Zimbra

creamecake · #1 (**permalink**) 10-25-2010, 01:54 AM

In our scenario, i had installed 3 mailbox servers + 1 LDAP server with Mailbox store with single domain "single.com". I had created 4 domain administrators and 1 global admin. I would like to know;

1. whether i can restrict access to master mailbox store (machine with LDAP) from the domain admins.
2. Allow write permission only to one mailbox store (mb_store_1.single.com) from one domain administrator "domain_admin_1@single.com"

Please suggest some way to do this!!!

I am really in trouble to get out of this! My boss is pushing hard to complete the test!!!

Krishopper · #2 (**permalink**) 10-25-2010, 04:52 PM

Can you be more specific on what exactly you want to restrict? You say "mailbox store" - but I'm not sure if you mean the accounts, the server configuration (And if so, what type of configuration settings), access to the OS, etc.

Please be more specific on what exactly you want to limit access to and we may be able to help

creamecake · #3 (**permalink**) 10-26-2010, 12:13 AM

Note : The scenario is graphically presented and attached;

1. All admin accounts (gadmin, dadmin, dadmin_1, dadmin_2, dadmin_3) are created through https://single.com:7071 admin console
2. Admin accounts details
gadmin
gadmin@single.com
Mail Box = mail.single.com
What we are expecting = Global Administrator to the domain single.com who will have full access to the entire domain and entire servers

dadmin
dadmin@single.com
Mail Box = mail.single.com
What we are expecting = Domain Administrator, who can only "see/write/full access" on the accounts which is created on mail.single.com SERVER. He should not be able to create a account or delete an account on site1/site2/site3.single.com

dadmin_1
dadmin_1@single.com
Mail Box = site1.single.com
What we are expecting = Domain Administrator, who can only "see/write/full access" on the accounts which is created on site1.single.com SERVER. He should not be able to create a account or delete an account on mail/site2/site3.single.com

dadmin_2
dadmin_2@single.com
Mail Box = site2.single.com
What we are expecting = Domain Administrator, who can only "see/write/full access" on the accounts which is created on site2.single.com SERVER. He should not be able to create a account or delete an account on mail/site1/site3.single.com

dadmin_3
dadmin_3@single.com
Mail Box = site3.single.com
What we are expecting = Domain Administrator, who can only "see/write/full access" on the accounts which is created on site3.single.com SERVER. He should not be able to create a account or delete an account on mail/site1/site2.single.com

How could we meet our expectation? Kindly guide us...

Millions of thx in advance...

creamecake · #4 (**permalink**) 10-28-2010, 10:53 AM

any comments pls...!!!

Zimbra

Downloads

Product Information

Toolbox

Why Join?