kdb-uidextract(8) | Gromox admin reference | kdb-uidextract(8) |
Name¶
kdb-uidextract — Helper for creating a gromox-kdb2mt ACL map
Synopsis¶
python /usr/libexec/gromox/kdb-uidextract
Description¶
kdb-uidextract is a Python script utilizing python-kopano bindings to read user object descriptions off a Kopano installation and produce a user listing suitable for consumption by the gromox-kdb2mt --user-map option.
This script is meant to be executed on a live Kopano system and does not rely on Gromox components at all.
kdb-uidextract first queries the server on the current machine for all participating Kopano servers in the cluster. This requires that all Kopano servers accept TLS connections (/etc/kopano/server.cfg:server_ssl_port, server_ssl_key_file, sslkeys_path) and have authentication keys set up for the SYSTEM account (in the directory specified by sslkeys_path).
The resulting map for kdb2mt is printed to stdout.
Options¶
This program offers no command-line options.
Files¶
By way of the kopano Python module, /etc/kopano/admin.cfg is sourced for TLS certificate parameters. Confer with the kopano-admin.cfg(5) manpage.
Format¶
The output is a JSON file containing an array of user objects. Each user object is a dictionary with zero or more attributes; these can be:
- "na": username
- "sv": server GUID, represented as 16 ASCII characters, case-insensitive
- "st": store GUID, represented as 16 ASCII characters, case-insensitive
- "id": per-database(!) numeric user ID
- "em": e-mail address associated with the Kopano account
- "to": e-mail address that gromox-kdb2mt(8) should map the Kopano user to
null values and empty strings are allowed. Take note that in multi-server Kopano installations, every LDAP user will appear in all the kopano-server databases, and with generally different user IDs.
[
{"em": "boss@example.domain", "na": "boss", "sv": "0123456789abcdef0123456789abcdef", "st": "0123456789abcdef0123456789abcdef", "to": "boss@domain.example", "id": 3},
{"em": "boss@domain.example", "na": "boss", "sv": "123456789abcdef0123456789abcdef0", "st": "0123456789abcdef0123456789abcdef", "to": "boss@domain.example", "id": 91} ]
See also¶
Gromox |