8.9  Import Users

User accounts can be either defined manually or they can be imported from other sources:

If you use a Windows 2000 or windows 2003 domain (Active Directory), it is easier to set Kerio MailServer so that it cooperates directly with the Active Directory database (see chapter 10.1  Active Directory). When users are imported, local accounts are created in Kerio MailServer. Therefore, when you are editing Active Directory (removing or adding users), the Kerio MailServer configuration must also be edited (new user import or deleting an account).

Warning

It is recommended to enable the Directory Service Lookup option in the Debug log (for more information, see chapter 25.9  Debug log) before starting the import process. Logged information about the import process might help you where troubleshooting is necessary.

The Import button located below the user list is also a menu. This menu includes options of import from a directory service (NT domain, Active Directory, Novell eDirectory) or import from a CSV file. Select an option to open the user import dialog:

Import from a file

There is an option to import user accounts from CSV files. Data in the file must follow certain rules. Headlines of individual columns must correspond with Kerio MailServer's items. The following items are supported:

  • Name — username (e.g. jwayne). Required.

  • Password — user password. Optional.

  • FullName — user's full name (e.g. John Wayne). Optional.

  • MailAddress — user's email address. Only the part preceding the at-sign should be inserted. Any number of email addresses is accepted (e.g. jwayne, wayne, john, john.wayne). Optional.

  • Groups — groups where the user is subscribed. Multiple groups are allowed. Optional.

  • Description — user's description. Optional.

Columns can be ordered as wish, there are no rules to be followed. It is also possible to leave some of them out (except the Name item).

When creating a file to be imported, bear in mind it is important that individual data items are separated by commas (,) or semicolons (;). If semicolons are used, the process is simpler. Create a table where standard item names (see above) are in caption and add corresponding data. Multiple items can be included in MailAddress and Groups. Individual email addresses and/or groups must be separated by commas (see table 8.1  Imported data — items separated by semicolons).

Name Password FullName Description MailAddress Groups
wsmith VbD66op1 Winston Smith Developer wsmith read-only,all
wsmith Ahdpppu4 Winston Smith Sales wsmith,smith sales, all
amonroe SpoiuS158 Ada Monroe GM's Assistant amonroe,ada.monroe all
psycho pfgzInI1 Peter Sycho General Manager psycho,sycho all,sales

Table 8.1. Imported data — items separated by semicolons


If commas are used as separators, additional separators must be used for MailAddress and Groups items since commas used there as separators might collide with the other comma separators. Quotes ("...") or apostrophes ('...') can be used as separators. In table 8.2  Imported data — items separated by commas, quotes are used.

Name Password FullName Description MailAddress Groups
wsmith VbD66op1 Winston Smith Developer wsmith "read, all"
wsmith Ahdpppu4 Winston Smith Sales "wsmith,smith" "sales, all"
amonroe SpoiuS158 Ada Monroe GM's Assistant "amonroe,ada.monroe" "all"
psycho pfgzInI1 Peter Sycho General Manager "psycho,sycho" "all,sales"

Table 8.2. Imported data — items separated by commas


Once a CSV file is created, follow these instructions:

  1. Run the Kerio Administration Console.

  2. In Domain Settings → User Accounts, click on Import and select the Import from CSV file option.

  3. This opens a dialog (see figure 8.17  Import from a file — file selection) where file path and encoding type which will be used for saving (generally, the default Local (System) option can be kept) can be set.

    Import from a file — file selection

    Figure 8.17. Import from a file — file selection


  4. Click on OK and wait until the file is uploaded. The User import dialog is opened providing a list of all users defined in the CSV file (see figure 8.18  Import from a file — imported users).

    If problems occur regarding the upload, it might be caused by the following reasons:

    • The file is not saved in the CSV format.

    • Columns in the file are not labeled correctly. CSV file needs to include a line with captions including column names, otherwise Kerio MailServer cannot read the data.

      Correct version:

      Name;Password;FullName;MailAddress
      silly;VbD66op1;Stephen Illy;silly
      ewood;Ahdpppu4; Edward Wood;ewood,wood
      

      Wrong version:

      silly;VbD66op1;Stephen Illy;silly
      ewood;Ahdpppu4; Edward Wood;ewood,wood
      
    • Separators are not used properly. Proper way of how to use separators is described above.

