test

Sun Java System Messaging Server 6 2005Q4 Administration Guide

Specifying Administrator Access to the Store

Message store administrators can view and monitor user mailboxes and specify access control for the message store. Store administrators have proxy authentication privileges to any service (POP, IMAP, HTTP, or SMTP), which means they can authenticate to any service using the privileges of any user. These privileges allow store administrators to run certain utilities for managing the store. For example, using MoveUser, store administrators can move user accounts and mailboxes from one system to another.

This section discusses how to grant store privileges to the message store for your Messaging Server installation.

Note –

Other users might also have administrator privileges to the store. For example, some administrators may have these privileges.

You can perform administrator tasks as described in the following subsections:

ProcedureTo Add an Administrator Entry

Administrators can be added at the Console or by command line.

Steps

  1. From Console, open the Messaging Server you want to configure.

  2. Click the Configuration tab and select Message Store in the left pane.

  3. Click the Administrator tab.

    The tab contains a list of existing administrator IDs.

  4. Click the Add button beside the Administrator UID window.

  5. In the Administrator UID field, type the user ID of the administrator you want to add.

    The user ID you type must be known to the Sun Java System Directory Server.

  6. Click OK to add the administrator ID to the list displayed in the Administrator tab.

  7. Click Save in the Administrator tab to save the newly modified Administrator list.

    Command Line:To add an administrator entry at the command line:

    configutil -o store.admins -v "adminlist"

    where adminlist is a space-separated list of administrator IDs. If you specify more than one administrator, you must enclose the list in quotes. In addition, the administrator must be a member of the Service Administrator Group (in the LDAP user entry: memberOf: cn=Service Administrators,ou=Groups,o=usergroup).

ProcedureTo Modify an Administrator Entry

This section explains how to modify an existing entry in the message store Administrator UID list at the Console.

Steps

  1. Click the Administrator tab.

  2. Click the Edit button beside the Administrator UID window.

  3. Enter your changes to the Administrator UID field.

  4. Click OK to submit your changes and dismiss the Edit Administrator window.

  5. Click Save in the Administrator tab to submit and preserve the modified Administrator list.

    Command Line

    To modify an existing entry in the message store Administrator UID list at the command line:


    configutil -o store.admins -v "adminlist"

ProcedureTo Delete an Administrator Entry

Administrators can be deleted at the Console or by command line.

Steps

  1. Click the Administrator tab.

  2. Select an item in the Administrator UID list.

  3. Click Delete to delete the item.

  4. Click Save to submit and preserve your changes to the Administrator list.

    Command Line.To delete store administrators at the command line, you can edit the administrator list as follows:


    configutil -o store.admins -v "adminlist"

To Protect Mailboxes from Deletion or Renaming Except by an Administrator

You may wish to protect some mailboxes from deletion or modification except by the Administrator. The following procedures describes how to do this. If someone other than an Administrator attempts to delete, modify or rename a protected mailbox, the error message mailbox is pinned is displayed.

Set the local.store.pin configutil variable. using the following format:


configutil -o local.store.pin -v "mailbox1"%"mailbox2"%"mailbox 3"

where mailbox1, mailbox2, and mailbox 3 are the mailboxes to be protected (note that spaces can be used in mailbox names), and % is the separator between each mailbox.