Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

What does provisioning mean?

Provisioning means creating, changing and deleting contexts and users inside OX App Suite. This is usually done via a SOAP interface which will be provided to you by OX. To do the provisioning, you will have to authenticate the client you use with your admin credentials because you need admin privileges to create objects inside OX Cloud. OX will not provide the aforementioned client that implements the provisioning calls, but there's a hands-on section that will give you some examples for provisioning.

What is a context?

A context is an independent instance within OX Cloud and holds users, groups and resources and all their objects. If you want to see it that way, it's an independent container for all your users, resources and other objects. Independent means that data from one context is not visible to other contexts.


Every time a context is created a context admin is created. The context admin is like an ordinary OX Cloud user, except that it can add, remove and edit users within OX Cloud using the provisioning API. In OX Cloud, however, the context admin cannot read, send or receive mail.

What is a user?

A user is an entity that belongs to a context and has authority to use one or more modules inside modules inside OX Cloud. Every user will have a user name and a user id and is managed by the administrators. The  The same user name may exist in different contexts therefore a user is generally identified by username@contextid but for logging in can be identified by username@domain typically. A user can share data with other users in the same context in case of OX Cloud's basic permission level.


A resource is an entity which belongs to a context and is shared by the users belonging to the context. For instance, a user might create the resource “Office Conference room1 ” or “Projector 1” then any other user may create an appointment an appointment and add “Office Conference room 1” in order to reserve the room. If a user tries to reserve a resource already busy it is not available for the appointment and will lead to an unresolvable conflict. Every  Every resource will have a resource name and a resource id to identify the resource for later provisioning calls.


Within OX Cloud it is possible to control the access to the available modules (like Mail, Drive, etc.) per context via a so called Module Access Combination which are defined in the OX Cloud product definition. That means all users in one context per default get the same access rights which are defined for the context by the module access combination. The context's module access combination can later be overwritten for every user in the context (again with a module access combination) granting them more or fewer rights than the context defaults.

What is a Class of Service

A Class of Service is extending the feature definition for a mailbox above what is possible via a module access combination. Some OX Cloud features cannot be enabled via a module access combination (or a module access flag) but need to be granted via special properties or capabilities. So a Class of Service is required for provisioning of certain standard packages and is currently  complementing a module access combination but does NOT replace it. Both need to be maintained correctly if the feature set is changed.

What are permissions?

Permissions Permissions allow to enable or disable a certain set of features for a user. Currently, the following permissions are available:

SENDUser is allowed to send mail
RECEIVEUser is allowed to receive mail
MAILLOGINUser can login using IMAP from external; webmail is not affected
WEBLOGINUser can login to OX webmail.

What is Unified Quota?

Quota in general means the amount of data, e.g. mails or files, a user can store on OX Cloud. For OX Cloud we use the concept of unified quota for all data storage the user has so that a user can use the allocated e.g. 5GB for mails and files alike and doesn't need to have separate quotas for each purpose.