Creating a command-line scalix admin

[Derek]

How does one do this?

We're about to start migration from a sendmail server to Scalix and it's not a flash cut. So, I need to add entries in /etc/mail/aliases so that mail forwards from old_server to new_server for only users who have been migrated.

Rather than myself or someone else having to update 20-50 users at a time, I'd rather script something and be done with it.

So I want to do:

Code: Select all

[old_server]# ssh updater@new_server omshowu -m all

And harvest what I need out of the returned data.

The problem is, omshowu can only be executed by root or a Scalix Admin. So, is there a way to create a command-line admin without creating a Scalix user?

I want to do this as securely as possible being that old_server is sitting in the DMZ, hence why I want to do the remote execution with ssh. But, I've never set up a passwordless execution like that and have failed in the past. I suppose I could set up an alias that is caught by a script to do the updates to the aliases file, but that idea doesn't sit too well with me. But it seems to be the easiest route.

Any thoughts?

[sjk]

Hi Derek,

what about using "sudo"? Have you already tried this?

You could give the right to execute omshowu as root to user "updater".

For the SAC you can use something similar if tomcat doesn't run as root (what i would always prefer . Look at the Scalix Wiki for more information.

Stefan

[florian]

Well, Scalix can help here as well.

- Create a new unix user
- Create a new Scalix admin and associate the user with the unix user

Code: Select all

omaddu -n "New Admin/my,mailnode" -p scalixpass -c admin -u unixuser

This user will be able to execute most of the OM commands with full admin permission.

Cheers,
Florian.