Email, events, notes, contacts and tasks are stored in Kerio MailServer. Therefore, they are available via the Internet from anywhere. You can connect either by MS Outlook, by Kerio WebMail or via another email client.
MS Outlook can be switched to offline mode. This implies that you can manage your email items also from home or on your business trips. This means that your email can be managed even there where the Internet connection is too slow or there is no connection at all. After reconnection to the Internet (switching to online mode), Kerio Outlook Connector (Offline Edition) synchronizes all changes with the mailserver and sends mail from Outbox. The description indicates that this feature will be used mainly by notebook users. For email management anywhere, simply open the MS Outlook and start working.
Kerio Outlook Connector (Offline Edition) supports folder management. In MS Outlook, it is possible to create hierarchized folder trees of any depth. Folder sharing, viewing of shared folders and other features are also supported.
In calendars, meeting scheduling and, in task folders, assigning of tasks to other persons are supported.
Kerio Outlook Connector allows setting of rules for incoming email. These rules are stored at the server, so they are applied globally — i.e. mail will be sorted in the same way in Kerio WebMail and other email clients.
Kerio Outlook Connector provides a proprietary antispam strategy.
Kerio Outlook Connector allows searching in message bodies.
Kerio Outlook Connector provides support for message grouping.
Kerio Outlook Connector (Offline Edition) can be installed on the terminal server.
Note: The chapter describes settings in MS Outlook 2007. It can, therefore, slightly differ on older versions of MS Outlook.
For correct functioning of the module, the HTTP(S) service must be running in Kerio MailServer — this protocol is used for any traffic from and to Kerio MailServer.
Kerio Outlook Connector is localized for the languages listed in table 33.1 Supported languages.
Table 33.1. Supported languages
Language of the Kerio Outlook Connector is set automatically in accordance with the language version set in MS Outlook. If a language set MS Outlook is not available in the Kerio Outlook Connector, English is used automatically.
Specific options and settings in MS Outlook are focused in the Kerio MailServer 6, User's Guide).
Windows Vista (32 and 64 bits) with the recent Service Pack installed
Installation of the Kerio Outlook Connector can be run with the following versions of MS Outlook:
MS Outlook XP + version Service Pack 3 (the version of Outlook XP must have this format:
MS Outlook 2000 + Service Pack 3 (if the service pack is not installed, Kerio Outlook Connector installation cannot be started)
MS Outlook 2007 + Service Pack 1
Kerio Outlook Connector (Offline Edition) requires Internet Explorer 6.0 or higher.
Kerio Outlook Connector (Offline edition) communicates with the server via the MAPI based on HTTP(S) protocol. Therefore, it is necessary to run HTTP(S) service on the server and map the corresponding port(s) on the firewall protecting the server.
Installation wizard is used for the Kerio Outlook Connector installation. Once the installation is completed, it is necessary to set a profile and an email account explicitly.
MS Outlook must be installed on the computer prior to the Kerio Outlook Connector (Offline Edition) installation, otherwise the application will not function properly.
When the upgrade or downgrade of MS Outlook is performed, Kerio Outlook Connector must be reinstalled manually.
In the majority of cases, upgrade from Kerio Outlook Connector to Kerio Outlook Connector (Offline Edition) is smooth. At the beginning of the installation, a convertor is started which converts all Kerio profiles of the particular user to profiles for Kerio Outlook Connector (Offline Edition). If the station is connected to the Internet, Kerio Outlook Connector (Offline Edition) local database is created automatically and updated..
If a workstation is used by multiple users, install the program once and then run the convertor () for each user.
In such cases profiles are converted, but they must be finished upon connecting to the server:
In the profiles dialog (), select the Kerio profile and click on .
In the wizard, click on.
On the following page, double-click on the Kerio account and confirm settings by the Kerio Outlook Connector (Offline Edition) profile is then finished automatically.button. Conversion to
This procedure must be taken for each profile with Kerio account.
