Identity Manager CzechIdM can manage various types of data like filesystems, domain accounts, business systems and also mail server. This article will focus on managing mail server using CzechIdM.
What is it mailserver?
Mail servers are used to proccess e-mails. They can receive them but also forward them to another mail server mainly using the internet. Anyone can get their own e-mail address in the form firstname.lastname@example.org and password. These credentials are used to access mail client – web interface running on the server (webmail) or standard client installed on our pc (Mozilla Thunderbird, Microsoft Outlook etc.). After successful authentication and login client download messages from the server and display them to user. Whether for security (data remain on the company’s servers) or organizational reasons companies often run their own mail servers. With this solution there is new concern for companies – someone must take care about e-mail accounts created on the mail server which takes often a lot of administrators extra time. How to get out of this?
How can CzechIdM help you
CzechIdM can handle accounts on mail server centrally, securely and automatically. All accounts can be created automatically without the intervention of an administrator. For example, with arrival of a new employee can be created their account in company’s personal system. Accounts can be managed via CzechIdM interface. CzechiIdM has really easy graphic interface so special knowledge about mail servers or technologies running on the server is not needed from administrators. You can see example situation on the image below.
Creating account on mail server
Let’s try to create account on mail server. First login to CzechIdM administrator interface and then go to the Users section. From the list of identities we can see that there is only one identity created – identity for user with login name jan.novak. User still doesn’t have account on mail server. Let’s create it. Click on edit link in the row with this user.
Now you can see user edit form. Click on “User’s role and controlled organisations” tab. CzechIdM is role-based system. Access to each system can be granted by assigning the role to identity. On the image below we can see that identity jan.novak doesn’t have assigned any role. Click on “Assign role” button.
The role that we’re looking for is in our example called “Roundcube user”. This role represents user account on mail server. Let’s click on “Add” link in the row with this user.
Now we can see the role “Roundcube user” in the list of roles assigned to identity jan.novak. To save this change we must save form by clicking on “save” button.
The displayed message informs us about succesfully assigned role to identity jan.novak and sucessfully created user account on mail server.
Our sample mail server keeps users in simple MySQL table. The list of existing users in this table can be shown directly in CzechIdM. To do that we must go to the “Systems” section and find mail server system in the shown list of connected systems (in our example it’s “Roundcube database (JDBC connector)”).
Click on the link “Show accounts” in the row with this system. Now we can see all existing accounts. In our example it’s just one user – jan.novak.
As we wrote above, users accounts are stored in easy mysql table so we can also verify existence of account using simple SQL command:
mysql> select * from users; +-----------+--------------+----------------------------------+ | userid | domain | password | +-----------+--------------+----------------------------------+ | jan.novak | czechidm.tld | d41d8cd98f00b204e9800998ecf8427e | +-----------+--------------+----------------------------------+ 1 rows in set (0.00 sec)
We can see that account of user jan.novak really exists in this MySQL table. Let’s try to login to webmail client with this new account.
Enter the user credentials and click to “Login” button. In our example have all users e-mail address in form email@example.com. We can see that user were succesfully created. Mailbox is empty because it’s a new user account.
We have seen that user account can be created in a few clicks without special knowledge of technologies running on the server. Simply we can also block, delete show info about accounts.
In this article we described how can CzechIdM help you to manage mail servers. If you found this article interesting, feel free to contat us at firstname.lastname@example.org.