Provided by: kopano-utils_8.7.0-7ubuntu1.1_amd64 bug

NAME

       kopano-admin - Manages Kopano users and stores.

SYNOPSIS

       kopano-admin ACTION [OPTION...]

DESCRIPTION

       This tool can be used to create the public store and to add, update and remove users from
       Kopano. The storage server must be running for kopano-admin to work.

       If no action is given, a listing of the possible parameters is printed. When invalid
       actions or not enough options for an action are given, an error message is printed.

       When using LDAP as the users source, create, modify and delete actions are done in the
       LDAP tree and not using the kopano-admin tool. Please see the EXTERNAL USERS() section for
       more information.

ACTIONS

       kopano-admin needs an action command with the appropriate options. Valid actions are:

       -s
           Create a public store. No other options are needed. Only one public store can be
           created. Successive calls will fail.

       -c username
           Create a new user, -p, -f and -e options are required, -a and -n parameters are
           optional. To set a password using a password prompt, use the -P option in stead of -p.

       -d username
           Delete a user. No other options are needed. The deleted store of the user will be
           marked as orphan store and can be restored with --hook-store

       -u username
           Update user information. Valid parameters are: [-p|-P], -f, -e, -a, -n and -U to
           update user information. Use: --qo, --qw, --qs or --qh to set quota levels. Use 0 with
           quota options to set as 'unlimited'.

           --enable-feature and --disable-feature to enable or disable specific features for
           users.

           This action is also required for all options to control the autoaccept of meeting
           requests. See the --mr-accept, --mr-decline-conflict and --mr-decline-recurring
           options.

       -g groupname
           Create a new group. Valid parameters are: -e

       --update-group groupname
           Update group information. Valid parameters are: -e

       -G groupname
           Delete a group. No other options are needed.

       -b username
           Add a user to a group. Use the -i to set the groupname.

       -B username
           Remove a user from a group. Use the -i to set the groupname.

       -l, --list-users
           List all users available in Kopano. When using an external user source, this action
           will implicitly synchronize all users in the external source, creating, updating
           and/or removing users and stores.

       -L, --list-groups
           List all groups available in Kopano. When using an external user source, this action
           will implicitly synchronize all groups in the external source, creating updating
           and/or removing groups and memberships.

       --list-companies
           List all tenans available in Kopano. When using an external user source, this action
           will implicitly synchronize all tenants in the external source, creating updating
           and/or removing companies.

           This option is only available in multi-tenancy Kopano

       --details name
           Show all the details of a user, showing the fullname, e-mailaddress, active state,
           administator state, group memberships and quota settings. Optionally use --type to
           indicate for what kind of object the details are being requested.

           Note: This function does not synchronize with the external user plugin. Thus changes
           from e.g. LDAP will not be set during this function.

       --type type
           Additional argument for --details. The argument with this option indicates for what
           type of object the details are being requested. Allowed values are 'user', 'group' or
           'company' When this option is not used, it defaults to 'user'

       --create-company companyname
           Create a new tenant space.

           Use: --qo, --qw, --qs, --qh to set quota levels for the tenant.

           Use: --udqo, --udqw, --udqs, --udqh to set the default quota levels for the users
           inside the tenant.

           This option is only available in multi-tenancy Kopano.

       --update-company companyname
           Update an existing tenant space.

           Use: --qo, --qw, --qs, --qh to set quota levels for the tenant.

           Use: --udqo, --udqw, --udqs, --udqh to set the default quota levels for the users
           inside the .

           This option is only available in multi-tenancy Kopano.

       --delete-company companyname
           Delete company space.

           This option is only available in multi-tenancy Kopano.

       --set-system-admin companyname
           Set system administrator for the tenant specified by -I.

           Please be aware that this option does not provide the user with administrator
           privileges. The system administrator is considered the main contact person for a
           company, it will for example be used as default sender for quota warning emails.

           This option is only available in multi-tenancy Kopano.

       --add-to-viewlist companyname
           Add tenant 'companyname' to remote-view list of company specified by -I. After this
           command the 'companyname' is capable of viewing all members of the company specified
           by -I.

           This option is only available in multi-tenancy Kopano.

       --del-from-viewlist companyname
           Delete company 'companyname' from remote-view list of tenant specified by -I. After
           this command the 'companyname' is no longer capable of viewing all members of the
           tenant specified by -I.

           This option is only available in multi-tenancy Kopano.

