Template:Directory Services Kerio Connect Authentication


As the Kerio Connect API only support synchronization, but not authentication of users, MailStore allows authenticate users via an IMAP login. To achieve this, you have to configure the following settings in the Authentication section:

  • Kerio IMAP Server
    Enter the IP address or the DNS name of the Kerio Connect server against which authentication should be performed.
  • IMAP Server Access
    Configure the connection protocol. Be aware that IMAP servers often expect the connection to be encrypted (IMAP-TLS, IMAP-SSL). If the certificate provided by the remote host cannot be verified (e.g. self-signed or signed by an unknown certificate authority), enable the option Accept all certificates to allow MailStore to establish a connection. As this option leads to an insecure configuration, warnings may appear in the summary and/or the dashboard.

Important Notice: If your Kerio Connect users authenticate against an Active Directory or if you store the passwords as SHA hashes, you must disable CRAM-MD5 and DIGEST-MD5 under Configuration > Advanced Options > Security Policy in your Kerio Connect Server. Otherwise users will not be able to log on to MailStore.