|
|
(67 intermediate revisions by 4 users not shown) |
Line 1: |
Line 1: |
− | = Base Configuration =
| + | __NOTOC__ |
| + | The administration of MailStore Server by an administrator is performed using MailStore Client on an arbitrary computer. MailStore administrators can access the ''Administrative Tools'' from the left navigation tree of the client or via ''Quick Access'' on the start page. |
| | | |
− | = MailStore Server Base Configuration =
| + | Under ''Administrative Tools'', MailStore administrators have access to the follow settings: |
| | | |
− | Basic administrative functions are available in the MailStore Server Base Configuration which can be accessed from the MailStore Server program folder in the Window start menu. | + | {| width="100%" cellspacing="3" cellpadding="4" |
| + | | valign="top" width="50%"| |
| + | '''Users and Privileges''' |
| + | * [[Users, Folders and Settings|Users]] |
| + | * [[Multi-factor Authentication]] |
| + | * '''Directory Services''' |
| + | ** [[Active Directory Integration|Active Directory]] |
| + | *** [[Setup Active Directory Federation Services|Active Directory Federation Services]] |
| + | ** [[Synchronizing_User_Accounts_with_Microsoft_365_(Modern_Authentication)|Microsoft 365 (Modern Authentication)]] |
| + | ** [[Office 365 Integration|Microsoft 365 (Basic Authentication)]] |
| + | ** [[Application Integration]] |
| + | ** [[Google Workspace Integration|Google Workspace]] |
| + | ** [[IceWarp Server Integration|IceWarp Server]] |
| + | ** [[Kerio Connect Integration|Kerio Connect]] |
| + | ** [[Generic LDAP Integration|LDAP Generic]] |
| + | *** [[Setup Active Directory Federation Services|Active Directory Federation Services]] |
| + | ** [[MDaemon Integration|MDaemon USERLIST.DAT]] |
| + | * [[Users, Folders and Settings|Privileges]] |
| + | * [[Archives]] |
| + | '''Compliance''' |
| + | * [[Compliance General]] |
| + | ** [[Retention Policies]] |
| + | * [[Auditing]] |
| + | * [[Audit Log]] |
| + | | valign="top" width="50%"| |
| + | '''Storage''' |
| + | * [[Storage Locations]] |
| + | * [[Search Indexes]] |
| + | * [[Backup_and_Restore|Create Archive Backup]] |
| + | '''Management API''' |
| + | * [[MailStore Server Management Shell|Command Prompt]] |
| + | * [[Jobs]] |
| + | * [[Job Results]] |
| + | '''Miscellaneous''' |
| + | * [[License Management]] |
| + | * [[SMTP Settings]] |
| + | * [[Active Sessions]] |
| + | * [[Product Updates]] |
| + | |} |
| | | |
− | [[File:tech_config_01.png|center|450px]] | + | [[de:Verwaltung]] |
− | | + | [[en:Administration]] |
− | The following functions and settings are available:
| |
− | | |
− | '''Master Database'''
| |
− | Under Directory, select the storage location of an existing master database. If an empty directory is chosen, a new master database is created therein. Additional information about master databases is available in chapter Structure of the MailStore Database.
| |
− | | |
− | '''IP Address and Port'''
| |
− | These settings can be adjusted as needed.
| |
− | | |
− | '''Web Access'''
| |
− | The Web Access configuration dialog will be opened. Additional information is available in chapter Web Access Configuration.
| |
− | | |
− | '''Debug Log'''
| |
− | Activate this setting if problems or errors have occurred while operating MailStore Server. After restarting the server service by clicking on Restart in the same window, a detailed log file is written. This file can be evaluated by the MailStore support team, for example.
| |
− | | |
− | '''Locksmith'''
| |
− | With this function, the user admin with the password admin can be restored.
| |
− | | |
− | '''Windows Service'''
| |
− | With this function, the MailStore Server service can be stopped and restarted. This may become necessary after certain changes to the configuration have been made or before performing a Backup.
