AppSuite:Context management 7 2: Difference between revisions

From Open-Xchange
(fixed tables)
 
(35 intermediate revisions by 4 users not shown)
Line 79: Line 79:
line of the csv file. Opposed to this the credentials of the masteradmin are always the same.
line of the csv file. Opposed to this the credentials of the masteradmin are always the same.


=== Extra parameters when authentication is enabled ===
{| border="1"
|-
|-A,--adminuser <string>
|Master Admin user name
|-
|-P,--adminpass <string>
|Master Admin password
|}
=== Return value ===
=== Return value ===


Line 94: Line 84:




<code>&gt;0</code> on failure
<code>&lt;0</code> on failure
 


=== Mandatory parameters ===
=== Mandatory parameters ===
Line 544: Line 533:
{| border="1"
{| border="1"
|-
|-
|webmail=webmail, contacts, globaladdressbookdisabled,
|webmail
collectemailaddresses,editpassword
|webmail, contacts, globaladdressbookdisabled, collectemailaddresses, editpassword
|-
|-
|pim=webmail, calendar, contacts, tasks, globaladdressbookdisabled, collectemailaddresses, multiplemailaccounts, subscription, publication, editpassword
|pim
|webmail, calendar, contacts, tasks, globaladdressbookdisabled, collectemailaddresses, multiplemailaccounts, subscription, publication, editpassword
|-
|-
|pim_infostore=webmail, calendar, contacts, tasks, infostore, webdav, globaladdressbookdisabled,
|pim_infostore
|webmail, calendar, contacts, tasks, infostore, webdav, globaladdressbookdisabled,
collectemailaddresses, multiplemailaccounts, subscription, publication
collectemailaddresses, multiplemailaccounts, subscription, publication
|-
|-
|pim_mobility=webmail, calendar, contacts, tasks, syncml, usm, activesync, globaladdressbookdisabled, collectemailaddresses, multiplemailaccounts, subscription, publication, editpassword
|pim_mobility
|webmail, calendar, contacts, tasks, syncml, usm, activesync, globaladdressbookdisabled, collectemailaddresses, multiplemailaccounts, subscription, publication, editpassword
|-
|-
|groupware_standard=webmail, calendar, contacts, infostore, tasks, webdav, ical, vcard, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, collectemailaddresses, multiplemailaccounts, subscription, publication (Groupware Standard always gets new features except mobility and OXtender. )  
|groupware_standard
|webmail, calendar, contacts, infostore, tasks, webdav, ical, vcard, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, collectemailaddresses, multiplemailaccounts, subscription, publication (Groupware Standard always gets new features except mobility and OXtender. )  
|-
|-
|groupware_premium=webmail, calendar, contacts, infostore, tasks, webdav, webdavxml, ical, vcard, syncml, usm, olox20, activesync, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, collectemailaddresses, multiplemailaccounts, subscription, publication
|groupware_premium
|webmail, calendar, contacts, infostore, tasks, webdav, webdavxml, ical, vcard, syncml, usm, olox20, activesync, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, collectemailaddresses, multiplemailaccounts, subscription, publication
|-
|-
|all=webmail, calendar, contacts, infostore, tasks, webdav, webdavxml, ical, vcard, syncml, usm, olox20, activesync, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, publicfoldereditable, collectemailaddresses, multiplemailaccounts, subscription, publication
|all
|webmail, calendar, contacts, infostore, tasks, webdav, webdavxml, ical, vcard, syncml, usm, olox20, activesync, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, publicfoldereditable, collectemailaddresses, multiplemailaccounts, subscription, publication
|}  
|}  
When having changed the access rights of the context and its users with "changecontext" the "downgrade" command should be called on the admin server. All unnecessary data are removed from
When having changed the access rights of the context and its users with "changecontext" the "downgrade" command should be called on the admin server. All unnecessary data are removed from
the data base via "groupware api". If e. g. the context 1 is changed from "pim_infostore" to "webmail", the "downgrade" command has to be called for this context then. Then, all unnecessary
the data base via "groupware api". If e. g. the context 1 is changed from "pim_infostore" to "webmail", the "downgrade" command has to be called for this context then. Then, all unnecessary
Line 569: Line 565:
{| border="1"
{| border="1"
|-
|-
| -h,- -help
| -h,--help
|Prints a help text
| Prints a help text        
|-
|-
| --environment
| --environment
|Show info about
| Show info about commandline environment
commandline environment
|-
|-
| --nonl
| --nonl
|Remove all newlines (\n) from output
| Remove all newlines (\n) from output
|-
| -A,--adminuser <adminuser>
| master Admin user name     
|-
| -P,--adminpass <adminpass>
| master Admin password
|-
| -c,--contextid <contextid>
| The id of the context     
|-
| -N,--contextname <contextname>
| context name               
|-
| -q,--quota <quota>
| Context wide filestore quota in MB.
|-
| --extendedoptions
| Set this if you want to see all options, use this instead of help option
|-
| -L,--addmapping <addmapping>
| Add login mappings.Seperated by ","
|-
|-
| -c,- -contextid &lt;integer&gt;
| -R,--removemapping <removemapping>
|The id of the context
| Remove login mappings.Seperated by ","
|-
|-
| -N,- -contextname &lt;string&gt;
| --access-combination-name <access-combination-name>
|The name of the context
| Access combination name    
|-
|-
| -L,- -addmapping &lt;string(s)&gt;
| --capabilities-to-add <capabilities-to-add>
|Add login mappings. Separated by ","
| The capabilities to add as a comma-separated string; e.g. "portal, -autologin"
|-
|-
|-R,- -removemapping &lt;string(s)&gt;
| --capabilities-to-remove <capabilities-to-remove>
|Remove login mappings. Separated by ","
| The capabilities to remove as a comma-separated string; e.g. "cap2, cap2"
|-
|-
| -q,- -quota &lt;integer&gt;
| --quota-module <quota-module>
|Quota for the context filestore in MB
| The (comma-separated) list of identifiers for those modules to which to apply the quota value; currently supported values: [task, calendar, contact, infostore]
|-
|-
| --access-combination-name &lt;access-combination-name&gt;
| --quota-value <quota-value>
|Access combination name
| The numeric quota value specifying the max. number of items allowed for context; zero is unlimited
|}
|}


