Managing ZCS Configuration: Difference between revisions

No edit summary
 
(18 intermediate revisions by 2 users not shown)
Line 1: Line 1:
This chapter describes the following functions used to manage the Zimbra Collaboration Suite. Features can be managed from either the administration console or from the CLI utility.
{{Archive}}To see the most up-to-date ZCS Configuration documentation for your release, go to the [[Zimbra_Documentation_Links]] page and in the Administration Guide section, select Managing ZCS Configurations.


<div class="Bulleted1_outer">
[[Category:Configuration]]
 
{| id="SummaryNotRequired_np1041366"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Global configuration</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1041370"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Domains</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1041371"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Servers</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1041372"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">User Accounts</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1068342"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Resource Accounts</div>
|}
 
</div><div class="Body">
 
<span style="font-weight: bold;">Help</span> is available from the administration console about how to perform tasks from the administration console. If the task is only available from the CLI, see Appendix A for a description of how to use the CLI utility.
 
</div><div class="a_0031Heading">
 
==Managing Global Configurations==
 
</div><div class="BodyAfterHead">
 
<span class="attribute">Global Settings</span> control default global rules that apply to accounts in the Zimbra servers. These are set during installation. The settings can be modified from the administration console.
 
</div><div class="Body">
 
Global settings include the following tabs:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1042695"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">General </div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1042895"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Attachments</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1038270"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">MTA </div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1042675"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Pop </div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1042678"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">IMAP </div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1042691"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Anti-Spam</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1042692"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Anti-Virus</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1069554"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">HSM</div>
|}
 
</div><div class="Notice">
 
<span class="Bold">Note: </span>Configurations set in Global Settings define inherited default values for the following objects: server, account, COS, and domain. If these attributes are set in the COS or Account set up, they override the global settings.
 
</div><div class="a_0032Heading">
 
===='''General Tab'''====
 
</div><div class="BodyAfterHead">
 
In the General tab configure the<span style="font-weight: bold;"> Most results returned by GAL search</span> field, which sets a global ceiling for the number of GAL results returned from a user search. The default is 100 results per search.
 
</div><div class="a_0032Heading">
 
===='''Attachments Tab'''====
 
</div><div class="Body">
 
The <span class="attribute">Attachments</span> tab can be configured with global rules to reject mail with files attached, to convert attachments to HTML for viewing, and to disable viewing files attached to mail messages in users’ mailboxes. When attachment settings are configured in Global Settings, the global rule takes precedence over COS and Account settings.
 
</div><div class="Body">
 
If <span style="font-weight: bold;">Disable attachment viewing from web mail UI</span> is enabled, users cannot view any attachments in their mailbox. You can set this global setting to prevent a virus outbreak if you think that mail has already been sent.
 
</div><div class="Body">
 
If <span style="font-weight: bold;">Convert attachments to HTML for viewing</span> is enabled, users can view attachments as HTML, as well as in the original format if available on their computer.
 
</div><div class="Body">
 
<span style="font-weight: bold;">Reject messages with attachment extension</span> lets you select which file types are unauthorized for all accounts. The most common extensions are listed. You can also add different extension types to the list. Messages with those type of files attached are rejected and the sender gets a bounce notice. The recipient does not get the mail message and is not notified.
 
</div><div class="Notice">
 
<span class="Bold">Note: </span>Zimbra also supports the following types of attachment blocking:
 
</div><div class="Bulleted3_outer">
 
{| id="SummaryNotRequired_np1068287"
|
<div class="Bulleted3_inner" style="width: 17.999999999999996pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted3_inner"><span style="font-weight: bold;">Class of Service</span>, to disable attachment viewing for members of that COS</div>
|}
 
</div><div class="Bulleted3_outer">
 
{| id="SummaryNotRequired_np1068288"
|
<div class="Bulleted3_inner" style="width: 17.999999999999996pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted3_inner"><span style="font-weight: bold;">Accounts</span>, to disable attachment viewing for individual accounts</div>
|}
 