| |
− | | |
− | = MailStore Web Access Configuration =
| |
− | | |
− | MailStore Web Access is a limited web version of MailStore Client. It provides access to the archived emails using an internet browser; an installation of MailStore Client is not required.
| |
− | | |
− | Users can use the following internet addresses to access their archives. A detailed description is available in chapter Using MailStore Web Access.
| |
− | | |
− | *http://servername:8461
| |
− | *https://servername:8462
| |
− | | |
− | '''Please note:''' By default, the setup of MailStore Web Access is completed. This chapter only provides information about the settings and how they may be adjusted.
| |
− | | |
− | == Summary for Experts ==
| |
− | | |
− | [[File:tech_webconfig_01.png|right|350px]]
| |
− | | |
− | *MailStore Web Access requires MailStore Server to run on Windows XP starting with SP2, Windows Vista, or Windows Server 2003 or 2008.
| |
− | *By default, MailStore Web Access is activated. The preset URLs are http://servername:8461 and https://servername:8462 respectively.
| |
− | *Using the MailStore Server Base Configuration, MailStore Web Access can be activated and deactivated, and HTTP and HTTPS ports as well as SSL certificates can be specified if a secure connection is required.
| |
− | *To use the function Open in Microsoft Outlook, MAPI must be installed. If neither Outlook nor Exchange Server 2003 or lower are installed on the server, MAPI must be installed separately using the following download: http://www.mailstore.com/?mapi.
| |
− | *To use the function Restore to Mailbox, the SMTP access data must be specified once through administrative tools.
| |
− | | |
− | == System Requirements ==
| |
− | | |
− | In order to be able to use MailStore Web Access, MailStore Server must be installed on one of the following operating systems:
| |
− | | |
− | *Microsoft Windows XP Service Pack 2 or higher
| |
− | *Microsoft Windows Vista
| |
− | *Microsoft Windows Server 2003
| |
− | *Microsoft Windows Server 2008
| |
− | *each including Small Business Edition
| |
− | | |
− | Users may use any operating system because MailStore Web Access is accessed using an internet browser. MailStore officially supports the following browsers:
| |
− | | |
− | *Microsoft Internet Explorer 6
| |
− | *Microsoft Internet Explorer 7
| |
− | *Microsoft Internet Explorer 8
| |
− | *Mozilla Firefox
| |
− | *Google Chrome
| |
− | *Opera
| |
− | *Apple Safari
| |
− | *Apple Safari on iPhone or iPod touch (special interface)
| |
− | | |
− | Windows authentication (single sign-on; login without entering the password) requires Microsoft Internet Explorer because it is the only browser capable of sending the appropriate information.
| |
− | | |
− | == Accessing MailStore Web Access ==
| |
− | | |
− | Unless MailStore Server is configured otherwise, users can access MailStore Web Access with the following internet addresses:
| |
− | | |
− | *http://servername:8461
| |
− | *https://servername:8462
| |
− | | |
− | Detailed instructions for the web access are available in chapter Using MailStore Web Access. Instructions for the special iPhone/iPod touch version is available in chapter Access Using iPhone and iPod touch.
| |
− | Activating and Deactivating MailStore Web Access
| |
− | | |
− | By default, MailStore Web Access is activated. To deactivate or reactivate it, please proceed as follows:
| |
− | | |
− | *Start the MailStore Server Base Configuration using the appropriate desktop icon.
| |
− | *Click on ''Configure HTTP/HTTPS Access''.
| |
− | *Remove/add both checkmarks.
| |
− | *Click on ''OK'' to save the settings.
| |
− | *To apply the settings, restart MailStore Server by clicking on ''Restart''.
| |
− | | |
− | == Specifying Standard Ports for MailStore Web Access ==
| |
− | | |
− | [[File:tech_webconfig_02.png|right|400px]] | |
− | | |
− | If, besides MailStore Web Access, no other web server is installed (e.g. an IIS website, Microsoft Outlook Web Access or SharePoint), the standard ports HTTP and HTTPS can be specified. This way, users can access MailStore Web Access directly (without having to enter the port numbers) using the addresses http://servername or https://servername. Please proceed as follows:
| |
− | | |
− | *Start the MailStore Server Base Configuration using the appropriate desktop icon.