Line 641: Line 657:
<code>context 123 changed</code>
<code>context 123 changed</code>


== getAdminId ==
== getAdminId ==


Line 651: Line 666:




[[Category: OX7]]
[[Category: Administrator]]
 
[[Category: AppSuite]]
[[Category: AdminGuide]]
[[Category: Administrator]]
 
 
== getSchemaName (since v7.4.2) ==
 
Returns the name of the database schema in which a specified context is located.
 
=== Parameters ===
 
{| border="1"
|-
| -h,--help
| Prints a help text         
|-
| --environment
| Show info about commandline environment
|-
| --nonl
| Remove all newlines (\n) from output
|-
| -A,--adminuser <adminuser>
| master Admin user name     
|-
| -P,--adminpass <adminpass>
| master Admin password
|-
| -c,--contextid <contextid>
| The id of the context     
|-
| -N,--contextname <contextname>
| context name               
|}
 
=== Mandatory parameters ===
 
'''<code>(contextid or contexname) {adminuser adminpass}</code>'''
 
=== Command output ===
 
"Schema name for context " + <context-id> + ": " + <schema-name>
 
== includestacktrace (since v.7.4.2) ==
Enables/disables to include stack trace information (if any) in HTTP-API JSON responses for a certain user
 
=== Parameters ===
 
{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -e,--enable
| Enables to include stack trace information (if any) in HTTP-API JSON responses)
|-
| -d,--disable
| Disables to include stack trace information (if any) in HTTP-API JSON responses
|-
| -c,--context <contextid>
| The context identifier
|-
| -u,--user <userid>
| The user identifier
|}
 
The flags -e and -d are mutually exclusive.
 