</div><div class="a_0032Heading">
 
====MTA Tab====
 
</div><div class="BodyAfterHead">
 
The MTA tab is used to enable or disable authentication and configure a relay hostname, the maximum message size, enable DNS lookup, protocol checks, and DNS checks. For a description of Zimbra MTA, see <span class="WebJump">[../6_mta.5.1.html#1019719  Zimbra ]</span><span class="WebJump">[../6_mta.5.1.html#1019719 MTA]</span><span class="WebJump">.</span>
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1038278"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Authentication should be enabled, to support mobile SMTP authentication users so that their email client can talk to the Zimbra MTA.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1043289"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span class="attribute">TLS authentication only</span> forces all SMTP auth to use Transaction Level Security to avoid passing passwords in the clear.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1043316"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">The <span class="attribute">Relay MTA for external delivery </span>is the relay host name. This is the Zimbra MTA to which Postfix relays non-local email. </div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065307"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">If <span class="attribute">Enable DNS lookups</span> is checked, the Zimbra MTA makes an explicit DNS query for the MX record of the recipient domain. If this option is disabled, set a relay host in the Relay MTA for external delivery. </div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1043308"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">The <span style="font-weight: bold;">Protocol</span> fields are checked to reject unsolicited commercial email (UCE), for SPAM control.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1045934"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">The <span style="font-weight: bold;">DNS</span> fields are checked to reject mail, if the client’s IP address is unknown, the hostname in the greeting is unknown and/or if the sender’s domain is unknown.</div>
|}
 
</div><div class="a_0032Heading">
 
====POP Tab====
 
</div><div class="BodyAfterHead">
 
POP3 (Post Office Protocol) can be enabled to allow users with a POP client to retrieve their mail stored on the Zimbra server and download new mail to their computer after messages are downloaded. The POP configuration determines if messages are deleted from the Zimbra server.
 
</div><div class="a_0032Heading">
 
====IMAP Tab====
 
</div><div class="BodyAfterHead">
 
The Internet Message Access Protocol (IMAP) can be enabled to allow users with an IMAP client to access their mail stored on the Zimbra mailbox server from more than one computer. Messages are stored on the mailbox server.
 
</div><div class="a_0032Heading">
 
====Anti-Spam Tab====
 
<div class="Body">
 
Anti-spam protection can be enabled for each server when the Zimbra software is installed. The following options are configured:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1046809"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Kill percent at 75%. Mail that is scored at 75% is considered spam and is not delivered.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1046810"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Tag percent at 33%. Mail that is scored at 33% is considered spam and is delivered to the Junk folder. </div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1046811"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Subject prefix field is blank. The prefix entered in this field is added to the subject line for messages tagged as spam. </div>
|}
 
</div><div class="Body">
 
When a message is tagged as spam, the message is delivered to the recipient’s Junk folder. Users can view the number of unread messages that are in their Junk folder and can open the Junk folder to review the messages marked as spam. If you have the anti-spam training filters enabled, when they add or remove messages in the Junk folder, their action helps train the spam filter. See [[Zimbra MTA]] “Anti-Spam Protection”.
 
</div><div class="BodyAfterHead">
 
RBL (Real time black-hole lists) can be turned on or off in SpamAssassin from the Zimbra CLI. See [[Zimbra MTA]] “To turn RBL on”.
 
</div><div class="a_0032Heading">
 
====Anti-Virus Tab====
 
</div><div class="Body">
 
Anti-virus protection is enabled for each server when the Zimbra software is installed. The global settings for the anti-virus protection is configured with these options enabled:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065329"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span style="font-weight: bold;">Block encrypted archives</span>, such as password protected zipped files.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065399"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span style="font-weight: bold;">Send notification to recipient</span> to alert that a mail message had a virus and was not delivered.</div>
|}
 
</div><div class="Body">
 
During ZCS installation, the administrator notification address for anti-virus alerts is configured. The default is to set up the admin account to receive the notification. When a virus has been found, a notification is automatically sent to that address.
 
</div><div class="Body">
 
By default, the Zimbra MTA checks every two hours for any new anti-virus updates from ClamAV. The frequency can be set between 1 and 24 hours.
 
</div><div class="Notice">
 
<span class="Bold">Note: </span>Updates are obtained via HTTP from the ClamAV website.
 
</div><div class="a_0032Heading">
 
====HSM====
 
</div><div class="Body">
 
Hierarchical Storage Management (HSM) can be configured as a secondary storage volume for older messages. To manage your email storage resources, you can implement a different HSM policy for each mailbox server. Messages and attachments are moved from a primary volume to the current secondary volume based on the age of the message. Users are not aware of any change and do not see any noticeable difference when opening an older message that has been moved.
 