       --list-view
           List all tenants in the remote-view list of the tenant specified by -I. The tenants in
           this list are able to view all members of the specified tenant in their Address Book.

           This option is only available in multi-tenancy Kopano.

       --add-to-adminlist username
           Add user 'username' to remote-admin list of tenant specified by -I. This is the
           administrator list for remote administrators, as such it only manages administrators
           from a different tenant. Users who should be administrator over their own tenant are
           managed by updating (-u) the user and specifying the -a argument.

           Users can only be administrator over a different company when they have also been
           granted view privileges, can be granted by using the --add-to-viewlist.

           This option is only available in multi-tenancy Kopano.

       --del-from-adminlist username
           Delete user 'username' from remote-admin list of company specified by -I. This is the
           administrator list for remote administrators, as such it only manages administrators
           from a different tenant. Users who should be administrator over their own tenant are
           managed by updating (-u) the user and specifying the -a argument.

           This option is only available in multi-tenancy Kopano.

       --list-admin
           List all users in the remote-admin list of the tenant specified by -I. This is the
           administrator list for remote administrators, as such it only manages administrators
           from a different tenant. Users who should be administrator over their own tenant are
           managed by updating (-u) the user and specifying the -a argument.

           Users can only be administrator over a different tenant when they have also been
           granted view privileges, can be granted by using the --add-to-viewlist.

           This option is only available in multi-tenancy Kopano.

       --add-userquota-recipient user
           Add 'user' as recipient to userquota warning emails. You can optionally use -I to set
           the tenant space to apply the recipient action on.

       --del-userquota-recipient user
           Delete 'user' as recipient to userquota warning emails. You can optionally use -I to
           set the tenant space to apply the recipient action on.

       --list-userquota-recipients
           List all additional recipients for a userquota warning email. Use -I to request the
           recipient list for a particular tenant space.

       --add-companyquota-recipient user
           Add 'user' as recipient to tenant quota warning emails. You can optionally use -I to
           set the tenant space to apply the recipient action on.

       --del-companyquota-recipient user
           Delete 'user' as recipient to tenant quota warning emails. You can optionally use -I
           to set the tenant space to apply the recipient action on.

       --list-companyquota-recipients
           List all additional recipients for a tenant quota warning email. Use -I to request the
           recipient list for a particular tenant space

       --list-sendas user
           List all users who are able to directly send an email as user. This has been set in
           the LDAP server, or with the --add-sendas command for Unix and DB plugins. Optionally
           use --type to indicate for what kind of object the sendas details are being requested.

       --clear-cache
           Clears the server's caches. All data cached inside the kopano-server is cleared.
           Although this can never cause any data loss, it can affect the performance of your
           server, since any data requested after the cache is cleared needs to be re-requested
           from the database or LDAP server. Normally this option is never needed; it is mostly
           used as a diagnostics tool.

           Optionally use --clear-cache= to specify a set of purge options. The following options
           can be used:
               0x0000    Release no longer used memory back to the kernel
               0x0001    Purge the quota cache
               0x0002    Purge the quota default cache
               0x0004    Purge the object cache
               0x0008    Purge the store cache
               0x0010    Purge the ACL cache
               0x0020    Purge the cell cache
               0x0040    Purge the index1 cache
               0x0080    Purge the index2 cache
               0x0100    Purge the indexproperty cache
               0x0200    Purge the user object cache
               0x0400    Purge the externid cache
               0x0800    Purge the userdetails cache
               0x1000    Purge the server cache

       --purge-softdelete days
           Starts a softdelete purge on the server, removing all soft-deleted items which have
           been deleted days days ago, or earlier

       --purge-deferred
           The server has an optimization in which changes to the tproperties table are not
           writted directly, but delayed for a more efficient write at a later time. The server
           auto-purges these regularly. This command allows you to purge all changes pending. It
           may be useful to run this during low I/O load of your server (eg at night).

       --list-orphans
           When a user is removed, the store becomes orphaned. This option shows a list of stores
           that are not hooked to a user. You can use the --remove-store and --hook-store from
           this list.

       --hook-store store-guid
           You can hook an orphaned store to an existing user, so you may access the store again.
           Use the -u username to specify the user to hook the store to.

           You can copy an orphaned store to the public store. Use the --copyto-public to copy
           the store to the public folder named 'Admin/deleted stores'. This folder is then only
           visible for users with Kopano admin privileges.

           To hook a public store, use --type group/company to influence the name type in the -u
           switch.