The user profile is a file where personal information in MS Outlook is stored. In MS Outlook, any number of user profiles can be created. Using of multiple user profiles is essential especially in the following situations: Either the computer is accessed by multiple users and each of them needs his/her own email address and personal settings or a user can access multiple mailboxes and wants to use different personal settings for each of them. In other cases, one profile for one or more email accounts is sufficient.
Settings for a new profile can be configured in themenu:
In the Email Settings dialog, select the Profiles button.
Click on thebutton to create a new profile and enter its name. Any name can be used.
This opens the email account wizard, where a new account can be created. In the dialog, simply enable the Manually configure server settings or additional server types option.
In the Choose e-mail service dialog, select the Other option and enable Kerio MailServer (KOC Offline Edition) (see figure 33.1 New account settings — e-mail service selection). Click on .
On the Accounts tab set basic parameters for connection to the mailserver (see figure 33.2 New account settings):
DNS name or IP address of the mailserver.
This option allows using the NTLM authentication. When checked, users are not required to set usernames and passwords — the authentication against the Active Directory domain will be used instead authentication through username and password.
In order for the NTLM authentication to be functional, both the computer as well as the user account have to be parts of the domain used for authentication.
NTLM (SPA) can be used only if Kerio MailServer is installed on Windows operating systems.
Username used for logging to the MailServer. If the user does not belong to the primary domain, a complete email address is required (
Press the Kerio MailServer works properly. If the test is finished successfully, a corresponding User Name and Email Address are automatically filled in.button to test if correct user data has been specified and if the connection to
Settings on the Server Details tab depend on security policy set on the server. By default, any traffic between Kerio MailServer and MS Outlook is secured by SSL. It is highly recommended to not change these settings.
SSL-secured traffic requires installation of an SSL certificate issued by a trustworthy certification authority.
The main benefit of this tool is that, by using a simple script, user profiles can be created in batches. Guidelines for ProfileCreator are provided in the following sections.
ProfileCreator is a tool for Windows started from the command line. It is located in the directory where the Kerio Outlook Connector is installed. It can be started by command
ProfileCreator.exe. When the command is used, guidelines for Profile Creator are displayed.
ProfileCreator can be run in two basic modes different in authentication type:
Authentication by username and password:
PROFILECREATOR /profile=<profile> /host=<host> /user=<user> [/password=<password>] [/port=<port>] [/tlimit=<tlimit>] [/quiet] [/nossl] [/nocompression] [/offline] [/rename]
Authentication by SPA (Secure Password Authentication):
PROFILECREATOR /profile=<profile> /host=<host> /spa [/port=<port>] [/tlimit=<tlimit>] [/quiet] [/nossl] [/nocompression] [/offline] [/rename]
Note: Options in square brackets are optional.
Table 33.2 ProfileCreator options provides brief guidelines for the tool's options.
|The option show the help.|
|Name of the profile to set.|
|DNS name of the computer where the Kerio MailServer is running.|
|Username used in Kerio MailServer.|
|Password used in Kerio MailServer.|
|This option should be used if the HTTP(S) protocol is running on a non-standard port.|
|This option sets a timeout for the HTTP session. It is recommended to increase the value in case your connection is slow. The 180 ms value is used as default.|
|This option suppresses any reports in the command line.|
|This option denies secured SSL.|
|This option disallows compression of HTTP data.|
|During creation of the profile, MS Outlook will not attempt to connect to Kerio MailServer. It attempts to connect upon its first startup. This option is recommended especially if you are not sure whether your Kerio MailServer is available during the configuration.|
|By default, the username of the particular user is used for profile name. The |
|This option can be used if the user of the client host authenticates to NT domain. This allows the client software to use the same authentication credentials as the ones for logging into a domain.|
Table 33.2. ProfileCreator options
Use of ProfileCreator will be better understood through the following examples:
MS Outlook is installed on client stations. A user installs the Kerio Outlook Connector and runs ProfileCreator in order to create an email profile and set the initial configuration of the Kerio account.
