Posted by In this article, I will show you how to create another admin in Zimbra OSE with restricted access. New admins will have features to create, delete, modify accounts, distribution lists, and aliases.
1. Create a user from Zimbra Admin or via CLI that will be admin. Or you can change the existing user become an admin
2. Create a script
vi /srv/delegate-admin.sh
Please fill with the following line
#!/bin/bash # $1 for account # $2 for domain # run script ./delegate-admin.sh newadmin@imanudin.net imanudin.net zmprov ma $1 zimbraIsDelegatedAdminAccount TRUE zimbraAdminConsoleUIComponents accountListView zimbraAdminConsoleUIComponents downloadsView zimbraAdminConsoleUIComponents DLListView zimbraAdminConsoleUIComponents aliasListView zimbraAdminConsoleUIComponents resourceListView zmprov grr global usr $1 adminLoginCalendarResourceAs zmprov grr global usr $1 domainAdminZimletRights zmprov grr domain $2 usr $1 domainAdminRights zmprov grr domain $2 usr $1 domainAdminConsoleRights zmprov grr domain $2 usr $1 adminConsoleAliasRights zmprov grr domain $2 usr $1 modifyAccount zmprov grr domain $2 usr $1 countAlias zmprov grr domain $2 usr $1 -configureAdminUI zmprov grr domain $2 usr $1 -get.account.zimbraAdminConsoleUIComponents zmprov grr domain $2 usr $1 -get.dl.zimbraAdminConsoleUIComponents zmprov grr domain $2 usr $1 -set.account.zimbraIsDelegatedAdminAccount zmprov grr domain $2 usr $1 -set.dl.zimbraIsAdminGroup
Give execution access
chmod +x /srv/delegate-admin.sh
3. Change normal user to admin
su - zimbra
/srv/delegate-admin.sh newadmin@imanudin.net imanudin.net
Now you can login to Zimbra Admin with a new admin account. Below is a screenshot when login with a new admin
Good luck 🙂
Source: Zimbra Wiki
Hi,
Is it possible to provide set quota limits in this same panel?
Regards,
Balaji
Hi Balaji,
Yes you can. You can configure quota limit for regular user
When trying to create an account, the following error occurs: “Message: permission denied: need right: assignCos for cos bla bla bla”
OBs: zimbra 8.8.15 FOSS
To avoid this error, the delegated user must be able to assign the COS
then the following must be executed manually or tune in the script:
$ zmprov grr cos [COS name] usr [delegated-user@domain] +assignCos
Hi,
Thank you for your workaround
hi there is it possible to create an admin account but that account cannot create emails or delete them?
Thank you
Hi Albert,
I have not try it. Please share with me if you already found the solution
How do I create a zimbra admin all by myself from the beginning
hy imandin.
How to remove “delete account” option from Delegate admin access. admin only change password fromweb console zimbra
Hi Fahad,
You can use this one: https://imanudin.net/2019/04/30/zimbra-tips-delegated-admin-can-only-change-passwords/
how can i list the delegate admin users list
Hello,
You can run the following command
Can you limit the admin to particular domain only?
Hello Jesse,
Sure. You can follow this guidance
Thank you for this. Can we limit the admin to certain Admin Zimlets like Viewmail?