Authenticate against Windows domain: Local and Remote
This facility, operational on WindowsNT and Windows Server editions, enables Mailtraq to access the operating system user database to perform automatic account creation and password verification against an Active Directory or NT Domain hosted on the same machine (Local).
This method requires an Active Directory or NT Domain hosted on the same machine (Local).
For non-local authentication see: Remote
Set up method
Active Directory integration is a User Section operation and is accessed from the Console:
Users, right-click Context menu: [NT Users]
If the Auto Create User checkbox is enabled and the Authorize via User Database checkbox is enabled in the User Properties, Properties-tab then Mailtraq will perform User password verification via the Windows domain.
Older versions of Mailtraq access this dialog from Options | Users - User Manager.
Auto Create User Accounts...
Enable this and specify the NT Domain which to be used for Mailtraq to create a user and associated mailbox when verified credentials are provided by the operating system which do not match an existing Mailtraq account. If password verification is enabled in the properties of a user, Mailtraq user password verifications and Mailtraq mailslot password verifications for that user are performed against the specified NT Domain.
Mailtraq must either be running as a service or be run under an account with the SE_TCB_NAME privilege (Right "Act as part of the operating system" in User Manager) to access the NT features. In practice this means that Mailtraq must be installed on the same machine as the AD server.
A registry entry can be used to force Mailtraq to authenticate against a specific NT domain.
Define user template
It is important to create and define a 'template' user with the privileges and mailbox settings you want before you auto create users. This will save you a lot of manual work.
This method (available from build 22.214.171.12436) allows Mailtraq to authenticate against Active Directory or LDAP hosted on a machine other than itself.
Select the Users | Import Users... option.
You can opt to use this wizard in 'Update' mode if you wish to work with an existing Mailtraq user base, rather than import a new user base.
The wizard allows you to specify the authentication login to the remote server with the necessary privileges to obain a list of users.
The "Directory Domain" must be in the DNS format (host.example.com)
not the LDAP format (dc=host,dc=example,dc=com).
Secondly, the Account Name must match the name of the account on the directory, specifically an unqualified name. For example, "jsmith" not "email@example.com" or "HOST\jsmith".
License size limits
You cannot import more users into Mailtraq than your overall license size. If you try to import 'all' from a AD server with a larger number of users than your license an error will occur.
If you are trialing Mailtraq and wish to test this feature and need a larger license,
please contact us
Pay attention to the User Template and Mailbox Template that you select.
Think particularly about Archiving and Indexing settings as these can impact storage and efficiency over the long term. Review the information available in the Mailbox Services section.
Traditional Console view