Kerio Connect Integration
Synchronizing User Accounts with a Kerio Connect User Database
In addition to adding users manually (as described in chapter User Management), MailStore can synchronize its internal user database with a Kerio Connect user database.
During synchronization, user information and email addresses are taken from the Kerio Connect user database and entered into MailStore. MailStore makes no changes to the Kerio Connect user database itself, and the synchronization can be limited to one or more individual domains and groups.
Accessing the Directory Service Integration
- Log on to MailStore Client as MailStore administrator.
- Click on Administrative Tools > Users and Privileges and then on Directory Services.
- Under Integration, change the Directory Service type to Kerio Connect.
Specifying Connection Settings
Before the synchronization feature can be used, MailStore Server needs information on how the Kerio Connect server can be reached:
- Server Name - The Name or the IP address of the Kerio Connect server. If you are using a self-signed SSL certificate on the Kerio Connect server, please check the checkbox Ignore SSL Security Warnings.
- User Name – The name of a user with administrative privileges.
- Password – The password of the user with administrative privileges.
Specifying Standard Privileges
By default, users who were synchronized to MailStore from a directory service can log on to MailStore Server and have access to their own user archive. Before synchronization, you can modify these standard privileges to give all new users the Archive Emails privilege, for example. To do so, click on the Standard Privileges… button.
Additional information about managing user privileges and their effects is available in chapter Users, Folders and Settings. There you can also find tips on how to customize existing privileges.
Performing the Synchronization
Once the connection settings have been specified (as described above), you can synchronize the MailStore user list with the Kerio Connect user database.
To limit synchronization to one or more domains and groups, click on the button next to the domains and groups field and put a checkmark in front of the groups to be synchronized. If no domain or group is selected, all users will be synchronized.
Click on Verify Settings to see what happens when clicking Synchronize Now. Click on Synchronize Now to start.
Login with Kerio Connect Access Data
By default, each MailStore user has a password exclusively for MailStore. The MailStore administrator specifies the password upon creation of the user account while the user can later change it via MailStore Client’s Administrative Tools. Alternatively, you can configure MailStore to allow users to log in to MailStore Server using their Kerio Connect passwords.
Before users can log in to MailStore Server using their Kerio Connect access data, the following settings must be specified under Authentication:
- Kerio IMAP Server – Enter the IP address or the host name of the Kerio Connect server against which authentication is to be performed.
- IMAP Server Access – Specify if the connection to the IMAP server is to be unencrypted or IMAP-TLS/IMAP-SSL encrypted.
- Only when using IMAP-TLS and IMAP-SSL: Activate the option to Ignore SSL Security Warnings if an unofficial certificate is used on the Email server. Otherwise, authentication will permanently fail.
Important Notice: If Kerio Connect is configured to authenticate users against an Active Directory or if the passwords are stored as SHA hashes, you must disable CRAM-MD5 and DIGEST-MD5 under Configuration > Advanced Options > Security Policy to make the above configuration work. Otherwise users will not be able to log in to MailStore.
Procedure for Users Who Were Added Via Synchronization with the Kerio Connect User Database
If MailStore users were added via Kerio Connect directory service synchronization as described in the previous section, no further action is required. MailStore has already specified all necessary settings automatically.
Procedure for Manually Added Users
If MailStore users were added manually, and if these users are to be able to log in using their Kerio Connect password, please proceed as follows:
- Configure the Kerio Connect Integration as described in chapter Synchronizing User Accounts with a Kerio Connect User Database
- Make sure that the MailStore users have the same name as the corresponding users in the Kerio Connect user database.
- In the user properties under Authentication, choose Directory Services.