| |
− | *Click on Configure HTTP/HTTPS Access.
| |
− | *Specify port 80 as HTTP port (upper right field).
| |
− | *Specify port 443 as HTTPS port (lower right field).
| |
− | *Click on OK to save the settings.
| |
− | *To apply the new settings, restart MailStore Server by clicking on Restart.
| |
− | | |
− | == Specifying an SSL Certificate for MailStore Web Access ==
| |
− | | |
− | In order to provide encrypted access (HTTPS) via MailStore Web Access, MailStore Server automatically generates a test certificate with the installation. One disadvantage of using test certificates is that, depending on which internet browser is used, a lot of warning messages are displayed. If you own an official SSL certificate for the server, it can be used for MailStore Web Access as follows:
| |
− | | |
− | *Install the certificate into the certificate store (local system).
| |
− | *Start the MailStore Server Base Configuration using the appropriate desktop icon.
| |
− | *Click on ''Configure HTTP/HTTPS Access''.
| |
− | *Click on ''Select SSL Certificate'' and select the certificate that was saved in the certificate store.
| |
− | *Click on ''OK''.
| |
− | *Click on ''OK'' once more to save the settings.
| |
− | *To apply the new settings, restart MailStore Server by clicking on ''Restart''.
| |
− | | |
− | == Setting Up the "Open in Outlook (MSG)" Function ==
| |
− | | |
− | To enable users to use the Open in Outlook function, MAPI must be installed on the machine on which MailStore Server is installed. This is the case whenever one of the following software products is installed:
| |
− | | |
− | *Microsoft Outlook 2000
| |
− | *Microsoft Outlook XP
| |
− | *Microsoft Outlook 2003
| |
− | *Microsoft Outlook 2007
| |
− | *Microsoft Exchange Server 2000
| |
− | *Microsoft Exchange Server 2003
| |
− | | |
− | If none of the above products is installed, or if Microsoft Exchange Server 2007 is installed, which does not include MAPI in its installation, MAPI must be installed separately. Please proceed as follows:
| |
− | | |
− | *Download ''Microsoft Exchange Server MAPI Client and Collaboration Data Objects'' from the Microsoft website. You can enter the following email address which will redirect you to the appropriate Microsoft download page:
| |
− | http://www.mailstore.com/?mapi
| |
− | *Execute the downloaded file ''ExchangeMapiCdo.exe''
| |
− | *Specify any directory, e.g. ''C:\MAPI''
| |
− | *The directory will now contain the following subfolder: ''ExchangeMapiCdo.'' Open it.
| |
− | *Execute the installer file ''ExchangeMapiCdo.msi.''
| |
− | *If the message ''"Messaging API and Collaboration Data Objects 1.2.1 cannot be installed with Microsoft Outlook / Microsoft Exchange Server."'' appears, MAPI is already installed. No additional installation is needed.
| |
− | *After the installation, the installation directory (e.g. ''C:\MAPI'') can be removed again from the hard drive.
| |
− | | |
− | == Setting Up the "Restore to Mailbox" Function ==
| |
− | | |
− | To set up the Restore to Mailbox function, please proceed as follows:
| |
− | | |
− | *Start MailStore Client and log on as MailStore administrator (''admin'').
| |
− | *Under ''Administrative Tools'' -> ''SMTP Settings'', specify the access data of your SMTP server. MailStore Server needs this data in order to be able to deliver the emails which are to be restored to the appropriate user. Detailed instructions are available in section SMTP Settings.
| |
− | *Make sure that the field Email Address is filled out for every MailStore user. This prevents users from having to enter their email address each time they use the restore function.
| |
− | | |
− | = SMTP Settings =
| |
− | | |
− | To be able to send emails, MailStore Server requires SMTP access data. Email is used to send important administrative notifications or email copies for the recovery from MailStore Web Access.
