Support Knowledge Base

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

DRAFT

Affected version(s): OXAppSuite 7.10.0 and above, OXGuard 2.10.0 and above

Problem:

Suppose the current scenario:

You are trying to set the default value for certain users under "Security > domain.com OXGuard"  so your users can send encrypted emails all the time as default composing new email.

You may have found the following documentation pages while looking through our documentation:

https://oxpedia.org/wiki/index.php?title=AppSuite:User_management#changeuser
http://oxpedia.org/wiki/index.php?title=OX6:Gui_path

The second link, is quite older, but is worth the understanding of how to accomplish this task.

For instance on this type of issue, you may try and set the flag for a certain user, and when you have done that, you may see this in the logs, or something similar

"2019-08-13T12:25:11,331+0200 INFO  [RMI TCP Connection(2492)-10.192.0.110] com.openexchange.admin.storage.mysqlStorage.OXUserMySQLStorage.change(OXUserMySQLStorage.java:648)
User 3 in context 1 changed! Changed attributes: password-mechanism, gui, username"


But after you try and set that, you end up finding out that it was not set after all. 
So, how can you do this for a special group of users, who not yet have set up the guard? What exactly is the correct syntax for the "changeuser --addguipreferences" tool?

Solution:

Some background...

with the --addduipreferences parameter, that is just for version OX6, so that will not won't work here for this situation.
Also, this has not been extensively tested, so we would suggest you test this out first in your Staging or QA env. 

(warning) Note to be sure your spacing is correct in yml files. If not, your OXAppSuite will not start!
In your /opt/open-xchange/etc/meta/guard.yml, add the following

/opt/open-xchange/etc/meta/guard.yml
com.openexchange.guard.defaultEncrypted:
    preferencePath: oxguard//defaultEncrypted


This line essentially maps a middleware configuration value to the UI value.

(warning) IMPORTANT (warning)
You would then need to add a default value for this in a properties file
(probably the guard-api.properties, but could be in any configuration file in the middleware).  

If you are running Guard on the middleware servers (not separate servers),
you could also put this in the guard-core.properties file.

/opt/open-xchange/etc/guard-core.properties
com.openexchange.guard.defaultEncrypted=false


(info) If the middleware doesn't have a default value for this setting, then Guard will think that
there is a need for upgrading from 2.8 to 2.10 (when this value was added),

and the users would or will lose their default settings for signing, encrypt, and inline.


Finally, how to set the default for composing an email to be encrypted.

Command would be

/opt/open-xchange/sbin/changeuser -A oxadmin -P secret -c 1 -i 5 --config/com.openexchange.guard.defaultEncrypted=true

(info) 

-A = the oxadmin user, -P = the oxadmin password, -c = the context, -i = the user ID

This can also be set at context level if your have a large context of users.  
This will set the value to true for the user, but they will be able to uncheck it if they choose.


  • No labels