=== Mandatory parameters ===
 
'''{<code>context</code>} {<code>user</code>} {<code>enable|disable</code>}'''
 
=== Command output ===
 
Including stack trace information successfully enabled|disabled for user <user-id> in context <context-id>
 
=== Examples ===
Enable to include stack trace information for user 1618 in context 314
 
<code># includestacktrace -u 1618 -c 314 -e
 
== sanitizefilemimetypes (since v.7.4.2) ==
Sanitizes those file entries that hold a broken/corrupt MIME type information
 
=== Parameters ===
 
{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -c,--context <contextid>
| The context id
|-
| -a,--all
| The flag to signal that all contexts shall be processed. Hence option -c/--context is then obsolete.
|-
| -i,--invalids
| An optional comma-separated list of those MIME types that should be considered as broken/corrupt. Default is "application/force-download, application/x-download, application/$suffix"
|}
 
The options -c/--context and -a/--all are mutually exclusive.
 
=== Mandatory parameters ===
 
'''contextid or all'''
 
=== Command output ===
A short result description; e.g. "Fixed 123 documents with a broken/corrupt MIME type in context 456"
 
== checkloginmappings (since v.7.6.0) ==
Checks (and fixes) those context-related entries in login2context mappings that miss the actual context identifier
 
=== Parameters ===
 
{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -c,--context <contextid>
| The context id
|-
| -a,--all
| The flag to signal that all contexts shall be processed. Hence option -c/--context is then obsolete.
|-
| -A,--adminuser
| Admin username. In case -a/--all is provided master administrator's user name is required; else the one for context administrator
|-
| -P,--adminpass
| Admin password. In case -a/--all is provided master administrator's password is required; else the one for context administrator
|}
 
The options -c/--context and -a/--all are mutually exclusive.
 
=== Mandatory parameters ===
 
'''contextid or all'''
 
=== Command output ===
A short result description; e.g. "Fixed 123 documents with a broken/corrupt MIME type in context 456"
 
[[Category: Administrator]]
 
[[Category: AppSuite]]
[[Category: AppSuite]]
[[Category: AdminGuide]]
[[Category: AdminGuide]]
[[Category: Administrator]]
[[Category: CommandLineTools]]

Latest revision as of 13:57, 2 December 2016

createcontext

createcontext is the tool to create new contexts. A context is an independent instance within the createcontext Open-Xchange system and holds users, groups and resources and all their objects. Data from one context is not visible to other contexts. Module access (calendar, tasks, email) can be set via predefined "access combination names". These names can be configured on the server side. All users which are created during later use of the "createuser" tool will inherit the module access rights from the context. If you do not specify any access rights on createcontext minimal access rights will be granted. Currently, these are Webmail and Contacts access rights.


Parameters

-h,--help Prints a help text
--environment Show info about commandline environment
--nonl Remove all newlines (\n) from output
-c,--contextid <integer> The id of the context, when starting with 0, 0 is deleted
-q,--quota <integer> Context wide filestore quota in MB
-u,--username <string> Username for the new context admin user
-d,--displayname <string> Displayname for the new context admin user
-g,--givenname <string> Given name for the new context admin user
-s,--surname <string> Surname/last name for the new context Admin user
-p,--password <string> Password for the new context Admin user
-e,--email <string> Primary E-Mail address for the new context Admin user
-l,--lang <lang> Language for the new context Admin user
-t,--timezone <timezone> Timezone for the new context Amin user
-N,--contextname <string> Context name
-L,--addmapping <string> Add login mappings separated by ","
--access-combination-name <access-combination-name> Access combination name
--access-denied-portal <on/off> Denies portal access (Default is off)
--csv-import <CSV file> Full path to CSV file with user data to import. This option makes mandatory command line options obsolete, except credential options (if needed). But they have to be set in the CSV file.

With this option you can specify a csv file (a full pathname must be given) with the data which should be imported. The columnnames in the CSV file must be the same as the long-options of the command line tools, without the prefix "--".

This option will normally be used to fill new large installations with the new data. So instead of calling the command line tools in a shell script every time, just a csv file needs to be created, containing the whole data.