</div><div class="Body">
 
The message age threshold for HSM can be set globally from the HSM tab or for individual servers from the Server, Volume tab.The thresholds configured on individual servers override the threshold configured as the global setting.
 
</div><div class="Body">
 
Sessions to move messages to the secondary volume can be scheduled in your cron table and you can manually start a session from the administration console, Servers, Volume tab. From the administration console you can manually start a session, monitor sessions, and abort sessions that are in progress.
 
</div><div class="a_0031Heading">
 
==Managing Domains==
 
</div><div class="Body">
 
One domain is identified during the installation process and additional domains can be easily added to the Zimbra system from the administration console. For domains, you configure the Global Address List mode and the authentication mode.
 
</div><div class="Body">
 
The administration console can also be used to edit domain information or to remove a domain.
 
</div><div class="a_0032Heading">
 
====Global Address List (GAL) Mode====
 
</div><div class="Body">
 
The Global Address List (GAL) is your company directory.
 
</div><div class="Body">
 
GAL is configured on a per-domain basis. The GAL mode setting for each domain determines where the GAL lookup is performed. Select one of the following GAL configurations:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065640"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span style="font-weight: bold;">Internal</span>. The Zimbra LDAP server is used for directory lookups.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065643"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span style="font-weight: bold;">External</span>. External directory servers are used for GAL lookups. You can configure multiple external LDAP hosts for GAL. All other directory services use the Zimbra LDAP service (configuration, mail routing, etc.).</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065646"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span style="font-weight: bold;">Both</span>. Internal and external directory servers are used for GAL lookups.</div>
|}
 
</div><div class="Body">
 
A GAL configuration wizard<span style="font-weight: bold;"> </span>steps you through configuring the GAL mode and to set the maximum number of results returned for a search in GAL.
 
</div><div class="a_0032Heading">
 
====Authentication Modes====
 
</div><div class="Body">
 
Authentication is the process of identifying a user or a server to the directory server and granting access to legitimate users based on user name and password information provided when users log in. Zimbra Collaboration Suite offers the following three authentication mechanisms:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065486"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span style="font-weight: bold;">Internal</span>. The Internal authentication uses the Zimbra directory server for authentication on the domain. When you select Internal, no other configuration is required.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065489"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span style="font-weight: bold;">External LDAP</span>. The user name and password is the authentication information supplied in the bind operation to the directory server. You must configure the LDAP URL, LDAP filter, and wither to use DN password to bind to the external server.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065625"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span style="font-weight: bold;">External Active Directory</span>. The user name and password is the authentication information supplied to the Active Directory server. You identify the Active Directory domain name and URL.</div>
|}
 
</div><div class="Body">
 
On the administration console, you use an authentication wizard to configure the authentication settings on your domain.
 
</div><div class="a_0031Heading">
 
==Managing Servers==
 
</div><div class="Body">
 
A server is a machine that has one or more of the Zimbra service packages installed. During the installation, the Zimbra server is automatically registered on the LDAP server.
 
</div><div class="Body">
 
You can view the current status of all the servers that are configured with Zimbra software, and you can edit or delete existing server records. You cannot add servers directly to LDAP. The Zimbra Installation program must be used to add new servers because the installer packages are designed to register the new host at the time of installation.
 
</div><div class="Body">
 
Server settings include the following tabs:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065806"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">General</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065810"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Services</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065811"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">MTA</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065812"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">IMAP</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065818"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">POP</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1065819"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Volumes</div>
|}
 
</div><div class="Body">
 
Servers inherit global settings if those values are not set in the server configuration. Settings that can be inherited from the Global configuration include MTA, SMTP, IMAP, POP, anti-virus, and anti-spam configurations.
 
</div><div class="a_0032Heading">
 
====General Tab====
 
</div><div class="BodyAfterHead">
 
The General tab includes the server display name, the server hostname, and LMTP information including name and IP address if configured.
 
</div><div class="a_0032Heading">
 
====Services Tab====
 
</div><div class="BodyAfterHead">
 
The Services tab shows the Zimbra services. A check mark identifies the services that are enabled for the selected server, including LDAP, Mailbox, MTA, SNMP, Logger, Spell, Anti-Virus, and Anti-Spam.
 
