Difference between revisions of "IceWarp Server Integration"

[unchecked revision][checked revision]
(Created page with "= Synchronizing User Accounts with an IceWarp Server User Database = In addition to adding users manually (which is described in chapter [[Users,_Folders_und_Settings#User_Ma...")
 
 
(19 intermediate revisions by 4 users not shown)
Line 1: Line 1:
= Synchronizing User Accounts with an IceWarp Server User Database =
+
{{DISPLAYTITLE:Synchronizing User Accounts with an IceWarp Server}}
 +
{{Directory Services Preamble|IceWarp Server}}
  
In addition to adding users manually (which is described in chapter [[Users,_Folders_und_Settings#User_Management|User Management]]), MailStore can synchronize its internal user database with an IceWarp Server User Database. For this, MailStore requires IceWarp Server API version 10.4 or newer.  
+
<p class="msnote">''Please note:'' For using this feature, IceWarp Server API 10.4 or newer is required.</p>
 
 
During synchronization, user information and email addresses are taken from the IceWarp Server user database and entered into MailStore. MailStore makes no changes to the IceWarp Server user database itself. Synchronization can be limited to individual or multiple domains and groups.
 
  
 
== Accessing the Directory Service Integration ==
 
== Accessing the Directory Service Integration ==
 +
{{Directory Services Accessing Configuration|IceWarp Server|Icewarp_sync_01.png}}
  
* Log on to MailStore Client as MailStore administrator.
+
== Connection to the IceWarp Server ==
* Click on ''Administrative Tools'' > ''Users and Privileges'' and then on ''Directory Services''.
+
For synchronization MailStore Server requires information on how to connect to the IceWarp Server.  
* Under ''Integration'' change the ''Directory Service Type'' to ''IceWarp Server''.
 
 
 
[[File:Icewarp_sync_01.png|center|450px]]
 
 
 
== Specifying Connection Settings ==
 
 
 
Before the synchronization feature can be used MailStore requires information on how to reach the IceWarp server.
 
 
 
* '''Server Name''' - Name or IP address of the IceWarp server. If you use a self-signed SSL certificate on the IceWarp server, please set a checkmark next to ''Ignore SSL Security Warnings''.
 
* '''User Name''' - Name of a user with administrative privileges.
 
* '''Password''' -  Password of the user with administrative privileges.
 
 
 
== Specifying Standard Privileges ==
 
 
 
Benutzer, die aus einem Verzeichnisdienst nach MailStore synchronisiert wurden, besitzen standardmäßig das Recht zum Anmelden am MailStore Server und haben Zugriff auf Ihr eigenes Benutzerarchiv.
 
 
 
Sie haben die Möglichkeit, die Standard-Berechtigungen vor dem Synchronisieren anzupassen, um z.B. allen neuen Benutzern das Recht ''E-Mails archivieren'' zu geben. Klicken Sie dazu  auf die Schaltfläche ''Standard-Berechtigungen...''.
 
 
 
Weitere Informationen über die Verwaltung von Benutzerrechten und deren Auswirkungen finden Sie im Kapitel [[Benutzer, Archive und Berechtigungen]]. Dort finden Sie auch Hinweise zum Anpassen existierender Berechtigungen.
 
 
 
== Durchführung der Synchronisierung ==
 
 
 
Nachdem Sie die Verbindungseinstellungen (wie oben beschrieben) angegeben haben, können Sie die MailStore-Benutzerliste mit der IceWarp Server-Benutzerdatenban abgleichen.
 
 
 
Die Synchronisierung kann auf eine oder mehrere Domänen und Gruppen beschränkt werden. Klicken Sie dazu auf die Schaltfläche neben dem ''Domänen und Gruppen''-Feld und setzten Sie die Häkchen vor die zu synchronisierenden Domänen und Gruppen. Ist keine Domänen oder Gruppe ausgewählt, werden alle Benutzer synchronisiert.
 
 
 
Klicken Sie auf ''Einstellungen überprüfen'', um zu sehen, was bei einem Klick auf ''Jetzt Synchronisieren'' passieren würde. Klicken Sie auf ''Jetzt Synchronisieren'' um zu starten.
 
 
 
[[File:Icewarp_sync_02.png|center|450px]]
 
 
 
= Anmeldung mit IceWarp Zugangsdaten =
 
  
In der Standardeinstellung verfügt jeder in MailStore angelegte Benutzer über ein Kennwort nur für MailStore. Dieses kann der MailStore-Administrator während der Einrichtung des Benutzers festlegen. Vom Benutzer selbst kann es hinterher in der ''Verwaltung'' des MailStore Client geändert werden. Sie können MailStore alternativ so konfigurieren, dass Benutzer sich mit Ihren IceWarp-Kennwörtern am MailStore Server anmelden können.
+
*'''Server Name'''<br/>DNS name of the IceWarp server. {{Option_Accept_all_certificates}}
 +
*'''User Name'''<br/>Name of a user with administrative privileges on the IceWarp server.
 +
*'''Password'''<br/>Password of that user.
 +
*'''Timout'''<br/>The timout value for IceWarp API requests. For large IceWarp Server user databases it may be necessary to increase this value.
  
== Vorgehensweise für Benutzer, die über die Synchronisierung mit der IceWarp Server-Benutzerdatenbank angelegt wurden ==
+
=== Synchronize ===
 +
After configuring the connection settings as described above, you can specify filter criteria for the IceWarp Server user database synchronization in this section.
  
