From 0959f8ff2b8d2b1d9451edfc3483dd259be3f5ae Mon Sep 17 00:00:00 2001 From: Zhang Huangbin Date: Thu, 26 May 2016 23:09:58 +0800 Subject: [PATCH] New: promote.user.to.be.global.admin.html. --- .../howto/promote.user.to.be.global.admin.md | 56 ++++++++++++ en_US/howto/reset.user.password.md | 1 + html/index.html | 1 + html/promote.user.to.be.global.admin.html | 90 +++++++++++++++++++ html/reset.user.password.html | 1 + 5 files changed, 149 insertions(+) create mode 100644 en_US/howto/promote.user.to.be.global.admin.md create mode 100644 html/promote.user.to.be.global.admin.html diff --git a/en_US/howto/promote.user.to.be.global.admin.md b/en_US/howto/promote.user.to.be.global.admin.md new file mode 100644 index 00000000..f53fdab9 --- /dev/null +++ b/en_US/howto/promote.user.to.be.global.admin.md @@ -0,0 +1,56 @@ +# Promote a mail user to be global admin + +[TOC] + +## Summary + +If you forgot password of existing global admin account, or mistakenly removed +global admin, you can promote an existing mail user to be a global admin by +following this tutorial. + +## Promote user to be global admin + +### SQL backends + +Let's say you want to promote existing mail user `john@example.com` to be +__global admin__, here's SQL commands to achieve this goal (note: we use MySQL +for example): + +``` +sql> USE vmail; +sql> UPDATE mailbox SET isadmin=1, isglobaladmin=1 WHERE username='john@example.com'; +sql> INSERT INTO domain_admins (username, domain) VALUES ('john@example.com', 'ALL'); +``` + +That's it, you can now login to iRedAdmin as `john@example.com` (with `john@example.com`'s password). + +To promote user `smith@test.com` to be admin of domain `test.com`: + +``` +sql> USE vmail; +sql> UPDATE mailbox SET isadmin=1, isglobaladmin=0 WHERE username='smith@test.com'; +sql> INSERT INTO domain_admins (username, domain) VALUES ('smith@test.com', 'test.com'); +``` + +### LDAP backends + +To promote existing mail user `john@example.com` to be __global admin__: + +* Update LDAP object of mail user `john@example.com` (its full dn is: + `mail=john@example.com,ou=Users,domainName=example.com,o=domains,dc=xx,dc=xx`), + add LDAP attribute `enabledService=domainadmin` and `domainGlobalAdmin=yes`. + +To promote existing mail user `smith@test.com` to be admin of domain `test.com`: + +1. Update LDAP object of mail user `smith@test.com` (its full dn is: + `mail=smith@test.com,ou=Users,domainName=test.com,o=domains,dc=xx,dc=xx`), + add LDAP attribute/value pair: `enabledService=domainadmin`. + +1. Update LDAP object of mail domain `test.com` (its full dn is: + `domainName=test.com,o=domains,dc=xx,dc=xx`), add LDAP attribute/value pair: + `domainAdmin=smith@test.com`. + +## See also + +* [Reset user password](./reset.user.password.html) +* [Password hashes used/supported by iRedMail](./password.hashes.html) diff --git a/en_US/howto/reset.user.password.md b/en_US/howto/reset.user.password.md index 3bca4579..ba9238b9 100644 --- a/en_US/howto/reset.user.password.md +++ b/en_US/howto/reset.user.password.md @@ -52,3 +52,4 @@ sql> UPDATE mailbox SET password='{PLAIN}123456' WHERE username='user@domain.ltd ## See also * [Password hashes used/supported by iRedMail](./password.hashes.html) +* [Promote a mail user to be global admin](./promote.user.to.global.admin.html) diff --git a/html/index.html b/html/index.html index 15d65406..37ad1d12 100644 --- a/html/index.html +++ b/html/index.html @@ -119,6 +119,7 @@
  • Per-domain or per-user transport (relay)
  • [DEPRECATED] Per-user outbound restrictions
  • Pipe incoming email for certain user to external script
    • +
  • Promote a mail user to be global admin
  • How to create and manage public folder
  • Force Dovecot to recalculate mailbox quota
  • Setup relayhost
    • diff --git a/html/promote.user.to.be.global.admin.html b/html/promote.user.to.be.global.admin.html new file mode 100644 index 00000000..71cb4e99 --- /dev/null +++ b/html/promote.user.to.be.global.admin.html @@ -0,0 +1,90 @@ + + + + + Promote a mail user to be global admin + + + + +

    Promote a mail user to be global admin

    +
    + +
    +

    Summary

    +

    If you forgot password of existing global admin account, or mistakenly removed +global admin, you can promote an existing mail user to be a global admin by +following this tutorial.

    +

    Promote user to be global admin

    +

    SQL backends

    +

    Let's say you want to promote existing mail user john@example.com to be +global admin, here's SQL commands to achieve this goal (note: we use MySQL +for example):

    +
    sql> USE vmail;
+sql> UPDATE mailbox SET isadmin=1, isglobaladmin=1 WHERE username='john@example.com';
+sql> INSERT INTO domain_admins (username, domain) VALUES ('john@example.com', 'ALL');
+
    + +

    That's it, you can now login to iRedAdmin as john@example.com (with john@example.com's password).

    +

    To promote user smith@test.com to be admin of domain test.com:

    +
    sql> USE vmail;
+sql> UPDATE mailbox SET isadmin=1, isglobaladmin=0 WHERE username='smith@test.com';
+sql> INSERT INTO domain_admins (username, domain) VALUES ('smith@test.com', 'test.com');
+
    + +

    LDAP backends

    +

    To promote existing mail user john@example.com to be global admin:

    + +

    To promote existing mail user smith@test.com to be admin of domain test.com:

    +
      +
    1. +

      Update LDAP object of mail user smith@test.com (its full dn is: + mail=smith@test.com,ou=Users,domainName=test.com,o=domains,dc=xx,dc=xx), + add LDAP attribute/value pair: enabledService=domainadmin.

      +
      2. +
    2. +

      Update LDAP object of mail domain test.com (its full dn is: + domainName=test.com,o=domains,dc=xx,dc=xx), add LDAP attribute/value pair: + domainAdmin=smith@test.com.

      +
      3. +
    +

    See also

    +
    +

    All documents are available in BitBucket repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.

    +
    + + \ No newline at end of file diff --git a/html/reset.user.password.html b/html/reset.user.password.html index ef88cfa9..31524898 100644 --- a/html/reset.user.password.html +++ b/html/reset.user.password.html @@ -68,6 +68,7 @@ sql> UPDATE mailbox SET password='{PLAIN}123456' WHERE username='user@domain.

    See also

    All documents are available in BitBucket repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.