Users or the administrator can simply install the Kerio Outlook Connector and get the Integration with Windows configured automatically. To open the Integration with Windows page, enter the following URL address in your browser:
or use a browser to open the Kerio WebMail's welcome page and click on the Integration with Windows link.
The first option offered here is download of the Kerio Outlook Connector. Download and install it, following the instructions provided in section 33.1.1 Manual installation on a user's workstation. Now click on Click here to auto-configure Kerio Outlook Connector and run the file (some browsers open the file directly, some only download it and it is then necessary to run it manually). The script created a profile called Kerio. If there already exists such a profile, the name will be Kerio.001, etc.
No MS Outlook or Kerio Outlook Connector is installed on user workstations. Everything will be installed remotely by using Active Directory services.
This option is useful for companies which use Active Directory, map user accounts from the directory service to Kerio MailServer and want to install the Kerio Outlook Connector (Offline Edition) as an MSI package remotely on user workstations. This is a standard option provided by Microsoft Corporation's servers. Upon completion of installation of both applications, it is possible to set a new profile in MS Outlook and preset the Kerio account remotely. Then, users can simply authenticate by the password for their Kerio MailServer mailbox (unless NTLM authentication is used) within their first connection, without the need to enter their username or Kerio MailServer address.
Before you start distributing your MSI packages, prepare the following:
The Kerio Outlook Connector (Offline Edition) MSI package.
MS Outlook installed on user workstations. If users have not started using MS Outlook yet, they can also install it remotely, following the guidelines for installation of the Kerio Outlook Connector.
User accounts must be located in the Active Directory.
If you want to create your own script, the conditions listed above will be sufficient. If you want to use our script, you will need to set also the following conditions:
On the domain server, installed the Kerio Active Directory Extension if not installed yet.
It is required that a working Kerio MailServer is installed in the network and user accounts are mapped there from the Active Directory domain (for detailed information on mapping, see chapter 10 Mapping users from directory services).
The following text describes a widespread way of MSI package distribution. If you have already done this and you are sure in how to install files on user workstations remotely, you can skip this section.
The guidelines provided below will help you to install both MS Outlook and the Kerio Outlook Connector. If you want to install both packages, bear in mind that MS Outlook must be installed on the computer prior to the Kerio Outlook Connector.
On any computer available through a network, create a new directory. Set access rights to this directory so that all domain users have read only rights (right-click to open the context menu, select the Share option and set rights on the Sharing and Security tabs).
Copy or move the Kerio Outlook Connector MSI package to the new directory.
Check availability of the package from any client computer.
On the domain server, go to.
In that menu, set policy for MSI package installation. The policy can be set either for the entire domain or it is possible to create an organization unit for selected users.
To create a new organization item, follow these instructions:
Right-click on the domain name and selectin the context menu.
Enter a name for the new organization item and save it by clicking on.
Right-click on the domain name or on the new organization item and select the Properties option in the menu. In the dialog just opened, switch to the Group Policy tab. Click on and enter a name for the new group policy (see figure 33.3 The Group Policy dialog).
Click on(the new item must be selected) to open the group policy editor.
Go to the new group policy under.
Right-click on Software Installation and select the option.
Enter the UNC path to the package (e.g.
Select a deployment method (see figure 33.4 The Deployment Method dialog). You can use any of the offered options, but it is recommended to select Assigned.
Published — user can decide on whether to install the program or not. Installation of the application is offered automatically.
Assigned — the installation is started automatically upon the first logon..
After installation of the Kerio Outlook Connector from the MSI package, user profiles and Kerio accounts must be created for each user. As this cannot be done immediately upon the installation, it is necessary to create a user logon script along with the installation:
Go to the policy section of the group which was created for the Kerio Outlook Connector installation and select option . Double-click on the Logon.
Click onand then on in the next dialog.