| |
− | | |
− | == Specifying the Settings ==
| |
− | | |
− | To specify the SMTP settings, please proceed as follows:
| |
− | | |
− | *Start MailStore Client and log on as MailStore administrator (''admin'').
| |
− | *Click on ''Administrative Tools''.
| |
− | *Click on ''SMTP Settings''.
| |
− | *The following dialog window appears:
| |
− | | |
− | [[File:tech_smtpsettings_01.png|center|400px]]
| |
− | | |
− | *Under ''Server'', enter the host name of the SMTP server or its IP address.
| |
− | *If a non-standard port is to be used, enter the port number in the Server field as well, separated by a colon. For example: ''smtp.deepinvent.com:587''
| |
− | *In the field Protocol, select ''SMTP'' if the connection to the SMTP server is to remain unencrypted.
| |
− | *If the connection to the SMTP server is to be encrypted, select ''SMTP-TLS'' or ''SMTP-SSL under Protocol''. If the SMTP server does not have an official or installed SSL certificate, mark the checkbox ''Ignore SSL Warnings''; if it is unchecked, the sending process will fail.
| |
− | *Especially SMTP servers which are accessible through the internet require a login (SMTP authentication). Mark the corresponding checkbox and enter the appropriate access data. Often times, the POP3 access data of any user on the email server can be used.
| |
− | *Under ''Sender'', enter the display name and the email address of the email sender. Many SMTP servers require an existing email address to be entered. The display name can be chosen freely; ideally the name indicates that the email was sent by MailStore Server.
| |
− | *Under ''Recipient for Notifications'', enter the email address of the recipient for administrative notifications of MailStore Server.
| |
− | | |
− | == Verifying the Settings ==
| |
− | | |
− | Once all settings have been specified, MailStore Server can be instructed to send a test email to the email address entered for notifications; simply click on Test. If an error message appears or the recipient specified does not receive the email, the following hints for troubleshooting may be helpful:
| |
− | | |
− | == Troubleshooting ==
| |
− | | |
− | *If no error occurs upon sending but the email does not arrive, please check the spam or junk mail folder of the mailbox. Perhaps the email was filtered out.
| |
− | *If an error message appears because of an invalid certificate ("Server's certificate was rejected by the verifier because of an unknown certificate authority."), mark the checkbox ''Ignore SSL Warnings'' and try again.
| |
− | *If an error message appears indicating that ''"One or more recipients rejected"'', the SMTP server probably requires authentication. Enter the appropriate access data as described above.
| |
− | *If an error message appears because of invalid access data (''"Incorrect authentication data"''or ''"Authentication failed"''), verify the data entered. Often times, the access data match those of the corresponding POP3 server.
| |
− | *If further error messages appear or other problems arise, please check your entries for possible mistakes.
| |
− | | |
− | = Users, Folders and Settings =
| |
− | | |
− | == The MailStore Folder Structure ==
| |
− | | |
− | [[File:umgm_folders_01.png|right|250px]]
| |
− |
| |
− | | |
− | For each user, MailStore creates a folder on the highest level of the folder structure which corresponds to the archive of the respective user. It contains all emails that were archived for this user and is labeled ''My Archive''.
| |
− | | |
− | If the user has access to the archives of other MailStore users (as MailStore administrator, for example), their folders are listed as ''Archive of <User Name>''.
| |
− | | |
− | Below these main folders, the individual email sources (e.g. Microsoft Outlook or Exchange mailboxes) and their folder structures (e.g. ''Inbox'') are listed.
| |
− | | |
− | == Deleting Folders ==
| |
− | | |
− | Folders and the emails contained therein can only be deleted after the appropriate user privileges have been assigned explicitly by the administrator. If the folder to be deleted contains any subfolders, they will be deleted as well.
| |
− | | |
− | == Moving, Renaming, and Creating Folders Manually ==
| |
− | | |
− | Within MailStore, folders cannot be moved or renamed. During the archiving process, MailStore adopts the folder structure and the folder names of the source (e.g. Microsoft Outlook).