           To hook an archive store, use --type archive.

       --remove-store store-guid
           Use this action to remove the store from the database. The store is actually just
           marked as deleted, so the softdelete system can remove the store from the database.

       --create-store username
           This action will create a store for a newly created user, and is normally called
           through the createuser script. If the --list-orphans action listed users without a
           store, you can create a new store for those users with this command.

       --unhook-store username
           You can unhook a store from a user, so you can remove the store and create a new one.

           To unhook a public store, use the --type group/company option to influence the name
           type in the username argument. Use a company name with type company or 'Everyone' with
           type group to unhook the public.

           To unhook an archive store, use --type archive.

       --force-resync usernames
           You can force a resync of cached profiles when the data is out of sync. One or more
           usernames can be specified. If no usernames are given, all offline profiles can be
           resynced.

       --reset-folder-count username
           Reset the counters on all folders in username's store.

       --user-count
           Shows an overview of user counts per type of user

OPTIONS

       The options used by actions are as follows:

       --verbose level
           Set the verbosity level (0=critical, ..., 6=debug).

       -v
           Increases the verbosity level by one, up to the maximum of 6.

       -U 'new username'
           Use this parameter to rename a user. This option is only valid with the -u update
           action.

       -p, --password password
           Set password for a user. This option is only valid with the -c create or -u update
           action.

       -P, --password-prompt
           Set password for a user. The password can be entered on the password prompt. The
           password will not be shown. This option is only valid with the -c create or -u update
           action.

       -f, --fullname 'full name'
           Specify full user name. Use single quotes around the name to pass it as a single
           parameter. This option is only valid with the -c create or -u update action.

       -e, --email 'email address'
           Specify the email address. This address will be used to set the 'From' email address
           in outgoing email messages. Use single quotes around the name to pass it as a single
           parameter. This option is only valid with the -c create or -u update action.

       -a [yes|y|1|2 / no|n|0]
           Set the user as administrator by passing 'yes'. When passing 'no', administrator
           rights will be revoked from the user. This option is only valid with the -c create or
           -u update action.

           It is also possible to pass 2 as administrator level, this will make the user a system
           administrator who can create/modify/delete companies.

       -n [yes|y|1 / no|n|0]
           Specify a non-active user. This user cannot login, but email can be delivered, and the
           store can be opened by users with correct rights.

       --qo [yes|y|1 / no|n|0]
           Override the default server quota settings for this user. User specific quota levels
           will used. The default value of this option is 'no', always using server quota levels.
           This option is only valid with the -c create or -u update action.

       --qw value in Mb
           Set the warning quota level for a user. The user may receive a warning email when this
           level is reached. See kopano-monitor(8) for warning emails. This option is only valid
           with the -c create or -u update action.

       --qs value in Mb
           Set the soft quota level for a user. The user will be unable to receive new emails,
           bouncing the email back to the sender. This option is only valid with the -c create or
           -u update action.

       --qh value in Mb
           Set the hard quota level for a user. The user will be unable to receive and create new
           emails. This option is only valid with the -c create or -u update action.

       --udqo [yes|y|1 / no|n|0]
           Override the default server quota settings for all user within the specified tenant.
           default value of this option is 'no', always using server quota levels.

       --udqw value in Mb
           Set the warning quota level for all users within the specified tenant. The user may
           receive a warning email when this level is reached. See kopano-monitor(8) for warning
           emails.

       --udqs value in Mb
           Set the soft quota level for all users within the specified tenant. The user will be
           unable to receive new emails, bouncing the email back to the sender. See kopano-
           monitor(8) for warning emails.

       --udqh value in Mb
           Set the hard quota level for all users within the specified tenant. The user will be
           unable to receive and create new emails. See kopano-monitor(8) for warning emails.

       -i groupname
           This sets the groupname for -b and -B actions.

       -I companyname
           This sets the companyname for all user, group and tenant commands. This option is only
           available for multi-tenancy Kopano.

       --mr-accept [yes|y|1 / no|n|0]
           Specified that meeting requests should automatically be accepted for a user. This
           means that when a meeting request is sent to this user when specified as being a
           'resource', the request will directly be honoured and written to the calendar. This is
           a client-side action and this setting therefore does not affect actual meeting
           requests being delivered via kopano-dagent. The user on which to operate is select
           using the -u switch.