Haben Sie wie im vorangegangenen Abschnitt beschrieben die MailStore-Benutzer per IceWarp Server-Verzeichnisdienst-Synchronisierung angelegt, brauchen Sie nichts weiter zu tun. In diesem Fall hat MailStore alle notwendigen Einstellungen bereits automatisch für Sie vorgenommen.
+
*'''Domains and Groups'''<br/>Choose one or more domains or groups to let only their members be created as MailStore Server Users. If no domains or groups are selected, all users will be synchronized.  
  
== Vorgehensweise für manuell angelegte Benutzer ==
+
{{Directory Services Options|IceWarp Server }}
 +
{{Directory Services Assign Default Privileges|an IceWarp Server }}
 +
{{Directory Services Run Synchronization|IceWarp Server }}
 +
[[File:ApplicationIntegration_sync_02.png|450px|center]]
  
Haben Sie MailStore-Benutzer manuell angelegt und möchten Sie, dass sich diese mit ihrem MIceWarp-Kennwort anmelden können, befolgen Sie bitte die folgenden Schritte:
 
  
* Konfigurieren Sie die IceWarp Server-Integration wie im Kapitel [[IceWarp_Server-Integration#Abgleich_der_Benutzerkonten_mit_einer_IceWarp_Server-Benutzerdatenbank|Abgleich der Benutzerkonten mit einer IceWarp Serve-Benutzerdatenbank]] beschrieben.
+
{{Directory Services Test Authentication}}
* Stellen Sie sicher, dass die MailStore-Benutzer den selben Namen tragen wie die entsprechenden Benutzer in der IceWarp Server-Benutzerdatenbank.
+
<p class="msnote">'''Important Notice:''' For authentication with the IceWarp Server to work, the respective MailStore Client has to be in a network that is trusted by the IceWarp Server.</p>
* Wählen Sie in den Benutzereigenschaften der Benutzer unter ''Authentifizierung'' die Option ''Verzeichnisdienste''.
+
{{Directory Services Login with Directory Services Credentials|IceWarp Server}}
 
[[File:Icewarp_sync_03.png|center|400px]]
 
  
 +
[[de:IceWarp_Server-Integration]]
 
[[en:IceWarp_Server_Integration]]
 
[[en:IceWarp_Server_Integration]]

Latest revision as of 16:25, 7 December 2020

In addition to adding users manually as described in chapter User Management, MailStore Server can synchronize its internal user database with the IceWarp Server of your organization.

During synchronization, user information, such as user names and email addresses, is copied from the IceWarp Server into MailStore Server's user database. That way, users can use their IceWarp Server credentials to also log on to MailStore Server and emails can be assigned to their corresponding user archives automatically, for example. No changes are made to the IceWarp Server itself by MailStore Server. The scope of the synchronization can be limited through filters.


Please note: For using this feature, IceWarp Server API 10.4 or newer is required.

Accessing the Directory Service Integration

  • Log on to MailStore Client as a MailStore Server administrator.
  • Click on Administrative Tools > Users and Archives > Directory Services.
  • In the Integration section, change the directory service type to IceWarp Server.
Icewarp sync 01.png


Connection to the IceWarp Server

For synchronization MailStore Server requires information on how to connect to the IceWarp Server.

  • Server Name
    DNS name of the IceWarp server. If the certificate provided by the remote host cannot be verified (e.g. self-signed or signed by an unknown certificate authority), enable the option Accept all certificates to allow MailStore to establish a connection. As this option leads to an insecure configuration, warnings may appear in the summary and/or the dashboard.
  • User Name
    Name of a user with administrative privileges on the IceWarp server.
  • Password
    Password of that user.
  • Timout
    The timout value for IceWarp API requests. For large IceWarp Server user databases it may be necessary to increase this value.

Synchronize

After configuring the connection settings as described above, you can specify filter criteria for the IceWarp Server user database synchronization in this section.

  • Domains and Groups
    Choose one or more domains or groups to let only their members be created as MailStore Server Users. If no domains or groups are selected, all users will be synchronized.

Options

  • Automatically delete users in MailStore Server
    Here you can choose whether users that have been deleted in the IceWarp Server will also be deleted in the MailStore Server user database by the synchronization. Users will also be deleted if they fall out of scope of the configured settings.
    Only MailStore Server users that have their authentication method set to Directory Services will be deleted.
    If the archive folder of such a user already contains archived emails, only the user entry but not its archive folder will be deleted in MailStore Server.

Assigning Default Privileges

By default, users that have been synchronized to MailStore Server from an IceWarp Server have the privilege to log on to MailStore Server as well as read access to their own user archive.
You can configure those default privileges before synchronization, for example, to assign the privilege Archive E-mail to all new users. To do this, click on Default Privileges...
More information on managing user privileges and their effects is available in the chapter Users, Folders and Settings which also has details on editing existing privileges.

Running Directory Services Synchronization

Click on Test Settings to check synchronization configuration and the results returned by the IceWarp Server without any changes to the MailStore Server user database being actually committed.

To finally run the synchronization, click on Synchronize now. The results are shown with any changes committed to the MailStore Server user database.

ApplicationIntegration sync 02.png


You can test the authentication for a user by first selecting him from the list and then clicking on the button on the lower left. You will now be asked for that user's password. Upon clicking OK you'll receive a message whether the authentication has been successful.

Important Notice: For authentication with the IceWarp Server to work, the respective MailStore Client has to be in a network that is trusted by the IceWarp Server.

Login with IceWarp Server Credentials

After synchronization MailStore users can log on to MailStore Server with their IceWarp Server username and IceWarp Server password.