Note that the credentials of the masteradmin in the createcontext call must be given on the command line with the -A and -P options nevertheless - if authentication is enabled. If the createuser command line tool is used, the credentials are part of the csv file, and cannot be set as options on the command line itself. The reason for this different behavior is that different contexts have different credentials for the admin user, so they must be set in every line of the csv file. Opposed to this the credentials of the masteradmin are always the same.

Return value

0 on success


<0 on failure

Mandatory parameters

contextid {adminuser adminpass} quota username displayname givenname surname password email


Command output

On success:


context <contextid> created


On failure:


context <contextid> could not be created: <reason from server>


Example

root@oxhe~# /opt/open-xchange/sbin/createcontext -c 123 -q 1000 -N CompanyA -u "admin" -d "Admin of CompanyA" -g John -s Example -p newpw -e john@example.com


context 123 created


deletecontext

deletecontext is the tool to delete contexts and all data stored that belong to it. This includes all database entries and files in the infostore but no E-Mail components.


Parameters

-h,--help Prints a help text
--environment Show info about commandline environment
--nonl Remove all newlines (\n) from output
-c,--contextid <contextid> The id of the context
-N,--contextname <contextname> Context name

Extra parameters when authentication is enabled

-A,--adminuser <string> Master Admin user name
-P,--adminpass <string> Master Admin password

Return value

0 on success

>0 on failure


Mandatory parameters

(contextid or contexname) {adminuser adminpass}


Command output

On success:

context <contextid> deleted

On failure:

context <contextid> could not be deleted: <reason from server>


Example

root@oxhe~# /opt/open-xchange/sbin/deletecontext -c 123

context 123 deleted

listcontext

listcontext is the tool to list and search for contexts.


Parameters

-h,--help Prints a help text
--environment Show info about commandline environment
--nonl Remove all newlines (\n) from

output

-s,--searchpattern <string> Search/List pattern, default “*”
--csv Command output as csv

Extra parameters when authentication is enabled

-A,--adminuser <adminuser> Master Admin user name
-P,--adminpass <string> Master Admin password

Return value

0 on success

>0 on failure

Mandatory parameters

{adminuser adminpass}


Command output

Standard output:


cid fid fname enabled qmax qused name
lmappings . . ... ... ... ... ... ...

csv output:


id,filestore_id,filestore_name,enabled,max_quota,used_quota,name,lmappings


Example

root@oxhe:/opt/open-xchange/sbin# ./listcontexts cid fid fname
enabled qmax qused name lmappings 6 3 6_ctx_store true 1000 0 customerA 6,customerA,secondlogin

disablecontext

disablecontext is the tool to disable contexts. Whenever a customer tries to log in to a disabled context, the login is denied.


Parameters

-h,--help Prints a help text
--environment Show info about commandline environment
--nonl Remove all newlines (\n) from output
-c,--contextid <integer> The id of the context
-N,--contextname <string> Context name

Extra parameters when authentication is enabled

-A,--adminuser <string> Master Admin user name
-P,--adminpass <string> Master Admin password

Return value

0 on success


>0 on failure


Mandatory parameters

(contextid or contextname) {adminuser adminpass}


Command output

On success:


context <contextid> disabled


On failure:


context <contextid> could not be disabled: <reason from server>


Example

root@oxhe~# /opt/open-xchange/sbin/disablecontext -c 123


context 123 disabled

disableallcontexts

disableallcontexts is the tool to disable all contexts. Whenever a customer tries to log in to a disabled context, the login is denied.


Parameters

-h,--help Prints a help text
--environment Show info about commandline environment
--nonl Remove all newlines (\n) from output

Extra parameters when authentication is enabled

-A,--adminuser <string> Master Admin user

name

-P,--adminpass <string> Master Admin password

Return value

0 on success


>0 on failure


Mandatory parameters

{adminuser adminpass}


Command output

On success:

all contexts disabled

On failure:

all contexts could not be disabled: <reason from server>


Example

root@oxhe~# /opt/open-xchange/sbin/disableallcontexts

all contexts disabled


enablecontext

enablecontext is the tool to enable a disabled context.