    Import from a file — imported users

    Figure 8.18. Import from a file — imported users


  5. Check all users to be imported. Where many users are imported, the Check selected and Uncheck selected buttons might be helpful.

    • Check selected — all users marked by the mouse pointer (using the Shift and Ctrl keys) will be checked.

    • Uncheck selected — clears selection.

  6. Templates for email accounts can be selected and set in the Template menu. If there is no template to be set, keep the default settings.

    For detailed information on templates and their application, see section 8.10  User Account Templates.

  7. Confirm selection by clicking on OK.

NT Domain

Use the Import users from option to select a source from which users will be imported. Windows NT domain (Windows NT 4.0) is used in this case.

In this case, the only required parameter is the NT domain name. The computer which Kerio MailServer is running on must be a part of this domain.

Do NOT import users this way if the domain controller runs the Windows 2000, XP or 2003 Server operating system! In such a case, import them from the Active Directory — see below.

Warning

Import of NT domain users works only if Kerio MailServer is installed on the MS Windows platform.

Import users from NT Domain

Figure 8.19. Import users from NT Domain


Within the import of user accounts from the LDAP database with Kerio MailServer, sensitive data may be transmitted (such as user passwords). It is possible to secure the communication by using an SSL encryption.

Active Directory

Use the Import users from option to select a source from which users will be imported. Active Directory (Windows 2000/2003) is used in this case.

To import users from  Microsoft Active Directory, you need to specify the following information:

  • Active Directory domain name — the name of the domain users will be imported from (the format is as in DNS domain — e.g. domain.com)

  • Import from server — the name of the server, on which Active Directory for this domain is running.

    If a special port is specified for the LDAP(S) service, the port number can be added to the server name (e.g.: mail1.company.com:12345).

  • Login as user, Password — the username and password of the user who has an account open in the domain. Write access rights are not required for saving and changing settings.

  • LDAP filter — this item is available upon clicking on Advanced. This option allows to modify the request for LDAP server users will be imported from. It is recommended that only experienced programmers use this option. For details about the query syntax, see the instruction manual to your LDAP server.

  • Within the import of user accounts from the LDAP database with Kerio MailServer, sensitive data may be transmitted (such as user passwords). It is possible to secure the communication by using an SSL encryption.

Import users from Active Directory

Figure 8.20. Import users from Active Directory


Novell eDirectory

Use the Import users from option to select a source from which users will be imported. Novell eDirectoryis used in this case.

To import users from Novell eDirectory, specify the following items:

Import users from Novell eDirectory

Figure 8.21. Import users from Novell eDirectory


  • NDS organization — the name of the organization users will be imported from

  • Import from server — the name or the IP address of the server, on which the service for this domain is running.

    If a special port is specified for the LDAP(S) service, the port number can be added to the server name (e.g.: mail1.company.com:12345). Only Mac OS X includes the Secure connection (LDAPS) option.

  • Login as user, Password — the username and password of the user who has an account open in the domain. Write access rights are not required for saving and changing settings.

  • LDAP filter — this item is available upon clicking on Advanced. This option allows to modify the request for LDAP server users will be imported from. It is recommended that only experienced programmers use this option. For details about the query syntax, see the instruction manual to your LDAP server.

  • Within the import of user accounts from the LDAP database with Kerio MailServer, sensitive data may be transmitted (such as user passwords). It is possible to secure the communication by using an SSL encryption.

User selection

Once all conditions are met (valid login data has been entered, the server is available, etc.), click OK to view user list (see figure 8.22  Users selection for import):

Users selection for import

Figure 8.22. Users selection for import


  1. Check users to be imported into Kerio MailServer.

  2. Templates for email accounts can be selected and set in the Template menu. If there is no template to be set, keep the default settings.

    For detailed information on templates and their application, see section 8.10  User Account Templates.

  3. Click on OK.

Note:

  • If the users are imported from Active Directory, the platform on which Kerio MailServer is running is not important.

  • Authentication type will be set for the users in accordance with where they were imported from: Windows NT Domain for the NT Domain users and Kerberos 5 for the Active Directory users.