User accounts can be either defined manually or they can be imported from other sources:
from CSV files,
NT domains,
Active Directory,
Novell eDirectory.
If you use a Windows 2000 or Windows 2003 domain (Active Directory), it is easier to set Kerio Connect so that it cooperates directly with the Active Directory database (see chapter 10.1 Active Directory). When users are imported, local accounts are created in Kerio Connect. Therefore, when you are editing Active Directory (removing or adding users), the Kerio Connect configuration must also be edited (new user import or deleting an account).
Warning
It is recommended to enable the Directory Service Lookup option in the Debug log (for more information, see chapter 24.9 Debug log) before starting the import process. Logged information about the import process might help you where troubleshooting is necessary.
The button located below the user list is also a menu. This menu includes options of import from a directory service (NT domain, Active Directory, Novell eDirectory) or import/export from/to a CSV file. Select an option to open the user import dialog:
There is an option to import user accounts from CSV files. Data in the file must follow certain rules. Headlines of individual columns must correspond with Kerio Connect's items. The following items are supported:
Name — username (e.g.
jwayne). Required.Password — user password. Optional.
FullName — user's full name (e.g.
John Wayne). Optional.MailAddress — user's email address. Only the part preceding the at-sign should be inserted. Any number of email addresses is accepted (e.g.
jwayne,wayne,john,john.wayne). Optional.Groups — groups where the user is subscribed. Multiple groups are allowed. Optional.
Description — user's description. Optional.
Columns can be ordered as wish, there are no rules to be followed. It is also possible to leave some of them out (except the Name item).
When creating a file to be imported, bear in mind it is important that individual data items are separated by commas (,) or semicolons (;). If semicolons are used, the process is simpler. Create a table where standard item names (see above) are in caption and add corresponding data. Multiple items can be included in MailAddress and Groups. Individual email addresses and/or groups must be separated by commas:
Name;Password;FullName;Description;MailAddress;Groups abird;VbD66op1;Alexandra Bird;Development;abird;read,all abird;Ahdpppu4;Edward Wood;Sales;ewood,wood;sales,all mtaylor;SpoiuS158;Michael Taylor;Assistant;mtaylor,michael.taylor;all
If commas are used as separators, additional separators must be used for MailAddress and Groups items since commas used there as separators might collide with the other comma separators. Quotes ("...") or apostrophes ('...') can be used as separators:
Name,Password,FullName,Description,MailAddress,Groups abird,VbD66op1,Alexandra Bird,Development,abird,”read,all" ewood,Ahdpppu4,Edward Wood,Sales,”awood,wood”,”sales,all" mtaylor,SpoiuS158,Michael Taylor,Assistant,”mtaylor,michael.taylor”,all
Once a CSV file is created, follow these instructions:
Login to Kerio Connect administration.
In , click on and select the Import from CSV file option.
In the opened dialog, enter the file path (see figure 8.16 Import from a file — file selection).
Click on and wait until the file is uploaded. The User import dialog is opened providing a list of all users defined in the CSV file (see figure 8.17 Import from a file — imported users).
If problems occur regarding the upload, it might be caused by the following reasons:
The file is not saved in the CSV format.
Columns in the file are not labeled correctly. CSV file needs to include a line with captions including column names, otherwise Kerio Connect cannot read the data.
Correct version:
Name;Password;FullName;MailAddress silly;VbD66op1;Stephen Illy;silly ewood;Ahdpppu4; Edward Wood;ewood,wood
Wrong version:
silly;VbD66op1;Stephen Illy;silly ewood;Ahdpppu4;Edward Wood;ewood,wood
Separators are not used properly. Proper way of how to use separators is described above.
Check all users to be imported. Where many users are imported, the and buttons might be helpful.
— all users marked by the mouse pointer (using the
ShiftandCtrlkeys) will be checked.— clears selection.
Templates for email accounts can be selected and set in the Template menu. If there is no template to be set, keep the default settings.
For detailed information on templates and their application, see section 8.11 User Account Templates.
Confirm selection by clicking on .
Use the Import users from option to select a source from which users will be imported. Windows NT Domain is used in this case.
In this case, the only required parameter is the NT domain name. The computer which Kerio Connect is running on must be a part of this domain.
Do NOT import users this way if the domain controller runs on Windows 2000, Windows Server 2003 or Windows Server 2008! In such a case, import them from the Active Directory — see below.
Warning
Import of NT domain users works only if Kerio Connect is installed on the MS Windows platform.
Within the import of user accounts from the LDAP database with Kerio Connect, sensitive data may be transmitted (such as user passwords). It is possible to secure the communication by using an SSL encryption.
Use the Import users from option to select a source from which users will be imported. Active Directory is used in this case.
To import users from Microsoft Active Directory, you need to specify the following information:
Active Directory domain name — the name of the domain users will be imported from (the format is as in DNS domain — e.g.
domain.com)Import from server — the name of the server, on which Active Directory for this domain is running.
If a special port is specified for the LDAP(S) service, the port number can be added to the server name (e.g.:
mail1.company.com:12345).Login as user, Password — the username and password of the user who has an account open in the domain. Write access rights are not required for saving and changing settings.
LDAP filter — this item is available upon clicking on . This option allows to modify the request for LDAP server users will be imported from. It is recommended that only experienced programmers use this option. For details about the query syntax, see the instruction manual to your LDAP server.
Within the import of user accounts from the LDAP database with Kerio Connect, sensitive data may be transmitted (such as user passwords). It is possible to secure the communication by using an SSL encryption.
Use the Import users from option to select a source from which users will be imported. Novell eDirectory is used in this case.
To import users from Novell eDirectory, specify the following items:
NDS organization — the name of the organization users will be imported from
Import from server — the name of the server, on which the service for this domain is running.
If a special port is specified for the LDAP(S) service, the port number can be added to the server name (e.g.:
mail1.company.com:12345). Only Mac OS X includes the Secure connection (LDAPS) option.Login as user, Password — the username and password of the user who has an account open in the domain. Write access rights are not required for saving and changing settings.
LDAP filter — this item is available upon clicking on . This option allows to modify the request for LDAP server users will be imported from. It is recommended that only experienced programmers use this option. For details about the query syntax, see the instruction manual to your LDAP server.
Within the import of user accounts from the LDAP database with Kerio Connect, sensitive data may be transmitted (such as user passwords). It is possible to secure the communication by using an SSL encryption.
Once all conditions are met (valid login data has been entered, the server is available, etc.), click to view user list (see figure 8.21 Users selection for import):
Check users to be imported into Kerio Connect.
Templates for email accounts can be selected and set in the Template menu. If there is no template to be set, keep the default settings.
For detailed information on templates and their application, see section 8.11 User Account Templates.
Click on .
Note
If the users are imported from Active Directory, the platform on which Kerio Connect is running is not important.
Authentication type will be set for the users in accordance with where they were imported from: Windows NT Domain for the NT Domain users and Kerberos 5 for the Active Directory users.