Parameters

-h,--help Prints a help text
--environment Show info about commandline environment
--nonl Remove all newlines (\n) from

output

-c,--contextid <integer> The id of the context
-N,--contextname <string> Context name

Extra parameters when authentication is enabled

-A,--adminuser <adminuser> Master Admin user name
-P,--adminpass <string> Master Admin password

Return value

0 on success

>0 on failure


Mandatory parameters

(contextid or contextname) {adminuser adminpass}


Command output

On success:

context <contextid> enabled

On failure:

context <contextid> could not be enabled: <reason from server>


Example

root@oxhe~#/opt/open-xchange/sbin/enablecontext -c 123

context <contextid> enabled


enableallcontexts

enableallcontexts is the tool to enable all disabled contexts.


Parameters

-h,--help Prints a help text
--environment Show info about commandline environment
--nonl Remove all newlines (\n) from

output

Extra parameters when authentication is enabled

-A,--adminuser <string> Master Admin user name
-P,--adminpass <string> Master Admin password

Return value

0 on success

>0 on failure


Mandatory parameters

{adminuser adminpass}


Command output

On success:

all contexts enabled

On failure:

all contexts could not be enabled: <reason from server>


Example

root@oxhe~# /opt/open-xchange/sbin/enableallcontexts

all contexts enabled


changecontext

changecontext makes context-wide changes.

If you specify module access options; e.g. "--access-edit-password on"; then please be aware that basic module access set is the one from context's administrator. Meaning any option not explicitly specified as CLI argument will fall-back to context administrator setting for _every_ user in associated context.

You can use changecontext to change the current quota for a given context. When the context has more changecontext space in use than the new quota allows, the customer is only able to delete files until the usage is below quota. Module access (calendar,tasks,email) can be set via predefined "access combination names". These names can be configured on the server side. All users which are created during later use of the "createuser" tool will inherit the module access rights from the context. If you do not specify any access rights on createcontext minimal access rights will be granted. Currently, these are Webmail and Contacts access rights.

There are some default combinations in the ModuleAccessDefinitions.properties file on the admin server, like:


webmail webmail, contacts, globaladdressbookdisabled, collectemailaddresses, editpassword
pim webmail, calendar, contacts, tasks, globaladdressbookdisabled, collectemailaddresses, multiplemailaccounts, subscription, publication, editpassword
pim_infostore webmail, calendar, contacts, tasks, infostore, webdav, globaladdressbookdisabled,

collectemailaddresses, multiplemailaccounts, subscription, publication

pim_mobility webmail, calendar, contacts, tasks, syncml, usm, activesync, globaladdressbookdisabled, collectemailaddresses, multiplemailaccounts, subscription, publication, editpassword
groupware_standard webmail, calendar, contacts, infostore, tasks, webdav, ical, vcard, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, collectemailaddresses, multiplemailaccounts, subscription, publication (Groupware Standard always gets new features except mobility and OXtender. )
groupware_premium webmail, calendar, contacts, infostore, tasks, webdav, webdavxml, ical, vcard, syncml, usm, olox20, activesync, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, collectemailaddresses, multiplemailaccounts, subscription, publication
all webmail, calendar, contacts, infostore, tasks, webdav, webdavxml, ical, vcard, syncml, usm, olox20, activesync, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, publicfoldereditable, collectemailaddresses, multiplemailaccounts, subscription, publication

When having changed the access rights of the context and its users with "changecontext" the "downgrade" command should be called on the admin server. All unnecessary data are removed from the data base via "groupware api". If e. g. the context 1 is changed from "pim_infostore" to "webmail", the "downgrade" command has to be called for this context then. Then, all unnecessary folders for this context are removed from the data base.