Right-click in the window to display the context menu and select 33.5 Creating the configuration script).(see figure
Rename the file, using the
.BAT extension (e.g.
Check that all Active Directory users have read rights (right-click on the file and click on Properties and in the Security dialog add the domain user group).
Right-click on the file and select Edit in the context menu.
This opens the Notepadwhere you can prepare the configuration script. If you are not sure how to make such a script, read the reference script example provided below.
Once you make the script, save it and click on.
Note: If you the reference script, in Script Parameters enter the address where your Kerio MailServer is running. This address will be used for the
Confirm settings and close the Active Directory console.
To test the configuration, in the Active Directory create a new user in the organization unit for which group policy for the Kerio Outlook Connector installation was set.
Use this user to connect from the client host.
Upon successful connection, installation wizard is opened, a profile is created and then MS Outlook is started. In the dialog just opened, simply enter user password. Both MS Outlook and the Kerio account should now work.
If this procedure fails, please check whether the MSI package and the profile creator script are available from all client computers and that appropriate rights are set.
A reference configuration script:
The following section provides a simple example of a configuration script. If this script does not fit your needs, you can edit it or create a custom one. However, if you are not sure how to make such a script, the suggested example will do for creation of profiles. To help you understand the script better, notes are attached. The comments are marked by the “#” symbol.
#Disabling records in the command line @echo off #Enabling logging in KOFFProfileCreator.LOG echo Profile creator script launched... > "%userprofile%\KOFFProfileCreator.LOG" #The code tests whether the file KOFFProfile.reg supposed to be #created by the script does not already exist on the host. If #such a file already exists there, it will be removed. if exist KOFFProfile.reg ( echo Deleting old KOFFProfile.reg temporary file... >> "%userprofile%\KOFFProfileCreator.LOG" del KOFFProfile.reg >> "%userprofile%\KOFFProfileCreator.LOG" ) #This code calls the operation system's reg utility #and attempts to export the branch of the register containing #the profile of the user currently connected the file #KOFFProfile.reg. If the user exists, the operation #is executed and the file gets created. Otherwise, #the operation fails and the file is not created. call reg export "HKCU\Software\Microsoft\Windows NT\CurrentVersion \Windows Messaging Subsystem\Profiles\%username%" KOFFProfile.reg >> "%userprofile%\KOFFProfileCreator.LOG" #If the previous file is created correctly (which proves correct #export and existence of the profile), the script is closed. if exist KOFFProfile.reg ( del KOFFProfile.reg >> "%userprofile%\KOFFProfileCreator.LOG" exit ) #A record informing of startup of #profile configuration echo Now new profile will be created... >> "%userprofile%\KOFFProfileCreator.LOG" #The script runs the ProfileCreator utility #which creates a profile in a register. The result is also #logged in KOFFProfileCreator.LOG call "%programfiles%\Kerio\Outlook Connector (Offline Edition)\ProfileCreator.exe" /profile=%username%@%userdnsdomain% /host=%1 /user=%username% /offline >> "%userprofile%\KOFFProfileCreator.LOG" #A record informing of start of Outlook is logged echo Profile was created. Now starting MS Outlook... >> "%userprofile%\KOFFProfileCreator.LOG" #The script launches Outlook upon the first user logon. Outlook #recognizes a new profile and user password for Kerio MailServer #is missing for complete configuration. Therefore, it opens the account #configuration dialog where the user can insert the password. "%programfiles%\Microsoft Office\OFFICE11\OUTLOOK.EXE" >> "%userprofile%\KOFFProfileCreator.LOG"
Note: Another useful example of the script is available at
http://mail.company.com/integration). On the Integration with Windows page, you will find a download link for the script ready for automatic configuration of a profile on a workstation. Before you create a custom script, it is recommended to study this version.
Installation on the terminal server is allowed to be done only by an administrator.
Anytime an upgrade of Kerio MailServer is performed, it is necessary that the administrator manually performs an upgrade of the Kerio Outlook Connector on the terminal server. Otherwise, users would not be able to connect to their Kerio accounts.
