Page 1 of 1

Suggestion: manage external users for shared resources

Posted: Wed Aug 30, 2017 9:08 am
by stefaniu.criste
Hello all, here is a scenario

Stage 1 - work
- consider the Zimbra NE running for my domain
- I am creating a new folder in the briefcase, sharing it with external user "john.doe@onemail.tld"
- user gets the standard sharing message, defines the password and can access the shared resources without problmes

All is OK in this stage

Stage 2 - cleanup
- I delete the the share, since is not used anymore
- in the admin console, at Manage > Accounts I still can see the special user "" (it has a yellow icon, instead a blue one, like regular users)
- I delete the user and all is OK.

Now, the problem is that users are neither deleted automatically when deleting all resources, nor when I revoke their shared rights (from my mailbox > Preferences . Sharing)

Should be a good feature to be able to delete the external users directly from the Preferences tab, rather than have a domain admin doing this.

Makes sense ?

Thank you

Re: Suggestion: manage external users for shared resources

Posted: Thu Sep 07, 2017 2:20 pm
by jorgedlcruz
I think it's a good idea, and at least you should have an option on your preferences same as when you are revoking the privileges, to delete that user. Maybe we keep it that way, as maybe other internal users can share with the same external resource, so he can access different internal resources, that's the only use case I can see it makes sense it should need to be removed by an admin.

Best regards

Re: Suggestion: manage external users for shared resources

Posted: Mon Nov 20, 2017 1:09 am
by 10424bofh
True, but still this leaves a mess of virtual accounts that never ever ends.
so i would suggest to have at least an cleanupscript that can kill those which have no longer access to anything
and or cleanup of inactives (with proper revoke, so if inactive for xxx days revoke shares to that account and delete it, with optional information about autorevoking that account)

also is it correct that the only way such an account can login is by the url ... ???

i tryed it with the virtual domain feature but i cant login as an external user except i use the virtualaccdomain flag

why doesnt this work with the virtual domain feature?
would be way easier if someone looses the mail to simply login by going on the virtual domain of that entity

so this feature is kinda messy