| |
− | | |
− | == Deleting Emails ==
| |
− | | |
− | Highlight the emails to be deleted by clicking on the emails while holding down the control (''Ctrl'')key. Holding down the ''Ctrl'' key and pressing A will highlight all emails. Right-click on the highlighted item(s) and select ''Delete''. Users are only allowed to delete emails if they have received this privilege from the administrator.
| |
− | | |
− | Please keep in mind that allowing users to delete emails is not recommended; assigning such privileges makes it difficult, if not impossible, to comply with legal requirements regarding the storage of emails.
| |
− | | |
− | == Moving Emails ==
| |
− | | |
− | Highlight the emails to be moved by clicking on the emails while holding down the control (''Ctrl'') key. Holding down the ''Ctrl'' key and pressing ''A'' will highlight all emails. Right-click on the highlighted item(s), select ''Move To Folder'' and select a destination folder. Emails can only be moved within a user archive.
| |
− | | |
− | = User Management =
| |
− | | |
− | When emails are archived, they are always assigned to individual users (the original owners of the emails). Every MailStore user has his or her own user archive which is created automatically upon setting up the new user account. For this reason, before any emails can be archived, the appropriate user accounts have to be created first.
| |
− | Options for the Setup of New User Accounts
| |
− | | |
− | *Adding users manually (described here)
| |
− | *Synchronizing User Accounts with Active Directory
| |
− | | |
− | == Opening User Management ==
| |
− | | |
− | Log on to MailStore Client as administrator. Click on ''Administrative Tools'' and then on ''Users''.
| |
− | | |
− | == Creating a New User ==
| |
− | | |
− | Click on Create New and enter a login name for the new user. This could be a combination of first and last name, for example. Click on ''OK'' to confirm. In the next window, additional settings may be specified. Again, click on ''OK'' to confirm the new settings.
| |
− | | |
− | The user is added to the list of users and can be edited at any time, as described in the following section.
| |
− | | |
− | '''Please note:''' The emails for a new user can be archived right away, no additional settings have to be specified. However, for the user to be able to log on to MailStore Client, a password has to be created (in the case of MailStore integrated authentication).
| |
− | | |
− | == Editing an Existing User Account ==
| |
− | | |
− | Select a user from the list and click on ''Properties''.
| |
− | | |
− | [[File:umgm_users_02.png|center|350px]]
| |
− | | |
− | In the next window, the following settings can be specified:
| |
− | | |
− | *'''Full Name:''' Enter first and last name of the user.
| |
− | *'''Authentication:''' If choosing the setting MailStore-integrated, users have to use the password specified in user management when logging on to MailStore Client. Click on Password to set the password. Users can later change their passwords through Administrative Tools in their installation of MailStore Client.
| |
− |
| |
− | Alternatively, the authentication LDAP (Active Directory) can be used. In this case, users can log on to MailStore using their Active Directory access data. Please refer to chapter MailStore and Active Directory for more information.
| |
− | *'''User is an Administrator:''' Only administrators have access to the administrative functions found in MailStore Client's Administrative Tools and in the Management Shell.
| |
− | *'''Integration - Windows User Name:''' This information is only needed if single sign-on is to be available to the user. In this case, after logging on to Windows, no additional login is required for starting MailStore Client.
| |
− | *'''Integration - Email Addresses:''' This information is only needed for the following archiving options: MailStore Proxy Server, Microsoft Exchange Journaling, and archiving multiple Exchange mailboxes synchronously.
| |
− | *'''Integration - POP3 User Names:''' This information is only needed for archiving tasks using MailStore Proxy. If the POP3 user name does not match the user's email address, the user name has to be specified here.
| |
− | *'''Privileges:''' Privileges are described separately in chapter Specifying Privileges. As long as the appropriate privileges are not set, users are not able to delete any emails from the archive (even their own).
| |
− | | |
− | Click on ''OK'' to apply the new settings.
| |
− | | |
− | == Deleting Users ==
| |
− | | |
− | Click on ''Administrative Tools'' and then on ''Users''. Select the appropriate user from the list and click on ''Delete''.
| |
− | | |
− | Deleting a user does '''not''' delete the emails that were archived for that user. The corresponding user archive, including all emails, is still available in MailStore and can be accessed by the administrator.
| |
− | | |
− | Deleting a user releases the corresponding user license (despite the remaining user archive). This license can be used to create a new user account.
| |
− | | |
− | = Specifying Privileges =
| |
− | | |
− | To specify the privileges for a user, click on ''Administrative Tools'' and then on ''Users''. Select the appropriate user from the list and click on ''Properties''.
| |
− | | |
− | [[File:umgm_privileges_01.png|center|450px]]
| |
− | | |
− | == The Following Privileges can be Assigned: ==
| |
− | | |
− | '''Log on to MailStore Server'''
| |
− | Only users with this privilege can log on to MailStore Server through MailStore Client. Please note: Without this privilege, emails can still be archived for the respective user.
| |
− | | |
− | '''Archive Email'''
| |
− | Only users with this privilege can execute archive profiles independently and thereby archive emails to MailStore Server. '''Please note:''' An administrator can always archive emails for the user regardless of this setting. Please keep in mind that users can archive emails only if they have write-access to their MailStore user folders. This setting can be specified under ''Folder Access'' (described below).
| |
− | | |
− | '''Export Email'''
| |
− | Only users with this privilege can export emails from MailStore. Please see chapter Exporting Emails for a description of the many options MailStore offers for email export.
| |
− | | |
− | '''Delete Email'''
| |
− | Only users with this privilege can delete emails from their user archives. Please keep in mind that this privilege should only be granted with great care, because legal requirements are hard, if not impossible, to meet if users are allowed to delete their emails independently. Once deleted, emails can only be recovered by restoring a MailStore backup.
| |
− | | |
− | '''Change Password'''
| |
− | Only users with this privilege can change their passwords independently in MailStore's ''Administrative Tools'' under ''Change Password''. Users without this privilege must use the password created by the administrator in user management (relevant with MailStore-integrated authentication).
| |
− | | |
− | '''Add, Modify and Delete Archive Profiles'''
| |
− | Users with this privilege can create and edit archiving profiles. Otherwise, users can only execute already existing archiving profiles. Additional information about this topic is available in the chapter Working with Archiving Profiles.
| |
− | | |
− | '''Add, Modify and Delete Export Profiles'''
| |
− | Users with this privilege can create and edit export profiles. Otherwise, users can only execute already existing export profiles.
| |
− | | |
− | == Folder Access (e.g. Access to the Emails of Other Users) ==
| |
− | | |
− | All main folders, which the current user has access to, are listed here. These folders correspond to the archives of individual MailStore users and contain all their archived emails. By default, users have only access to their own archives (to read and write, but not to delete). By clicking on ''Add New'', the main folder of another user can be added to the list of folders accessible by the current user. Then the type of access to be permitted has to be specified.
| |
− | | |
− | The following options are available:
| |
− | | |
− | *Full Access
| |
− | *Read
| |
− | *Write
| |
− | *Delete
| |
− | | |
− | From the users' perspective, the folders they have access to appear as entries in the folder structure of MailStore Client. Please refer to chapter The MailStore Folder Structure for more information.
| |
− | | |
− | Please keep in mind that users can archive emails independently only if they have write-access to their own folders.
| |
− | | |
− | == Overview of all Privileges Regarding Folder Access ==
| |
− | | |
− | To view all privileges regarding folder access, click on ''Administrative Tools'' and then on ''Privileges''.
| |
− | | |
− | [[File:umgm_privileges_02.png|center|400px]]
| |
− | | |
− | The first column shows all user archives, the second column shows the MailStore users that have access to the respective user archive, and the third column lists the type of access privilege (e.g. Read, Write).
| |
− | | |
− | = Storage Locations =
| |
− | | |
− | = Other =
| |