</div><div class="a_0032Heading">
 
====MTA Tab====
 
</div><div class="BodyAfterHead">
 
From the MTA tab, you can enable or disable authentication, configure the Web mail MTA hostname, set Web mail MTA timeout, the relay MTA for external delivery and disable DNS lookup for the server.
 
</div><div class="a_0032Heading">
 
====IMAP and POP Tabs====
 
</div><div class="Body">
 
From these tabs, you can configure IMAP and POP availability on a per server basis.
 
</div><div class="a_0032Heading">
 
====Volume Tab====
 
</div><div class="BodyAfterHead">
 
The Volume tab can be used to manage storage volumes on your Zimbra Mailbox server. When Zimbra Collaboration Suite is installed, one index volume and one message volume are configured on each mailbox server. You can add new volumes, set the volume type, and set the compression threshold
 
</div><div class="a_0033Heading">
 
=====Index Volume=====
 
</div><div class="BodyAfterHead">
 
Each Zimbra mailbox server is configured with one current index volume. Each mailbox is assigned to a permanent index directory on the current index volume. When an account is created, the current index volume is automatically defined for the account. You cannot change which index volume the account is assigned.
 
</div><div class="Body">
 
As volumes become full, you can create a new current index volume for new accounts. When a new current index volume is added, the older index volume is no longer assigned new accounts.
 
</div><div class="Body">
 
Index volumes not marked current are still actively in use as the index volumes for accounts assigned to them. Any index volume that is referenced by a mailbox as it's index volume cannot be deleted.
 
</div><div class="a_0033Heading">
 
=====Message Volume=====
 
</div><div class="BodyAfterHead">
 
When a new message is delivered or created, the message is saved in the current message volume. Additional message volumes can be created, but only one is configured as the current volume where new messages are stored. When the volume is full, you can configure a new current message volume. The current message volume receives all new messages. New messages are never stored in the previous volume.
 
</div><div class="Body">
 
A current volume cannot be deleted. and message volumes that have messages referencing the volume cannot be deleted.
 
</div><div class="a_0031Heading">
 
==Managing User Accounts==
 
</div><div class="Body">
 
Managing accounts in the Zimbra system allows you to create accounts and change features easily from the administration console or by using the <span class="Code">zmprov</span> command-line tool described in Appendix A.
 
</div><div class="BodyAfterHead">
 
From the administration console you can manage user accounts as follows:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1039940"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Quickly create new accounts with the <span class="attributes">New Account Wizard</span></div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1039962"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span class="attributes" style="font-weight: normal;">F</span>ind a specific account using the <span style="font-weight: bold;">Search </span>feature</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1039967"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Change account information</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1050711"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Create and change alias addresses</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1043583"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Change password for a selected account</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1043584"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">View an account’s mailbox </div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1043890"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Change an account’s status</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1069578"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Restore a mailbox</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1039973"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Delete an account</div>
|}
 
</div><div class="Body">
 
See the <span class="WebJump">[../configuring%20mailbox%20features.8.1.html#1019719  Managing Mailbox Features]</span>, for descriptions of the mailbox features that can be configured.
 
</div><div class="a_0032Heading">
 
===Using Search===
 
</div><div class="BodyAfterHead">
 
Search is used to quickly locate individual accounts, aliases, distribution lists, and resources on the LDAP server. Search by display name, first name, last name, the first part of the email address, alias, or delivery address. If you do not know the complete name, you can enter a partial name. Partial names can result in a list that has the partial name string anywhere in the information.
 
</div><div class="Body">
 
You can also use the Zimbra mailbox ID number to search for an account. To return a search from a mailbox ID, the complete ID string must be entered in the search.
 
</div><div class="a_0032Heading">
 
===Adding user accounts===
 
</div><div class="BodyAfterHead">
 
If you are using the administration console, the New Account Wizard steps you through the account information to be completed. Before you add an user account, you should determine what features and access privileges should be assigned. You configure the following type of information:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040166"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">General information, including account name, class of service to be assigned, password</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040170"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Contact information, including phone number, company name and address</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040174"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Aliases to be used</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040175"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Forwarding directions</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040176"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Features and preferences available for this specific account. Changes made at the account level override the rules in the COS assigned to the account.</div>
|}
 
</div><div class="Body">
 
Creating an account sets up the appropriate entries on the Zimbra LDAP directory server. When the end-user logs in for the first time or when an email is delivered to the user’s account, the mailbox is created on the mailbox server.
 
