmin-Pro):
New: promote.user.to.be.global.admin.html. 2016-05-26 10:09:58 -05:00
			```
			`sql> USE vmail;`
			`sql> UPDATE mailbox SET isadmin=1, isglobaladmin=0 WHERE username='smith@test.com';`
			`sql> INSERT INTO domain_admins (username, domain) VALUES ('smith@test.com', 'test.com');`
			```

			`### LDAP backends`

			To promote existing mail user `john@example.com` to be __global admin__:

			* Update LDAP object of mail user `john@example.com` (its full dn is:
			`mail=john@example.com,ou=Users,domainName=example.com,o=domains,dc=xx,dc=xx`),
			add LDAP attribute `enabledService=domainadmin` and `domainGlobalAdmin=yes`.

			To promote existing mail user `smith@test.com` to be admin of domain `test.com`:

			1. Update LDAP object of mail user `smith@test.com` (its full dn is:
			`mail=smith@test.com,ou=Users,domainName=test.com,o=domains,dc=xx,dc=xx`),
			add LDAP attribute/value pair: `enabledService=domainadmin`.

			1. Update LDAP object of mail domain `test.com` (its full dn is:
			`domainName=test.com,o=domains,dc=xx,dc=xx`), add LDAP attribute/value pair:
			`domainAdmin=smith@test.com`.

Update it_IT/howto/1-enable.smtp.auth.on.port.25.md. Thanks Joseph Curto. 2016-06-01 10:38:58 -05:00			`## Mark user as global domain admin with iRedAdmin-Pro`

			`With iRedAdmin-Pro, you can mark user as either global domain admin or normal`
			domain admin in user profile page, under tab `General`.

Add missing images and fix incorrect links. 2017-10-28 00:38:13 -05:00			`![](./images/iredadmin/user_profile_general.png)`
Update it_IT/howto/1-enable.smtp.auth.on.port.25.md. Thanks Joseph Curto. 2016-06-01 10:38:58 -05:00
New: promote.user.to.be.global.admin.html. 2016-05-26 10:09:58 -05:00			`## See also`

			`* [Reset user password](./reset.user.password.html)`
			`* [Password hashes used/supported by iRedMail](./password.hashes.html)`