User email profiles are always stored locally, on their workstations. Their roaming profiles will not work.
When the update is completed, MS Outlook is restarted automatically.
The update process and the restart takes up to two minutes.
The automatic update includes check of versions of Kerio MailServer and the Kerio Outlook Connector. If versions of the server and the client do not match, the user is informed that a different version of Kerio MailServer is installed on the server and that the client should be updated. Upon confirmation, the version is upgraded/updated immediately (or downgraded).
Note: If the server and client differ only in their build numbers (numbers in the notification are the same), the client will work even if the update is rejected. If, however, version numbers are different (for example
6.7.1), Kerio Outlook Connector cannot be started unless updated.
Kerio Outlook Connector (Offline Edition) supports both modes, online and offline. Online mode is the standard MS Outlookmode which requires connection to the Internet. Offline mode allows running of MS Outlook and working there without connection to the Internet. This requires all email, events, tasks, etc. being stored in the local message store on the client station. Upon connection to the Internet, it is possible to synchronized changes with the corresponding account in Kerio MailServer.
The offline mode is helpful especially for users with notebooks who make frequent business trips and need their email accounts even when they are not currently connected to the Internet. Upon switching to online mode, all new messages, events and tasks are synchronized with the server's store automatically.
By default, the online mode is set in MS Outlook. To switch to the offline mode, click on Work offline in the File menu available on the main toolbar.
If you closeMS Outlook in the offline mode, it will be opened in offline mode next time it is started. If you want to change this, disable the offline mode manually in the File menu.
Kerio Outlook Connector (Offline Edition) informs of switching between online and offline modes and about current synchronization progress and status by a special icon in the systray's notification area (see figure 33.6 Synchronization status). The icon informs about the following situations:
Synchronization in progress — arrows are displayed at the icon.
MS Outlook is running in the offline mode — grey down-arrow is displayed at the icon.
MS Outlook lost connection to the server — red cross is displayed over the icon.
If the synchronization is not running and MS Outlook is running in the online mode, the icon is hidden.
Any folder saved in Kerio MailServer can be synchronized in any of these two modes:
Full synchronization of the folder.
Synchronization of message header and body in plain text.
In default mode, synchronization of Kerio MailServer and the Kerio Outlook Connector works as follows:
Inbox — whole messages are synchronized.
Other email folders — only message headers and body in plain text are synchronized.
Events — whole events are synchronized.
Contacts — whole contacts are synchronized.
Tasks — whole tasks are synchronized.
Notes — whole notes are synchronized.
Default synchronization mode can be changed (adjusted) in properties of individual folders:
Right-click the selected folder and choose Properties from the pop-up menu.
In the Properties window switch to the Folder Synchronization tab (see figure 33.7 Folder synchronization settings).
If you do not wish to synchronize the folder at all, disable the Enable synchronization of the folder option. However, any items already included in the folder will be kept synchronized.
Conflicts are situations where a message, event or another item is changed separately both on the server and in Kerio Outlook Connector in the interval between synchronizations (synchronization is started in defined periods). In such cases, the server is not capable of recognizing which change is the wanted (later) one.
If a conflict occurs during synchronization, the winning item (the one selected to overwrite the other) is saved to a corresponding delivery folder. The beaten item is saved in a special folder called Conflicts. This folder is available only in MS Outlook. This implies that it is not available in Kerio WebMail or another email client.
Both items can be easily compared to select the correct one. If the server have primarily selected the wrong version (the older one), it is possible to move it from the Conflicts folder to the correct directory manually and simply remove the other version.
Each conflict is announced by a special message sent to MS Outlook. Its subject is Message in conflict!. Conflict information includes name of the message, event, contact or another item in conflict and its location in mailbox (folder). Local version of the item is moved to the Conflicts folder. If this version is up-to-date, exchange it with the version in the particular folder.