</div><div class="a_0033Heading">
 
====Batch Provisioning from the CLI Utility====
 
</div><div class="BodyAfterHead">
 
For provisioning many accounts at once, you create a formatted text file with the user names. This file runs through a script, using the CLI command, <span class="Code">zmprov</span>. The <span class="Code">zmprov</span> utility provisions one account at a time.
 
</div><div class="Body">
 
Create a text file with the list of the accounts you want to add. Each account should be typed in the format of ca (Create Account), email address, empty password. For example,<span class="Code"> ca name@company.com ‘’</span><span style="font-style: italic;">’</span>
 
</div><div class="Notice">
 
<span class="Bold">Note: </span>In this example, the empty single quote indicates that there is no local password.
 
</div><div class="Body">
 
When the text file includes all the names to provision, log on to the Zimbra server and type the CLI command
 
</div><div class="Body" style="color: #000000; font-family: "Times New Roman"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: bold; text-transform: normal; vertical-align: baseline;">
 
<span class="Code">zmprov <accounts.txt</span>
 
</div><div class="Body">
 
Each of the names listed in the text file will be provisioned.
 
</div><div class="Body">
 
See the CLI commands for additional syntax definitions.
 
</div><div class="a_0032Heading">
 
===Manage Aliases===
 
</div><div class="BodyAfterHead">
 
Manage and view all created aliases from the Aliases content pane. You can see to which account an alias is configured. From the Alias toolbar, you can move an alias from one account to another.
 
</div><div class="a_0032Heading">
 
===Distribution Lists===
 
</div><div class="BodyAfterHead">
 
A distribution list is a group of email addresses contained in a list with a common email address. Distribution lists can be added, changed and deleted from the administration console.
 
</div><div class="a_0032Heading">
 
===Class of Service===
 
</div><div class="Body">
 
Class of Service (COS) is a Zimbra-specific object that determines what default attributes a Zimbra Web Client email account has and what features are added or denied. The COS controls mailbox quotas, message lifetime, password restrictions, attachment blocking, and server pools for creation of new accounts.
 
</div><div class="Body">
 
A default COS is automatically created during the installation of Zimbra software. You can modify the default COS to set the attributes to your email restrictions, and you can create new COSs to assign to accounts.
 
</div><div class="Body">
 
Each account is assigned one class of service. When an account is created, if the COS is not explicitly set, the default COS is assigned. Also, if the COS assigned to the user no longer exists, the account is automatically assigned the default COS.
 
</div><div class="Notice">
 
<span class="Bold">Note: </span>COS settings assigned to an account are not enforced for IMAP clients.
 
</div><div class="Body">
 
A COS is global and is not restricted to a particular domain or set of domains.
 
</div><div class="Body">
 
Assigning a COS to an account quickly configures account features and restrictions. Some of the COS settings can be overridden either by global settings or by user settings. For example:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040498"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Whether outgoing messages are saved to <span class="attributes">Sent</span> can be changed in the user <span class="attributes">Options</span>.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040511"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Attachment blocking set as a global setting can override the COS setting.</div>
|}
 
</div><div class="Body">See the Administration Console Help for a complete description of the fields in a class of service object. </div><div class="a_0033Heading">
 
====Distributing Accounts Across Servers====
 
</div><div class="BodyAfterHead">
 
In an environment with multiple mailbox servers, the class of service is used to assign a new account to a mailbox server. The COS server pool tab lists the mailbox servers in your Zimbra environment. When you configure the COS, you select which servers to add to the server pool. Within each pool of servers, a random algorithm assigns new mailboxes to any available server.
 
</div><div class="Notice">
 
<span class="Bold">Note: </span>You can assign an account to a particular server when you create an account in the New Account Wizard, Mail Server field.
 
</div><div class="a_0032Heading">
 
===Changing Password===
 
</div><div class="Body">
 
Password restrictions can be set either at the COS level or at the account level. You can configure the following password rules:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040731"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Password length. The default is minimum 6, maximum 64. The password is case sensitive.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040735"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">When passwords expire. The Zimbra default is to never expire the password.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040736"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">How frequently a password can be reused. The default password history allows the password to be reused.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1040776"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Password locked. Password cannot be changed.</div>
|}
 
</div><div class="a_0032Heading">
 
===View an Account’s Mailbox===
 
</div><div class="BodyAfterHead">
 
<span style="font-weight: bold;">View Mail</span> in Accounts lets you view the selected account’s mailbox content, including all folders, calendar entries, and tags. This feature can be used to assist users who are having trouble with their mail account as you and the account user can be logged on to the account.
 
