2019-09-18 23:30:03 -05:00
# iRedMail Easy: Create AD account for iRedMail
2018-09-20 04:50:58 -05:00
[TOC]
## Summary
With iRedMail (ad backend), we need two accounts, admin account with all privileges, low-privileged account with read-only privilege.
In this tutorial, we will show you how to create account in AD, with strong and complex password.
- low-privileged account `vmail` .
- admin account `vmailadmin` .
This tutorial has been tested on:
- Windows Server 2012
If it works for you on different Windows Server version, please let us know.
## Create low-privileged account.
- Click `Start` on bottom-left corner of your Windows OS, click `Server Manager` .
2018-09-26 05:47:58 -05:00
![](./images/ad/start-server-manager.png)
2018-09-20 04:50:58 -05:00
- Click `Tools` on top-right corner, click `Active Directory Domains and Trusts` .
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_1.png)
2018-09-20 04:50:58 -05:00
- Right click your AD domain, here is `iredmail.org` , then click `Manage` .
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_2.png)
2018-09-20 04:50:58 -05:00
- At the new windows, right click `Users` --> `New` --> `User` .
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_3.png)
2018-09-20 04:50:58 -05:00
- Input `vmail` account info, click `Next` .
2018-11-15 09:43:28 -06:00
![](./images/ad/read_only_account_1.png)
2018-09-20 04:50:58 -05:00
- Input `vmail` account passowrd, and select `Password never expires` , click `Next` .
2018-11-15 09:43:28 -06:00
![](./images/ad/read_only_account_2.png)
2018-09-20 04:50:58 -05:00
- Click `Finish` to confirm.
2018-11-15 09:43:28 -06:00
![](./images/ad/read_only_account_3.png)
2018-09-20 04:50:58 -05:00
- Now account `vmail` has created, we will set read-only permission for `vmail` , right click your AD domian here is `iredmail.org` , and select `Delegate Control...` .
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_4.png)
2018-09-20 04:50:58 -05:00
2019-06-06 02:36:43 -05:00
- Click `Next` .
2018-09-20 04:50:58 -05:00
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_5.png)
2018-09-20 04:50:58 -05:00
- Click `Add` .
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_6.png)
2018-09-20 04:50:58 -05:00
- Input read-only account `vmail` , and click `Ok` .
2018-11-15 09:43:28 -06:00
![](./images/ad/read_only_account_4.png)
2018-09-20 04:50:58 -05:00
- Click `Next` .
2018-11-15 09:43:28 -06:00
![](./images/ad/read_only_account_5.png)
2018-09-20 04:50:58 -05:00
- Select `"Read all user information"` , click `Next` .
2018-11-15 09:43:28 -06:00
![](./images/ad/read_only_account_6.png)
2018-09-20 04:50:58 -05:00
- Click `Finish` to confirm.
2018-11-15 09:43:28 -06:00
![](./images/ad/read_only_account_7.png)
2018-09-20 04:50:58 -05:00
- Low-privileged account `vmail` created.
## Create admin account.
- Click `Start` on bottom-left corner of your Windows OS, click `Server Manager` .
2018-09-26 05:47:58 -05:00
![](./images/ad/start-server-manager.png)
2018-09-20 04:50:58 -05:00
- Click `Tools` on top-right corner, click `Active Directory Domains and Trusts` .
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_1.png)
2018-09-20 04:50:58 -05:00
- Right click your AD domain, here is `iredmail.org` , then click `Manage` .
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_2.png)
2018-09-20 04:50:58 -05:00
- At the new windows, right click `Users` --> `New` --> `User` .
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_3.png)
2018-09-20 04:50:58 -05:00
- Input `vmailadmin` account info, click `Next` .
2018-11-15 09:43:28 -06:00
![](./images/ad/admin_account_1.png)
2018-09-20 04:50:58 -05:00
- Input `vmailadmin` account passowrd, and select `Password never expires` , click `Next` .
2018-11-15 09:43:28 -06:00
![](./images/ad/admin_account_2.png)
2018-09-20 04:50:58 -05:00
- Click `Finish` to confirm.
2018-11-15 09:43:28 -06:00
![](./images/ad/admin_account_3.png)
2018-09-20 04:50:58 -05:00
- Now account `vmailadmin` has created, we will set read-only permission for `vmail` , right click your AD domian here is `iredmail.org` , and select `Delegate Control...` .
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_4.png)
2018-09-20 04:50:58 -05:00
2019-06-06 02:36:43 -05:00
- Click `Next` .
2018-09-20 04:50:58 -05:00
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_5.png)
2018-09-20 04:50:58 -05:00
- Click `Add` .
2018-11-15 09:43:28 -06:00
![](./images/ad/create_ad_account_6.png)
2018-09-20 04:50:58 -05:00
- Input admin account `vmailadmin` , and click `Ok` .
2018-11-15 09:43:28 -06:00
![](./images/ad/admin_account_4.png)
2018-09-20 04:50:58 -05:00
- Click `Next` .
2018-11-15 09:43:28 -06:00
![](./images/ad/admin_account_5.png)
2018-09-20 04:50:58 -05:00
- Select `"Create, delete, and manage user accounts"` , `"Reset user passowords and force password change at next logon"` , `"Read all user information"` , click `Next` .
2018-11-15 09:43:28 -06:00
![](./images/ad/admin_account_6.png)
2018-09-20 04:50:58 -05:00
- Click `Finish` to confirm.
2018-11-15 09:43:28 -06:00
![](./images/ad/admin_account_7.png)
2018-09-20 04:50:58 -05:00
- Low-privileged account `vmailadmin` created.