Parameters

-h,--help Prints a help text
--environment Show info about commandline environment
--nonl Remove all newlines (\n) from output
-A,--adminuser <adminuser> master Admin user name
-P,--adminpass <adminpass> master Admin password
-c,--contextid <contextid> The id of the context
-N,--contextname <contextname> context name
-q,--quota <quota> Context wide filestore quota in MB.
--extendedoptions Set this if you want to see all options, use this instead of help option
-L,--addmapping <addmapping> Add login mappings.Seperated by ","
-R,--removemapping <removemapping> Remove login mappings.Seperated by ","
--access-combination-name <access-combination-name> Access combination name
--capabilities-to-add <capabilities-to-add> The capabilities to add as a comma-separated string; e.g. "portal, -autologin"
--capabilities-to-remove <capabilities-to-remove> The capabilities to remove as a comma-separated string; e.g. "cap2, cap2"
--quota-module <quota-module> The (comma-separated) list of identifiers for those modules to which to apply the quota value; currently supported values: [task, calendar, contact, infostore]
--quota-value <quota-value> The numeric quota value specifying the max. number of items allowed for context; zero is unlimited

Extra parameters when authentication is enabled

-A,- -adminuser <string> Master Admin

user name

-P,- -adminpass <string> Master Admin password

Return value

0 on success

>0 on failure


Mandatory parameters

(contextid or contextname) {adminuser adminpass} and at minimum one attribute to change


Command output

On success:

context <contextid> changed

On failure:

context <contextid> could not be changed: <reason from server>

Example

root@oxhe~# /opt/open-xchange/sbin/changecontext -c 123 -q 500

context 123 changed

getAdminId

Returns the ID of the context administrator.


getSchemaName (since v7.4.2)

Returns the name of the database schema in which a specified context is located.

Parameters

-h,--help Prints a help text
--environment Show info about commandline environment
--nonl Remove all newlines (\n) from output
-A,--adminuser <adminuser> master Admin user name
-P,--adminpass <adminpass> master Admin password
-c,--contextid <contextid> The id of the context
-N,--contextname <contextname> context name

Mandatory parameters

(contextid or contexname) {adminuser adminpass}

Command output

"Schema name for context " + <context-id> + ": " + <schema-name>

includestacktrace (since v.7.4.2)

Enables/disables to include stack trace information (if any) in HTTP-API JSON responses for a certain user

Parameters

-h,--help Prints usage of the command line tool
-e,--enable Enables to include stack trace information (if any) in HTTP-API JSON responses)
-d,--disable Disables to include stack trace information (if any) in HTTP-API JSON responses
-c,--context <contextid> The context identifier
-u,--user <userid> The user identifier

The flags -e and -d are mutually exclusive.

Mandatory parameters

{context} {user} {enable|disable}

Command output

Including stack trace information successfully enabled|disabled for user <user-id> in context <context-id>

Examples

Enable to include stack trace information for user 1618 in context 314

# includestacktrace -u 1618 -c 314 -e

sanitizefilemimetypes (since v.7.4.2)

Sanitizes those file entries that hold a broken/corrupt MIME type information

Parameters

-h,--help Prints usage of the command line tool
-c,--context <contextid> The context id
-a,--all The flag to signal that all contexts shall be processed. Hence option -c/--context is then obsolete.
-i,--invalids An optional comma-separated list of those MIME types that should be considered as broken/corrupt. Default is "application/force-download, application/x-download, application/$suffix"

The options -c/--context and -a/--all are mutually exclusive.

Mandatory parameters

contextid or all

Command output

A short result description; e.g. "Fixed 123 documents with a broken/corrupt MIME type in context 456"

checkloginmappings (since v.7.6.0)

Checks (and fixes) those context-related entries in login2context mappings that miss the actual context identifier

Parameters

-h,--help Prints usage of the command line tool
-c,--context <contextid> The context id
-a,--all The flag to signal that all contexts shall be processed. Hence option -c/--context is then obsolete.
-A,--adminuser Admin username. In case -a/--all is provided master administrator's user name is required; else the one for context administrator
-P,--adminpass Admin password. In case -a/--all is provided master administrator's password is required; else the one for context administrator

The options -c/--context and -a/--all are mutually exclusive.

Mandatory parameters

contextid or all

Command output

A short result description; e.g. "Fixed 123 documents with a broken/corrupt MIME type in context 456"