Results 1 to 2 of 2

Thread: "Virtual" accounts created as a result of external sharing

  1. #1
    Join Date
    May 2013
    Posts
    18
    Rep Power
    2

    Default "Virtual" accounts created as a result of external sharing

    Using version Version 8.0.4_GA_5737.NETWORK May 24, 2013

    Discovered today that when a user creates a share to an external user (calendar, briefcase, etc), a username and password is no longer sent to the invitee in the email (we recently upgraded from version 6.x so I'm not sure what the default behavior was in version 7.x) instead the email contains a link where the invitee can create a Display Name and their own password. When the invitee completes this, a new account appears in the admin console with the user's email address (with @ changed to .) + domain name as the account name (example: invitee address of john.doe@domain_name.com becomes account john.doe.domain_name.com@our_domain_name.com) and further indicated by a yellow icon. The account is automatically set to be hidden in the GAL.

    I think this is a great feature as it allows administrators to change passwords, close the account, etc. However I have some questions that I'm hoping someone can help me with that maybe I'm missing.

    1) There appears to be no way of knowing what these "virtual" accounts are shared to or who shared them, so as an administrator how do we tell if they are valid or not?

    2) When the share is revoked the "virtual" accounts remain in the system and active. The invitee can still log in but can not see anything. When if ever are these "virtual" accounts removed? Since administrators have no way of knowing if the "virtual" account should have access to anything or not (see #1) we do not know if we can delete them or not.

    3) Also related to #1, is there a way to see who created what share for a "virtual" user?

  2. #2
    Join Date
    Jan 2010
    Posts
    138
    Rep Power
    5

    Default

    1. "zmmailbox gaf" should show all the mounted folders and their owners in external user's mailbox. To see all the shares external user has *access* to (not all necessarily mounted), one can run an ldap search based on zimbraSharedItem attr pattern across all accounts.

    2. There's a server task that runs every zimbraExternalAccountStatusCheckInterval (default 1 day). When an external virtual account no longer has access to any shares this task disables the account. Ater that the account is deleted after zimbraExternalAccountLifetimeAfterDisabled (default 30 days).
    Last edited by vmahajan; 04-03-2014 at 03:14 AM.

Similar Threads

  1. Replies: 0
    Last Post: 04-20-2011, 01:49 AM
  2. Replies: 9
    Last Post: 10-04-2010, 10:46 PM
  3. You can not sort mail by using the field "To" in a search result
    By simoncordova in forum General Questions
    Replies: 1
    Last Post: 06-12-2009, 10:43 AM
  4. "External Accounts" feature
    By ksexton in forum Installation
    Replies: 3
    Last Post: 06-30-2008, 11:19 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •