Difference between revisions of "Template:Directory Services Kerio Connect Authentication"

[unchecked revision][unchecked revision]
 
Line 3: Line 3:
 
   
 
   
 
*'''Kerio IMAP Server'''<br/>Enter the IP address or the DNS name of the Kerio Connect server against which authentication should be performed.
 
*'''Kerio IMAP Server'''<br/>Enter the IP address or the DNS name of the Kerio Connect server against which authentication should be performed.
*'''IMAP Server Access'''<br/>Configure the connection protocol. Be aware that IMAP servers often expect the connection to be encrypted (IMAP-TLS, IMAP-SSL). Additionally activate the ''Ignore SSL warnings'' option if a self-signed or non-public certificate is used on the email server
+
*'''IMAP Server Access'''<br/>Configure the connection protocol. Be aware that IMAP servers often expect the connection to be encrypted (IMAP-TLS, IMAP-SSL). {{Template:Option_Accept_all_certificates}}
  
 
<p class="msnote"><span style="color: red">'''Important Notice:'''</span> If your Kerio Connect users authenticate against an Active Directory or if you store the passwords as SHA hashes, you must disable ''CRAM-MD5'' and ''DIGEST-MD5'' under ''Configuration'' > ''Advanced Options'' > ''Security Policy'' in your Kerio Connect Server. Otherwise users will not be able to log on to MailStore.</p>
 
<p class="msnote"><span style="color: red">'''Important Notice:'''</span> If your Kerio Connect users authenticate against an Active Directory or if you store the passwords as SHA hashes, you must disable ''CRAM-MD5'' and ''DIGEST-MD5'' under ''Configuration'' > ''Advanced Options'' > ''Security Policy'' in your Kerio Connect Server. Otherwise users will not be able to log on to MailStore.</p>
 
<noinclude>[[de:Includes:Anmeldung_mit_Verzeichnisdienst-Zugangsdaten_Kerio_Optionen]]</noinclude>
 
<noinclude>[[de:Includes:Anmeldung_mit_Verzeichnisdienst-Zugangsdaten_Kerio_Optionen]]</noinclude>

Latest revision as of 16:03, 7 December 2020

Authentication

As the Kerio Connect API only support synchronization, but not authentication of users, MailStore allows authenticate users via an IMAP login. To achieve this, you have to configure the following settings in the Authentication section:

  • Kerio IMAP Server
    Enter the IP address or the DNS name of the Kerio Connect server against which authentication should be performed.
  • IMAP Server Access
    Configure the connection protocol. Be aware that IMAP servers often expect the connection to be encrypted (IMAP-TLS, IMAP-SSL). If the certificate provided by the remote host cannot be verified (e.g. self-signed or signed by an unknown certificate authority), enable the option Accept all certificates to allow MailStore to establish a connection. As this option leads to an insecure configuration, warnings may appear in the summary and/or the dashboard.

Important Notice: If your Kerio Connect users authenticate against an Active Directory or if you store the passwords as SHA hashes, you must disable CRAM-MD5 and DIGEST-MD5 under Configuration > Advanced Options > Security Policy in your Kerio Connect Server. Otherwise users will not be able to log on to MailStore.