elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add doc for create ad account and set permissions.

This commit is contained in:
Vzer Zhang 2018-09-20 17:50:58 +08:00
parent 54ede2bd56
commit 7999e71e0a
22 changed files with 149 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

149
en_US/cloud/0-cloud-create.ad.account.md Normal file
View File

@ -0,0 +1,149 @@
# Create AD account for iRedMail
[TOC]
## Summary
With iRedMail (ad backend), we need two accounts, admin account with all privileges, low-privileged account with read-only privilege.
In this tutorial, we will show you how to create account in AD, with strong and complex password.
- low-privileged account `vmail`.
- admin account `vmailadmin`.
This tutorial has been tested on:
- Windows Server 2012
If it works for you on different Windows Server version, please let us know.
## Create low-privileged account.
- Click `Start` on bottom-left corner of your Windows OS, click `Server Manager`.
![](./images/create.ad.account/start-server-manager.png)
- Click `Tools` on top-right corner, click `Active Directory Domains and Trusts`.
![](./images/create.ad.account/create_ad_account_1.png)
- Right click your AD domain, here is `iredmail.org`, then click `Manage`.
![](./images/create.ad.account/create_ad_account_2.png)
- At the new windows, right click `Users` --> `New` --> `User`.
![](./images/create.ad.account/create_ad_account_3.png)
- Input `vmail` account info, click `Next`.
![](./images/create.ad.account/read_only_account_1.png)
- Input `vmail` account passowrd, and select `Password never expires`, click `Next`.
![](./images/create.ad.account/read_only_account_2.png)
- Click `Finish` to confirm.
![](./images/create.ad.account/read_only_account_3.png)
- Now account `vmail` has created, we will set read-only permission for `vmail`, right click your AD domian here is `iredmail.org`, and select `Delegate Control...`.
![](./images/create.ad.account/create_ad_account_4.png)
- Click `Next`.
![](./images/create.ad.account/create_ad_account_5.png)
- Click `Add`.
![](./images/create.ad.account/create_ad_account_6.png)
- Input read-only account `vmail`, and click `Ok`.
![](./images/create.ad.account/read_only_account_4.png)
- Click `Next`.
![](./images/create.ad.account/read_only_account_5.png)
- Select `"Read all user information"`, click `Next`.
![](./images/create.ad.account/read_only_account_6.png)
- Click `Finish` to confirm.
![](./images/create.ad.account/read_only_account_7.png)
- Low-privileged account `vmail` created.
## Create admin account.
- Click `Start` on bottom-left corner of your Windows OS, click `Server Manager`.
![](./images/create.ad.account/start-server-manager.png)
- Click `Tools` on top-right corner, click `Active Directory Domains and Trusts`.
![](./images/create.ad.account/create_ad_account_1.png)
- Right click your AD domain, here is `iredmail.org`, then click `Manage`.
![](./images/create.ad.account/create_ad_account_2.png)
- At the new windows, right click `Users` --> `New` --> `User`.
![](./images/create.ad.account/create_ad_account_3.png)
- Input `vmailadmin` account info, click `Next`.
![](./images/create.ad.account/admin_account_1.png)
- Input `vmailadmin` account passowrd, and select `Password never expires`, click `Next`.
![](./images/create.ad.account/admin_account_2.png)
- Click `Finish` to confirm.
![](./images/create.ad.account/admin_account_3.png)
- Now account `vmailadmin` has created, we will set read-only permission for `vmail`, right click your AD domian here is `iredmail.org`, and select `Delegate Control...`.
![](./images/create.ad.account/create_ad_account_4.png)
- Click `Next`.
![](./images/create.ad.account/create_ad_account_5.png)
- Click `Add`.
![](./images/create.ad.account/create_ad_account_6.png)
- Input admin account `vmailadmin`, and click `Ok`.
![](./images/create.ad.account/admin_account_4.png)
- Click `Next`.
![](./images/create.ad.account/admin_account_5.png)
- Select `"Createdelete, and manage user accounts"`, `"Reset user passowords and force password change at next logon"`, `"Read all user information"`, click `Next`.
![](./images/create.ad.account/admin_account_6.png)
- Click `Finish` to confirm.
![](./images/create.ad.account/admin_account_7.png)
- Low-privileged account `vmailadmin` created.

BIN
html/images/create.ad.account/admin_account_1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 31 KiB

BIN
html/images/create.ad.account/admin_account_2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 31 KiB

BIN
html/images/create.ad.account/admin_account_3.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 30 KiB

BIN
html/images/create.ad.account/admin_account_4.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

BIN
html/images/create.ad.account/admin_account_5.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB

BIN
html/images/create.ad.account/admin_account_6.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 22 KiB

BIN
html/images/create.ad.account/admin_account_7.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 36 KiB

BIN
html/images/create.ad.account/create_ad_account_1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 68 KiB

BIN
html/images/create.ad.account/create_ad_account_2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 19 KiB

BIN
html/images/create.ad.account/create_ad_account_3.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 47 KiB

BIN
html/images/create.ad.account/create_ad_account_4.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 50 KiB

BIN
html/images/create.ad.account/create_ad_account_5.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 43 KiB

BIN
html/images/create.ad.account/create_ad_account_6.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 25 KiB

BIN
html/images/create.ad.account/read_only_account_1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 31 KiB

BIN
html/images/create.ad.account/read_only_account_2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 31 KiB

BIN
html/images/create.ad.account/read_only_account_3.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 30 KiB

BIN
html/images/create.ad.account/read_only_account_4.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB

BIN
html/images/create.ad.account/read_only_account_5.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 25 KiB

BIN
html/images/create.ad.account/read_only_account_6.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 32 KiB

BIN
html/images/create.ad.account/read_only_account_7.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 47 KiB

BIN
html/images/create.ad.account/start-server-manager.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 8.3 KiB