Exchange users and public folder administration tool
openchangepfadmin [-?] [-?|--help] [--usage] [-f|--database PATH] [-p|--profile PROFILE] [-P|--password PASSWORD] [--apassword=PASSWORD] [--adesc=DESCRIPTION] [--acomment=COMMENT] [--afullname=NAME] [--list] [--mkdir] [--rmdir] [--comment=COMMENT] [--dirclass=CLASS] [--adduser=USERNAME] [--rmuser=USERNAME] [--addright=RIGHT] [--rmright] [--modright=RIGHT] [--debuglevel=LEVEL] [--dump-data] [--folder=FOLDER] [--username=USERNAME]
openchangepfadmin is a administrative command line tool designed to facilitate user management related operations (create, delete, modify) on a remote Exchange server and manage public folder store and permissions.
--adduser=USERNAME
Create a Exchange user with the username specified by USERNAME
--rmuser=USERNAME
Delete the Exchange user account specified by USERNAME
--list
List Public Folder hierarchy (IPM_SUBTREE)
--mkdir
Create a folder in the Public Folder store
--rmdir
Delete a folder in the Public Folder store
--addright=RIGHT
Add permission and roles for a user on a Public Folder directory.
--modright=RIGHT
Modify permissions and roles for a user on a Public Folder directory
--rmright
Delete permissions and roles for a specific user
--database=DATABASE
-f
Set the MAPI profile database. If no database is specified, then openchangeclient tries to load the default one: $HOME/.openchange/profiles.ldb
--profile=PROFILE
-p
Set the profile to use. If a profile is not specified, and one of the profiles has been set as the default in the profile database (for example, using mapiprofile -S), then that default profile will be used.
--password
-P
Set the password for the profile to use. This can be omitted if the password is stored in the profile.
--apassword=PASSWORD
Define the password to set for the user specified with --adduser. If no password is explicitely supplied, openchangepfadmin will arbitrary set a random one.
--adesc=DESCRIPTION
This command can only be used with --adduser and specifies a description for this account
--acomment=COMMENT
This command can only be used with --adduser and specifies a comment for this account.
--afullname=NAME
This command can only be used with --adduser and specifies the user full name for this account.
--comment=COMMENT
This command can only be used with --mkdir and specifies a comment for the folder.
--dirclass=CLASS
This command can only be used with --mkdir and specifies the container class of the directory we want to create. Possible values are: IPF.Appointment, IPF.Contact, IPF.Journal, IPF.Note, IPF.StickyNote, IPF.Task, IPF.Post
--folder=FOLDER
This command can only be used with --addright, --modright and --rmright. Specify the folder where permissions and roles have to be changed.
--username=USERNAME
This command can only be used with --addright, --modright and --rmright. Specify the username we want to change permissions and roles for.
--dump-data
Dump the hex data. This is only required for debugging or educational purposes.
--debuglevel LEVEL
-d
Set the debug level.
Creating user
openchangepfadmin --adduser=linuxowner --apassword=linuxowner \ --adesc="Linux Owner Test account" \ --afullname="Linux Owner" mapiadmin_user_add : MAPI_E_SUCCESS (0x0) username: linuxowner password: linuxowner
Creates a user account with username and password set to linuxowner.
Deleting user:
openchangepfadmin --rmuser=linuxowner mapiadmin_user_del : MAPI_E_SUCCESS (0x0)
Create Public Folder:
openchangepfadmin --mkdir --folder=public_events --dirclass=IPF.Appointment
Creates a folder in the Public Folder store named public_events with a container class set to Appointment. This folder will display calendar items.
Delete Public Folder:
openchangepfadmin --rmdir --folder=public_events
List Public Folder hierarchy:
openchangepfadmin --list
Add Permission:
openchangepfadmin --username=linuxowner --folder=public_events \ --addright=RoleOwner Permission RoleOwner added for linuxowner on folder public_events
Modify Permission
openchangepfadmin --username=Anonymous --folder=public_events \ --modright=RoleNone Permission changed to RoleNone for Anonymous on folder appointment
Note that you can only change permissions for a user already listed in the ACL table.
Permissions and Roles possible values are:
RightsNone
RightsReadItems
RightsCreateItems
RightsEditOwn
RightsDeleteOwn
RightsEditAll
RightsDeleteAll
RightsCreateSubfolders
RightsFolderOwner
RightsFolderContact
RoleNone
RoleReviewer
RoleContributor
RoleNoneditingAuthor
RoleAuthor
RoleEditor
RolePublishAuthor
RolePublishEditor
RightsAll
RoleOwner
AddUserPermission, ModifyUserPermission, RemoveUserPermission
Julien Kerihuel <j.kerihuel at openchange dot org>