       --mr-decline-conflict [yes|y|1 / no|n|0]
           This option only has effect when --mr-accept=yes is in effect. When specifying
           --mr-decline-conflict, meeting requests that conflict with an existing meeting will be
           declined. The user on which to operate is select using the -u switch.

       --mr-decline-recurring [yes|y|1 / no|n|0]
           This option only has effect when --mr-accept=yes is in effect. When specifying
           --mr-decline-recurring, meeting requests that are recurring will be declined. The user
           on which to operate is select using the -u switch.

       --add-sendas sender
           Add user sender to the list of the senders you're updating as a 'send as' user. The
           sender can now send mails under the updated user's name, unless the updated user sets
           the sender as a delegate. When the sender is a delegate, the mail will be sent with
           'On behalf of' markings in the email. This option is only valid with the -u and
           --update-group update action.

       --del-sendas sender
           Remove user sender from the list of the senders you're updating as a 'send as' user.
           This option is only valid with the -u and --update-group update action.

       --lang language
           Use language to create new stores; this means that folders in the new store will be in
           the language specified. Only valid in combination with --create-store. When this
           options in not specified, the system default will be selected according the LC_* and
           LANG environment variables, depending on your OS.

       --utf8
           Force the current locale to UTF-8

       Other options to control the connection to the kopano-server are:

       --host, -h path
           Connect to the storage server through path, e.g.  file:///path/to/socket. Default:
           file:///var/run/kopano/server.sock. This option can always be specified.

       --node name
           Execute the command on cluster node namereplaceable>

       --config file
           Use a configuration file. See the CONFIG() section for more information.

           Default: /etc/kopano/admin.cfg

CONFIG

       Normally, no configuration file is used or required. If the file /etc/kopano/admin.cfg
       exists, it is used as configuration file, but no error checking is performed. This way,
       you can use any config file from a kopano program, e.g. kopano-spooler or kopano-dagent,
       to load SSL settings.

       The following options can be set in the configuration file:

       server_socket
           Unix socket to find the connection to the Kopano server.

           Default: file:///var/run/kopano/server.sock

       sslkey_file
           Use this file as key to logon to the server. This is only used when server_socket is
           set to an HTTPS transport. See the kopano-server(8) manual page on how to setup SSL
           keys.

           Default: value not set.

       sslkey_pass
           The password of the SSL key file that is set in sslkey_file.

           Default: value not set.

EXAMPLES

       For creating a user:

       kopano-admin -c loginname -p password -f 'Firstname Lastname' -e f.lastname@tenant.com

       For creating a non-login store:

       kopano-admin -c loginname -p password -f 'Firstname Lastname' -e f.lastname@tenant.com -n
       1

       For modifying the password and e-mail address:

       kopano-admin -u loginname -p newpass -e fistname@tenant.com

       For deleting a user:

       kopano-admin -d loginname

       For adding a user to a group:

       kopano-admin -b loginname -i groupname

       For setting a specific quota level for a user. Warning level to 80 Mb, soft level to 90 Mb
       and hard level to 100 Mb:

       kopano-admin -u loginname --qo yes --qw 80 --qs 90 --qh 100

       For automatically accepting meeting requests for a user or resource:

       kopano-admin -u loginname --mr-accept y --mr-decline-conflict y --mr-decline-recurring n

EXTERNAL USERS

       When the users are located in an external database, and the storage server is configured
       to use these users, a lot of commands from the kopano-admin tool make no sense anymore. An
       example of an external database, and currently the only option, is an LDAP database.

       The following actions can still be used, all other commands will be automatically
       triggered by changing the values in the LDAP server.

       -s: create public store.

       -l: list users known to Kopano.

       -L: list groups known to Kopano.

       --details username: show user details.

       --sync: trigger full synchronization for users and groups from the external source.

       When the users change in the external source, the Kopano server instantly synchronizes to
       these changes. There are two exceptions that need some extra attention, and these are when
       users are created or deleted. When a user is created, the createuser_script from the
       kopano-server.cfg(5) will be started to create a store for a user. Likewise, when deleting
       a user, the deleteuser_script from the kopano-server.cfg(5) will be started to delete a
       store from a user. The same is valid for creating and deleting a group and tenant,
       starting the creategroup_script/createcompany_script and
       deletegroup_script/deletecompany_script scripts respectively.

DIAGNOSTICS

       Could not create user/store/public store.

       When you get this error, make sure the storage server and database server are running.

AUTHOR

       Written by Kopano.

SEE ALSO

       kopano-server(8), kopano-server.cfg(5)