</div><div class="Body">
 
Any View Mail action to access an account is logged to the <span style="font-style: italic;">audit.log</span> file.
 
</div><div class="a_0032Heading">
 
===Changing an Account’s Status===
 
</div><div class="Body">
 
Account status determines whether a user can log in and receive mail. The account status is displayed when account names are listed on the Accounts content pane.
 
</div><div class="Body">
 
The following account statuses can be set:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1046253"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span class="attribute">Active</span>. Active is the normal status for a mailbox account. Mail is delivered and users can log into the client interface.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1046280"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span class="attribute">Maintenance</span>. When a mailbox status is set to maintenance, login is disabled, and mail addressed to the account is queued at the MTA. An account can be set to maintenance mode for backing up, importing or restoring the mailbox.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1046281"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span class="attribute">Locked</span>. When a mailbox status is locked, the user cannot log in, but mail is still delivered to the account. The locked status can be set, if you suspect that a mail account has been hacked or is being used in an unauthorized manner.</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1046261"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner"><span class="attribute">Closed</span>. When a mailbox status is closed, the login is disabled, and messages are bounced. This status is used to soft-delete an account before deleting it from the server.</div>
|}
 
</div><div class="a_0032Heading">
 
===Enforcing Mailbox and Contact Quotas===
 
</div><div class="Body">
 
You can specify mailbox quotas and the number of contacts allowed for each account through the Zimbra administration console. These limits can be set in the Class of Service or on a per-account basis on the Advanced page.
 
</div><div class="Body">
 
Account quota is the amount of space in megabytes that an account can use. The quota includes email messages and calendar meetings. When the quota is reached, all email messages are rejected. You can view mailbox quotas from the administration console, Monitoring, Server Statistics.
 
</div><div class="Body">
 
The address book size limit field sets the maximum number of contacts a user can have in their personal contacts list.
 
</div><div class="a_0032Heading">
 
===Moving a Mailbox===
 
</div><div class="Body">
 
You can move a mailbox from one server to another without taking down the servers. The migration tool,<span class="Code"> zmmailboxmove</span>, is provided through a command-line interface as described in Appendix A.
 
</div><div class="Body">
 
The migration tool does the following:
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1069588"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Puts the mailbox into maintenance mode. In this mode, incoming and outgoing messages are queued but not delivered or sent, and the user will be temporarily unable to access the mailbox</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1069589"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Packs up the mailbox’s Message Store directory and Index directory on the source server</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1069590"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Marks all rows associated with the mailbox in the Data Store on the source server</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1069591"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Creates the new entries and directories on the target server</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1069592"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Updates the routing information for mail delivery</div>
|}
 
</div><div class="Bulleted1_outer">
 
{| id="SummaryNotRequired_np1069593"
|
<div class="Bulleted1_inner" style="width: 14.4pt; white-space: nowrap;"><span class="BulletSymbol">• </span></div>
| width="100%" |
<div class="Bulleted1_inner">Puts the mailbox back into the active mode</div>
|}
 
</div><div class="a_0031Heading">
 
==Managing Resources==
 
</div><div class="BodyAfterHead">
 
A resource is a location or piece of equipment that can be scheduled for a meeting. The resource has its own mailbox address and accepts or rejects invitations automatically. Accounts with the Calendar feature can select resources for their meetings.
 
</div><div class="Body">
 
You create resources and manage their use from the administration console. A Resource Wizard guides you through the resource configuration, including designating the type of resource, the scheduling policy, the location, and a description.
 
</div><div class="Body">
 
To schedule a resource or location, users invite the equipment and/or location to a meeting. When they select the resource, they can view the notes about the resource and view free/busy status for the resource, if set up. When the meeting invite is sent, an email is sent to the resource account, and if the resource is free, the meeting is automatically entered in the resource’s calendar.
 
</div><div class="Body"> </div>

Latest revision as of 22:57, 23 March 2015

To see the most up-to-date ZCS Configuration documentation for your release, go to the Zimbra_Documentation_Links page and in the Administration Guide section, select Managing ZCS Configurations.

Jump to: navigation, search